VeriSentraVeriSentra

Documentation

Everything you need to know about protecting your sensitive data with VeriSentra.

Getting Started

VeriSentra is a Chrome extension that protects your sensitive data from accidentally being shared with AI tools like ChatGPT, Claude, Gemini, and others. It uses a local-first architecture - all detection happens in your browser, ensuring your data never leaves your device.

1. Install Extension

Add the Chrome extension from the Web Store

2. Configure Policies

Choose what types of data to protect

3. Stay Protected

Work normally - we'll warn you of risks

Installation

  1. Visit the Chrome Web Store listing
  2. Click "Add to Chrome"
  3. Confirm the permissions when prompted
  4. The VeriSentra icon will appear in your browser toolbar

Configuration

Local-Only Mode

By default, the extension works in local-only mode. No account required, no data sent anywhere. All detection rules are bundled with the extension.

Connected Mode

For teams, connect the extension to your workspace to:

  • Sync policies across your team
  • View analytics and audit logs
  • Manage exception requests
  • Get centralized policy control

Connecting to a Workspace

  1. Click the extension icon and select "Options"
  2. Click "Connect to Workspace"
  3. Enter the connection code provided by your workspace admin
  4. The extension will sync your workspace policies

Extension Linking

Connect your Chrome extension to your workspace to sync policies and enable team analytics.

Generating a Connection Code

Workspace admins can generate connection codes for team members:

  1. Log in to your workspace dashboard
  2. Go to Settings or click your profile menu
  3. Click "Connect Extension" or "Get Connection Code"
  4. A 6-character code will be generated (e.g., ABC123)
  5. Share this code with your team member

Note: Connection codes expire after 10 minutes for security. Generate a new code if the previous one has expired.

Linking the Extension

Once you have a connection code:

  1. Click the VeriSentra extension icon in your browser toolbar
  2. Click "Options" or the settings gear icon
  3. In the extension options page, find the "Connect to Workspace" section
  4. Enter the 6-character connection code
  5. Click "Connect"
  6. The extension will verify the code and sync your workspace policies

After Linking

Once connected, the extension will:

  • Automatically sync policies from your workspace
  • Send anonymized telemetry to your workspace dashboard
  • Apply team-wide detection rules and allowlists
  • Enable exception request workflows

Unlinking the Extension

To disconnect from a workspace and return to local-only mode:

  1. Open the extension options page
  2. Find the "Connected Workspace" section
  3. Click "Disconnect" or "Unlink"
  4. Confirm the disconnection

Detection Categories

VeriSentra detects the following types of sensitive data:

SECRET_TOKEN

API keys, access tokens, OAuth secrets

PRIVATE_KEY

RSA, SSH, PGP private keys

PASSWORD_MARKER

Passwords, credentials, auth data

EMAIL

Email addresses

PHONE

Phone numbers (international formats)

ID_NUMBER

SSN, passport, license numbers

FINANCIAL

Credit cards, bank accounts, routing numbers

ADDRESS

Physical addresses, locations

Policy Modes

Choose how strictly the extension should protect your data:

Permissive Mode

Warns about sensitive data but allows you to proceed. Good for developers who need flexibility but want awareness.

Balanced Mode (Default)

Blocks high-severity items (secrets, private keys), warns on medium severity. Recommended for most teams.

Strict Mode

Blocks all sensitive data categories. Required for regulated industries (healthcare, finance, legal).

Supported Apps

VeriSentra currently protects the following applications:

AI Assistants

  • ChatGPT (chat.openai.com)
  • Claude (claude.ai)
  • Google Gemini (gemini.google.com)
  • Microsoft Copilot (copilot.microsoft.com)

Productivity Apps

  • Gmail (mail.google.com)
  • Slack (app.slack.com)
  • Google Docs (docs.google.com)
  • Notion (notion.so)

Workspace Management

Creating a Workspace

  1. Sign up or log in at verisentra.com
  2. Click "Create Workspace"
  3. Choose a name and URL slug
  4. Select a policy pack (Default, Healthcare, Finance, etc.)

Inviting Team Members

  1. Go to Settings > Members in your workspace
  2. Click "Invite Member"
  3. Enter their email address and select a role
  4. They'll receive an email invitation to join

Roles

Owner

Full access, can delete workspace, manage billing

Admin

Manage policies, members, view all analytics

Analyst

View analytics and audit logs, approve exceptions

User

Use extension with workspace policies

SSO (Single Sign-On)

Business Plan Feature: SSO is available exclusively on the Business plan.

Single Sign-On (SSO) allows your team to authenticate using your company's identity provider (IdP), providing centralized access control and enhanced security.

Supported Providers

VeriSentra supports SAML 2.0 SSO, which works with most enterprise identity providers:

  • Okta
  • Azure Active Directory (Azure AD / Entra ID)
  • Google Workspace
  • OneLogin
  • JumpCloud
  • Any SAML 2.0 compliant IdP

Configuring SAML SSO

To set up SSO for your workspace:

  1. Go to Settings > Security in your workspace dashboard
  2. Click "Configure SSO"
  3. Enter your IdP's SSO URL (Entry Point)
  4. Paste your IdP's X.509 Certificate
  5. Optionally set an Email Domain to restrict access (e.g., yourcompany.com)
  6. Click "Save Configuration"

IdP Configuration

When configuring your Identity Provider, you'll need these values from VeriSentra:

Entity ID (Issuer)

https://api.verisentra.com/v1/auth/sso/metadata/[workspace-id]

ACS URL (Callback URL)

https://api.verisentra.com/v1/auth/sso/callback

SP Metadata URL

https://api.verisentra.com/v1/auth/sso/metadata/[workspace-id]

Enabling SSO Enforcement

After configuration, you can enforce SSO for all users with your email domain:

  1. Test the SSO login flow with an admin account first
  2. Once verified, toggle "Enable SSO" in Settings
  3. Users with matching email domains will be redirected to your IdP when logging in
  4. Magic link login will be disabled for enforced domains

Important: Always test SSO with an admin account before enabling enforcement. Keep at least one owner account that can log in via magic link in case of IdP issues.

Just-In-Time (JIT) Provisioning

When SSO is enabled, new users are automatically provisioned:

  • Users authenticating via SSO for the first time are automatically created
  • They are added to the workspace with the User role by default
  • Email addresses are verified automatically through the IdP
  • Display names are synced from the IdP profile when available

Troubleshooting

Extension not detecting sensitive data

  • Refresh the page after installing the extension
  • Ensure the extension is enabled in Chrome
  • Check that you're on a supported app (ChatGPT, Gmail, etc.)
  • Verify your policy mode isn't set to allow the data type

Can't connect to workspace

  • Ensure you have a valid connection code from your admin
  • Connection codes expire after 10 minutes - request a new one
  • Check your internet connection
  • Try logging out and back in to the extension

Too many false positives

  • Switch to Permissive mode for more flexibility
  • Add patterns to your allowlist in workspace settings
  • Use the "Always allow on this site" option for trusted domains
  • Contact support if you need custom detection rules

Dashboard not showing data

  • Telemetry is only sent in connected mode, not local-only
  • Data may take a few minutes to appear
  • Check the date range filter on the dashboard
  • Ensure your subscription is active

Still need help? Contact us at support@verisentra.com