KB Article | Forcepoint Support

Notes & Warnings

Important SSL decryption must be enabled for the requests to the Office 365 application that the end users access.

Problem Description

I would like to restrict my end users from logging into accounts of Office 365 tenancies that do not belong to my organisation.


Microsoft has included a provision to prevent the end user from logging into any Office 365 tenancy other than those specified by the end user's organisation's system operator by means of inserting the header 'Restrict-Access-To-Tenants' into the HTTP request headers for login.microsoftonline.com.

Forcepoint Technical Support is able to create back-end configuration for your account that instructs the proxy to insert this header along with the tenancies.
  1. Raise a case with Forcepoint Technical Support
  2. In the case, include the following:
  • Office 365 Tenant restrictions need to be enabled.
  • The header you would like to have inserted (e.g. Restrict-Access-To-Tenants: mycompany.onmicrosoft.com, subsidiary.onmicrosoft.com).
  • You will be asked for your PIN. 

Keywords: tenant; restrict; o365; microsoft

Article Feedback

Thank you for the feedback and comments.