Intakes
How data gets into GreyScape.ai
Nine mechanisms — direct connectors that pull from AI providers, user-facing forms that ask employees, admin-driven uploads, and passive captures that run in the background. Use the right lane for the right ask; stack them to close the visibility gap.
Organisation-Wide AI Keys
Paste your organisation's admin API keys for OpenAI, Anthropic, Azure OpenAI. We poll usage hourly and turn it into per-user, per-tool spend.
When to use: Day one. The highest-fidelity input — actual API call volume and dollar spend from the AI providers themselves, no employee survey needed.
GitHub Copilot
Paste a GitHub PAT scoped to your org. We poll the Copilot seats API hourly and create one detection row per active seat.
When to use: If your org uses Copilot Business or Copilot Enterprise. Captures seat assignments, last-activity dates, team membership.
Setup User AI Approval Workflow
For pre-emptive sanctioning: convert shadow-AI signups into proper approvals before they happen.
When to use: Post in #general / IT onboarding doc. Employees file each new request for AI access; you decide before they sign up personally.
User AI Tool Declaration
For inventory: ask every employee what AI tools they already use. Multi-tool form, captures plan + monthly cost + optional receipt.
When to use: Quarterly. Captures the long tail — ChatGPT Pro on a personal card, Cursor paid out of pocket, Manus web usage, etc. — that connectors can't see.
User AI Key Capture
For tracking: poll employees to share the API key they're using for a specific tool. Keys flow into the BYOK pipeline.
When to use: After attestation surfaces a tool — turn 'we know they use it' into 'we're now tracking it' by collecting the API key.
Admin subscription log
Admin-driven: type in a known AI subscription directly — vendor, plan, monthly cost, who pays. Rolls up into the same per-user, per-team, org budgets as user-declared subs.
When to use: When you already know about a subscription and don't want to wait for an employee survey. Capture as you hear about them.
CSV upload
Admin-driven: drop a card-transaction or firewall-log CSV. GreyScape.ai pattern-matches against AI vendor + domain catalogues.
When to use: Same-day visibility while you wait for Brex/Ramp/Network connectors to come online. Re-uploadable, idempotent.
Passive Email Receipt Capture
Passive: forward AI-tool receipts to your tenant's inbound address. Vendor + amount parsed automatically.
When to use: Set-and-forget. Each user adds a Gmail/Outlook filter once; future receipts capture themselves.
Browser extension
Passive: deploy our lightweight Chromium extension to managed devices. Catches consumer-tier AI tools that have no API, no card trail, and no SSO footprint — ChatGPT Free, Midjourney, Suno, personal-account Perplexity.
When to use: After other intakes are wired up. Closes the last visibility gap — the long tail of free-tier and personal-account AI usage that nothing else can see.
When to stack intakes
Each intake is tuned to a different gap. Layered, they compound:
- Day 1: paste your organisation-wide AI keys (OpenAI, Anthropic, Azure). Actual usage and dollar spend start flowing within an hour.
- Day 1: mint a Shareable User AI Access Link and post it in #general. New requests start flowing in.
- Week 1: wire Passive Email Receipt Capture so existing paid subscriptions surface automatically. If you use GitHub Copilot, connect that too.
- Month 1: launch a quarterly User AI Tool Declaration campaign to inventory the long tail.
- After declaration: for tools with API access, launch a User AI Key Capture campaign to start tracking real usage.
- Periodic: CSV upload of card statements and firewall logs to catch anything that slipped past the rest.