Overview
Organizations can deploy the Velatir browser extension to all users with pre-configured settings using Chromeโs managed storage API. This allows IT administrators to:
- Pre-configure API endpoints and credentials
- Lock settings to prevent user modification
- Deploy via Group Policy, MDM, or managed preferences
- Display organization branding in the extension
Extension Details
| Property | Value |
|---|
| Extension ID | caphhifinnebobmbailgabbcjhdfdjij |
| CRX Download | https://cdn.velatir.com/chrome-extension.crx |
| Update Manifest | https://cdn.velatir.com/update.xml |
Managed Configuration Options
The following settings can be configured via enterprise policy:
| Property | Type | Description |
|---|
endpoint | string | Velatir API endpoint (e.g., api.velatir.com) |
apiToken | string | X-API-Key for authentication |
organizationName | string | Display name shown in โManaged byโ banner |
organizationId | string | Organization identifier for audit logs |
enabledServices | array | List of service names to monitor (empty = all) |
Microsoft Intune
Microsoft Intune provides multiple methods to deploy and configure Chrome extensions. Choose the approach that best fits your environment.
Prerequisites
- Microsoft Intune admin access
- Chrome ADMX templates (for Administrative Templates method)
- Target devices enrolled in Intune
Method 1: Settings Catalog (Recommended)
The Settings Catalog provides the most straightforward approach for deploying Chrome extensions.
- Sign in to the Microsoft Intune admin center
- Navigate to Devices โ Configuration profiles โ Create profile
- Select:
- Platform: Windows 10 and later
- Profile type: Settings catalog
- Click Create
- Name your profile (e.g., โVelatir Browser Extensionโ)
- Click Add settings and search for โGoogle Chromeโ
- Expand Google Chrome โ Extensions
- Add the following settings:
Configure the list of force-installed apps and extensions:
caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml
caphhifinnebobmbailgabbcjhdfdjij
- Click Next through Scope tags
- Assign to your target device groups
- Click Create
Method 2: Administrative Templates (ADMX)
For organizations already using Chrome ADMX templates:
- Download Chrome ADMX templates if not already imported
- In Intune, go to Devices โ Configuration profiles โ Create profile
- Select:
- Platform: Windows 10 and later
- Profile type: Templates โ Administrative Templates
- Navigate to: Computer Configuration โ Google Chrome โ Extensions
- Configure Configure the list of force-installed apps and extensions:
- Set to Enabled
- Add:
caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml
Method 3: Custom OMA-URI
For advanced scenarios or when ADMX templates arenโt available:
- Create a new Configuration profile
- Select Templates โ Custom
- Add an OMA-URI setting:
| Setting | Value |
|---|
| Name | Chrome Force Install Extension |
| OMA-URI | ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Extensions/ExtensionInstallForcelist |
| Data type | String |
| Value | <enabled/><data id="ExtensionInstallForcelistDesc" value="1caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml"/> |
Configuring Extension Policy via Intune
To pre-configure the extension settings (API endpoint, token, etc.), use the ExtensionSettings policy:
Settings Catalog method:
- Search for โConfigure extension management settingsโ under Google Chrome โ Extensions
- Add the following JSON:
{
"caphhifinnebobmbailgabbcjhdfdjij": {
"installation_mode": "force_installed",
"update_url": "https://cdn.velatir.com/update.xml",
"toolbar_pin": "force_pinned"
}
}
{
"3rdparty": {
"extensions": {
"caphhifinnebobmbailgabbcjhdfdjij": {
"endpoint": "api.velatir.com",
"apiToken": "your-api-token-here",
"organizationName": "Acme Corporation",
"organizationId": "acme-corp"
}
}
}
}
Microsoft Edge Deployment via Intune
For Microsoft Edge (Chromium-based), the process is similar:
- In Settings Catalog, search for โMicrosoft Edgeโ instead of โGoogle Chromeโ
- Use the same extension ID:
caphhifinnebobmbailgabbcjhdfdjij
- Configure Configure the list of force-installed extensions:
caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml
The same CRX file and extension ID work for both Chrome and Edge since Edge is Chromium-based.
Windows (Group Policy)
Registry Method
Create a .reg file with your configuration:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist]
"1"="caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\caphhifinnebobmbailgabbcjhdfdjij\policy]
"endpoint"="api.velatir.com"
"apiToken"="your-api-token-here"
"organizationName"="Acme Corporation"
"organizationId"="acme-corp"
Group Policy (ADMX)
- Download the Chrome ADMX templates
- Add them to your Group Policy Central Store
- Navigate to: Computer Configuration > Administrative Templates > Google Chrome > Extensions
- Configure Configure the list of force-installed apps and extensions:
- Add:
caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml
- Configure Extension management settings with JSON:
{
"caphhifinnebobmbailgabbcjhdfdjij": {
"installation_mode": "force_installed",
"update_url": "https://cdn.velatir.com/update.xml",
"toolbar_pin": "force_pinned",
"policy": {
"endpoint": "api.velatir.com",
"apiToken": "your-api-token-here",
"organizationName": "Acme Corporation",
"organizationId": "acme-corp"
}
}
}
macOS (Managed Preferences)
Configuration Profile
Create a .mobileconfig file or use your MDM to deploy a configuration profile:
Domain: com.google.Chrome
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ExtensionInstallForcelist</key>
<array>
<string>caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml</string>
</array>
<key>3rdparty</key>
<dict>
<key>extensions</key>
<dict>
<key>caphhifinnebobmbailgabbcjhdfdjij</key>
<dict>
<key>endpoint</key>
<string>api.velatir.com</string>
<key>apiToken</key>
<string>your-api-token-here</string>
<key>organizationName</key>
<string>Acme Corporation</string>
<key>organizationId</key>
<string>acme-corp</string>
</dict>
</dict>
</dict>
</dict>
</plist>
Manual Deployment
Place the plist file at:
/Library/Managed Preferences/com.google.Chrome.plist
Linux / ChromeOS (JSON Policy)
System-wide Policy
Create a JSON file at /etc/opt/chrome/policies/managed/velatir.json:
{
"ExtensionInstallForcelist": [
"caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml"
],
"3rdparty": {
"extensions": {
"caphhifinnebobmbailgabbcjhdfdjij": {
"endpoint": "api.velatir.com",
"apiToken": "your-api-token-here",
"organizationName": "Acme Corporation",
"organizationId": "acme-corp"
}
}
}
}
sudo chmod 644 /etc/opt/chrome/policies/managed/velatir.json
Google Workspace Admin Console
For organizations using Chrome Browser Cloud Management:
- Sign in to the Google Admin console
- Navigate to Devices > Chrome > Apps & extensions > Users & browsers
- Select the organizational unit to configure
- Click the + button and select Add Chrome app or extension by ID
- Enter the extension ID:
caphhifinnebobmbailgabbcjhdfdjij
- For Installation policy, select Force install
- For Update URL, enter:
https://cdn.velatir.com/update.xml
- Click the extension and select Policy for extensions
- Enter your JSON configuration:
{
"endpoint": "api.velatir.com",
"apiToken": "your-api-token-here",
"organizationName": "Acme Corporation",
"organizationId": "acme-corp"
}
- Click Save
JAMF Pro (macOS)
- Create a new Configuration Profile
- Add a Custom Settings payload
- Set the preference domain to
com.google.Chrome
- Upload or paste the following plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ExtensionInstallForcelist</key>
<array>
<string>caphhifinnebobmbailgabbcjhdfdjij;https://cdn.velatir.com/update.xml</string>
</array>
<key>3rdparty</key>
<dict>
<key>extensions</key>
<dict>
<key>caphhifinnebobmbailgabbcjhdfdjij</key>
<dict>
<key>endpoint</key>
<string>api.velatir.com</string>
<key>apiToken</key>
<string>your-api-token-here</string>
<key>organizationName</key>
<string>Acme Corporation</string>
<key>organizationId</key>
<string>acme-corp</string>
</dict>
</dict>
</dict>
</dict>
</plist>
Update Manifest (update.xml)
The update manifest at https://cdn.velatir.com/update.xml follows this format:
<?xml version='1.0' encoding='UTF-8'?>
<gupdate xmlns='http://www.google.com/update2/response' protocol='2.0'>
<app appid='caphhifinnebobmbailgabbcjhdfdjij'>
<updatecheck codebase='https://cdn.velatir.com/chrome-extension.crx' version='1.0.0' />
</app>
</gupdate>
Verification
After deployment, verify the configuration is applied:
- Open Chrome and navigate to
chrome://policy
- Click Reload policies to refresh
- Search for
caphhifinnebobmbailgabbcjhdfdjij or โExtensionโ
- Verify the managed settings appear under the extension policies
- Navigate to
chrome://extensions - the Velatir extension should show as installed
- Open the Velatir extension - you should see โManaged by [Organization Name]โ
Troubleshooting
Settings not appearing
- Verify the extension ID is
caphhifinnebobmbailgabbcjhdfdjij
- Check that policy files have correct permissions
- Restart Chrome after policy changes
- On Windows, run
gpupdate /force
- In Intune, trigger a device sync
Extension not installing
- Ensure force installation policy is applied
- Check
chrome://extensions for error messages
- Verify network access to
cdn.velatir.com
- Check
chrome://policy for any policy errors
API connection issues
- Verify the API token is valid
- Check firewall rules for
api.velatir.com
- Review extension console for errors (
chrome://extensions > Details > Inspect views)
Intune-specific issues
- Verify the device has synced with Intune recently
- Check Devices โ Monitor โ Device configuration status
- Ensure Chrome is installed before the policy applies
- For Edge, verify youโre using the Edge-specific policies
