Skip to main content

Overview

Deploy the Velatir browser extension to managed devices with pre-configured settings. This guide covers deployment via Microsoft Intune (Windows) and Jamf Pro (macOS).

Extension Details

BrowserExtension IDStore Link
ChromebbiokppljpbjgiogcoggjnfffbeiihjaChrome Web Store
EdgephgnjcoglpdamjjmidheehacjbkgkoocEdge Add-ons

Managed Configuration

The extension accepts configuration via managed storage policies:
PropertyTypeDescription
apiTokenstringYour Velatir API key
organizationNamestringDisplay name shown in the extension
Additional properties (endpoint, organizationId, enabledServices) are available for advanced configurations. Contact support if you need these.

Microsoft Intune (Windows)

Chrome Extension

Method A: Settings Catalog (Force Install Only)

Use this method if you only need to install the extension without pre-configured settings.
  1. Sign in to the Microsoft Intune admin center
  2. Go to Devices > Configuration > Create > New policy
  3. Select:
    • Platform: Windows 10 and later
    • Profile type: Settings catalog
  4. Name your profile (e.g., “Velatir Chrome Extension”)
  5. Click Add settings and search for Google Chrome
  6. Select Google Chrome > Extensions
  7. Enable Configure the list of force-installed apps and extensions
  8. Add the following value: 
    bbiokppljpbjgiogcoggjnfffbeiihja;https://clients2.google.com/service/update2/crx
  9. Assign to your device groups and create the profile
Use this method to install the extension and configure the API token and organization name. This approach works reliably for the 3rdparty managed configuration that Settings Catalog does not support.
  1. Go to Devices > Remediations > Create script package
  2. Name it “Velatir Chrome Extension Deployment”
Detection script (Detect-VelatirChrome.ps1): 
$ExtensionId = "bbiokppljpbjgiogcoggjnfffbeiihja"
$ForcelistPath = "HKLM:\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist"
$PolicyPath = "HKLM:\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ExtensionId\policy"

# Check if extension is in force install list
$ForcelistExists = $false
if (Test-Path $ForcelistPath) {
    $Values = Get-ItemProperty -Path $ForcelistPath -ErrorAction SilentlyContinue
    foreach ($Property in $Values.PSObject.Properties) {
        if ($Property.Value -like "$ExtensionId;*") {
            $ForcelistExists = $true
            break
        }
    }
}

# Check if policy configuration exists
$PolicyExists = (Test-Path $PolicyPath) -and
                (Get-ItemProperty -Path $PolicyPath -Name "apiToken" -ErrorAction SilentlyContinue)

if ($ForcelistExists -and $PolicyExists) {
    Write-Output "Velatir Chrome extension is configured"
    exit 0
} else {
    Write-Output "Velatir Chrome extension needs configuration"
    exit 1
}
Remediation script (Remediate-VelatirChrome.ps1): 
# Configuration - UPDATE THESE VALUES
$ApiToken = "your-api-token-here"
$OrganizationName = "Your Organization"

# Extension details
$ExtensionId = "bbiokppljpbjgiogcoggjnfffbeiihja"
$UpdateUrl = "https://clients2.google.com/service/update2/crx"

# Registry paths
$ForcelistPath = "HKLM:\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist"
$PolicyPath = "HKLM:\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ExtensionId\policy"

# Create ExtensionInstallForcelist
if (-not (Test-Path $ForcelistPath)) {
    New-Item -Path $ForcelistPath -Force | Out-Null
}

# Find next available index
$NextIndex = 1
$ExistingValues = Get-ItemProperty -Path $ForcelistPath -ErrorAction SilentlyContinue
if ($ExistingValues) {
    $Indices = $ExistingValues.PSObject.Properties |
               Where-Object { $_.Name -match '^\d+$' } |
               ForEach-Object { [int]$_.Name }
    if ($Indices) { $NextIndex = ($Indices | Measure-Object -Maximum).Maximum + 1 }

    # Check if already exists
    foreach ($Property in $ExistingValues.PSObject.Properties) {
        if ($Property.Value -like "$ExtensionId;*") {
            $NextIndex = $null
            break
        }
    }
}

if ($NextIndex) {
    Set-ItemProperty -Path $ForcelistPath -Name $NextIndex -Value "$ExtensionId;$UpdateUrl"
}

# Create 3rdparty policy configuration
if (-not (Test-Path $PolicyPath)) {
    New-Item -Path $PolicyPath -Force | Out-Null
}

Set-ItemProperty -Path $PolicyPath -Name "apiToken" -Value $ApiToken -Type String
Set-ItemProperty -Path $PolicyPath -Name "organizationName" -Value $OrganizationName -Type String

Write-Output "Velatir Chrome extension configured successfully"
  1. Configure the script package:
    • Run this script using the logged-on credentials: No
    • Enforce script signature check: No
    • Run script in 64-bit PowerShell: Yes
  2. Assign to your device groups
  3. Set the schedule (e.g., once per day)

Edge Extension

Method A: Settings Catalog (Force Install Only)

  1. Create a new Settings catalog profile
  2. Search for Microsoft Edge > Extensions
  3. Enable Control which extensions are installed silently
  4. Add the following value: 
    phgnjcoglpdamjjmidheehacjbkgkooc;https://edge.microsoft.com/extensionwebstorebase/v1/crx
  5. Assign to your device groups
Use the same approach as Chrome, with Edge-specific paths. Detection script (Detect-VelatirEdge.ps1): 
$ExtensionId = "phgnjcoglpdamjjmidheehacjbkgkooc"
$ForcelistPath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist"
$PolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$ExtensionId\policy"

$ForcelistExists = $false
if (Test-Path $ForcelistPath) {
    $Values = Get-ItemProperty -Path $ForcelistPath -ErrorAction SilentlyContinue
    foreach ($Property in $Values.PSObject.Properties) {
        if ($Property.Value -like "$ExtensionId;*") {
            $ForcelistExists = $true
            break
        }
    }
}

$PolicyExists = (Test-Path $PolicyPath) -and
                (Get-ItemProperty -Path $PolicyPath -Name "apiToken" -ErrorAction SilentlyContinue)

if ($ForcelistExists -and $PolicyExists) {
    Write-Output "Velatir Edge extension is configured"
    exit 0
} else {
    Write-Output "Velatir Edge extension needs configuration"
    exit 1
}
Remediation script (Remediate-VelatirEdge.ps1): 
# Configuration - UPDATE THESE VALUES
$ApiToken = "your-api-token-here"
$OrganizationName = "Your Organization"

# Extension details
$ExtensionId = "phgnjcoglpdamjjmidheehacjbkgkooc"
$UpdateUrl = "https://edge.microsoft.com/extensionwebstorebase/v1/crx"

# Registry paths
$ForcelistPath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist"
$PolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$ExtensionId\policy"

# Create ExtensionInstallForcelist
if (-not (Test-Path $ForcelistPath)) {
    New-Item -Path $ForcelistPath -Force | Out-Null
}

$NextIndex = 1
$ExistingValues = Get-ItemProperty -Path $ForcelistPath -ErrorAction SilentlyContinue
if ($ExistingValues) {
    $Indices = $ExistingValues.PSObject.Properties |
               Where-Object { $_.Name -match '^\d+$' } |
               ForEach-Object { [int]$_.Name }
    if ($Indices) { $NextIndex = ($Indices | Measure-Object -Maximum).Maximum + 1 }

    foreach ($Property in $ExistingValues.PSObject.Properties) {
        if ($Property.Value -like "$ExtensionId;*") {
            $NextIndex = $null
            break
        }
    }
}

if ($NextIndex) {
    Set-ItemProperty -Path $ForcelistPath -Name $NextIndex -Value "$ExtensionId;$UpdateUrl"
}

# Create 3rdparty policy configuration
if (-not (Test-Path $PolicyPath)) {
    New-Item -Path $PolicyPath -Force | Out-Null
}

Set-ItemProperty -Path $PolicyPath -Name "apiToken" -Value $ApiToken -Type String
Set-ItemProperty -Path $PolicyPath -Name "organizationName" -Value $OrganizationName -Type String

Write-Output "Velatir Edge extension configured successfully"
Why use Remediations instead of Settings Catalog?The Intune Settings Catalog does not support configuring the 3rdparty policy that passes managed configuration to extensions. Using Remediations with registry keys is the reliable method to deploy both the extension installation and its configuration settings.

Jamf Pro (macOS)

Chrome Extension

  1. In Jamf Pro, go to Computers > Configuration Profiles > New
  2. Name the profile (e.g., “Velatir Chrome Extension”)
  3. Select Application & Custom Settings > External Applications > Add
  4. Set Source to Custom Schema or Upload
  5. Set Preference Domain to com.google.Chrome
  6. Upload or paste the following plist content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>ExtensionInstallForcelist</key>
    <array>
        <string>bbiokppljpbjgiogcoggjnfffbeiihja;https://clients2.google.com/service/update2/crx</string>
    </array>
    <key>3rdparty</key>
    <dict>
        <key>extensions</key>
        <dict>
            <key>bbiokppljpbjgiogcoggjnfffbeiihja</key>
            <dict>
                <key>apiToken</key>
                <string>your-api-token-here</string>
                <key>organizationName</key>
                <string>Your Organization</string>
            </dict>
        </dict>
    </dict>
</dict>
</plist>
  1. Scope the profile to your target computers
  2. Save the configuration profile

Edge Extension

  1. Create a new Configuration Profile
  2. Add Application & Custom Settings > External Applications
  3. Set Preference Domain to com.microsoft.Edge
  4. Use the following plist content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>ExtensionInstallForcelist</key>
    <array>
        <string>phgnjcoglpdamjjmidheehacjbkgkooc;https://edge.microsoft.com/extensionwebstorebase/v1/crx</string>
    </array>
    <key>3rdparty</key>
    <dict>
        <key>extensions</key>
        <dict>
            <key>phgnjcoglpdamjjmidheehacjbkgkooc</key>
            <dict>
                <key>apiToken</key>
                <string>your-api-token-here</string>
                <key>organizationName</key>
                <string>Your Organization</string>
            </dict>
        </dict>
    </dict>
</dict>
</plist>
  1. Scope and save the profile

Verification

Windows

  1. Trigger an Intune sync on the device or wait for the scheduled check-in
  2. Open Chrome or Edge and navigate to chrome://policy or edge://policy
  3. Click Reload policies
  4. Verify you see:
    • ExtensionInstallForcelist with the Velatir extension ID
    • Under the extension ID section, your configured apiToken and organizationName
  5. Navigate to chrome://extensions or edge://extensions to confirm the extension is installed

macOS

  1. After the Jamf profile deploys, verify the plist file exists: 
    ls /Library/Managed\ Preferences/com.google.Chrome.plist
  2. Check the applied settings: 
    defaults read /Library/Managed\ Preferences/com.google.Chrome
  3. Open Chrome and navigate to chrome://policy to verify the policies are applied
  4. Confirm the extension appears in chrome://extensions

Troubleshooting

Extension not installing

  • Windows: Verify the device has synced with Intune. Check Devices > Monitor > Device configuration status
  • macOS: Verify the configuration profile is installed under System Settings > Privacy & Security > Profiles
  • Ensure the browser is installed before the policy applies
  • Check the browser’s policy page for errors

Configuration not appearing

  • Windows: Remediations run on a schedule. Trigger a manual sync or wait for the next run
  • Windows: Verify the scripts are running in 64-bit PowerShell context
  • macOS: Check that the preference domain matches exactly (com.google.Chrome or com.microsoft.Edge)
  • Restart the browser after policy changes

Policy conflicts (Windows)

If multiple Intune profiles configure ExtensionInstallForcelist, they may conflict. Use Remediations instead of Settings Catalog to avoid this issue, as Remediations can check for existing entries and add new ones without overwriting.

32-bit vs 64-bit context (Windows)

Registry changes may be written to WOW6432Node if the script runs in 32-bit context. Always enable Run script in 64-bit PowerShell in your Remediation settings.

Browser Extension Overview

General extension features and manual installation

Get API Token

Set up your Velatir account and get an API token