Browser Extension - Windows (Group Policy / Registry)
Force-install the Velatir browser extension on Windows via Group Policy, PowerShell, manual registry, or the Intune Settings Catalog
Force-install the extension on Windows by pushing browser policy yourself: through Group Policy, a PowerShell script, a policies.json file, or the Intune Settings Catalog. These cover Chrome, Edge, Firefox, Vivaldi, and Brave, and all write to the machine hive (HKLM\Software\Policies\…).
One script covers all five browsers. Edit $IngestKey at the top, then run it as Administrator or SYSTEM in 64-bit PowerShell. The browsers read the key from the registry value apiToken.Configuration script (Configure-Velatir.ps1):
# Configuration - UPDATE THIS VALUE$IngestKey = "your-ingest-key-here"# Extension IDs# Vivaldi and Brave install the Chrome Web Store build of the extension and# therefore share Chrome's extension ID.$ChromeId = "bbiokppljpbjgiogcoggjnfffbeiihja"$EdgeId = "phgnjcoglpdamjjmidheehacjbkgkooc"$FirefoxId = "velatir@velatir.com"$VivaldiId = $ChromeId$BraveId = $ChromeId# Machine ID: Windows computer name. Matches the MSI's [ComputerName] behaviour.$MachineId = $env:COMPUTERNAMEfunction Set-ManagedPolicy($Path, $Key, $Id) { if (-not (Test-Path $Path)) { New-Item -Path $Path -Force | Out-Null } Set-ItemProperty -Path $Path -Name "apiToken" -Value $Key -Type String Set-ItemProperty -Path $Path -Name "machineId" -Value $Id -Type String}# Chrome$ChromeForcelist = "HKLM:\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist"if (-not (Test-Path $ChromeForcelist)) { New-Item -Path $ChromeForcelist -Force | Out-Null}# Use name "1000" to avoid colliding with MDM-managed entries (which start at 1)Set-ItemProperty -Path $ChromeForcelist -Name "1000" -Value "$ChromeId;https://clients2.google.com/service/update2/crx" -Type StringSet-ManagedPolicy "HKLM:\SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\$ChromeId\policy" $IngestKey $MachineId# Edge$EdgeForcelist = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist"if (-not (Test-Path $EdgeForcelist)) { New-Item -Path $EdgeForcelist -Force | Out-Null}Set-ItemProperty -Path $EdgeForcelist -Name "1000" -Value "$EdgeId;https://edge.microsoft.com/extensionwebstorebase/v1/crx" -Type StringSet-ManagedPolicy "HKLM:\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\$EdgeId\policy" $IngestKey $MachineId# Firefox# Force-install via Extensions\Install to avoid overwriting ExtensionSettings (a single JSON value that may conflict with MDM)$FirefoxInstall = "HKLM:\SOFTWARE\Policies\Mozilla\Firefox\Extensions\Install"if (-not (Test-Path $FirefoxInstall)) { New-Item -Path $FirefoxInstall -Force | Out-Null}Set-ItemProperty -Path $FirefoxInstall -Name "1000" -Value "https://addons.mozilla.org/firefox/downloads/latest/velatir/latest.xpi" -Type StringSet-ManagedPolicy "HKLM:\SOFTWARE\Policies\Mozilla\Firefox\3rdparty\Extensions\$FirefoxId" $IngestKey $MachineId# Vivaldi (Chromium-based; reads ExtensionInstallForcelist + 3rdparty\extensions\<id>\policy)$VivaldiForcelist = "HKLM:\SOFTWARE\Policies\Vivaldi\ExtensionInstallForcelist"if (-not (Test-Path $VivaldiForcelist)) { New-Item -Path $VivaldiForcelist -Force | Out-Null}Set-ItemProperty -Path $VivaldiForcelist -Name "1000" -Value "$VivaldiId;https://clients2.google.com/service/update2/crx" -Type StringSet-ManagedPolicy "HKLM:\SOFTWARE\Policies\Vivaldi\3rdparty\extensions\$VivaldiId\policy" $IngestKey $MachineId# Brave (Chromium-based; the policy root drops the "-Browser" suffix even# though the install directory is "Brave-Browser")$BraveForcelist = "HKLM:\SOFTWARE\Policies\BraveSoftware\Brave\ExtensionInstallForcelist"if (-not (Test-Path $BraveForcelist)) { New-Item -Path $BraveForcelist -Force | Out-Null}Set-ItemProperty -Path $BraveForcelist -Name "1000" -Value "$BraveId;https://clients2.google.com/service/update2/crx" -Type StringSet-ManagedPolicy "HKLM:\SOFTWARE\Policies\BraveSoftware\Brave\3rdparty\extensions\$BraveId\policy" $IngestKey $MachineIdWrite-Output "Velatir browser extensions configured (machineId: $MachineId)"
To deploy to a subset of browsers, comment out the corresponding section in both the configuration and uninstall scripts.
This reverses everything the configuration script writes. It is safe to run either way, and leaves MDM-managed policies (at forcelist indexes other than 1000) untouched.Uninstall script (Remove-Velatir.ps1):
Removing the force-install policy does not uninstall the extension from existing profiles; users can then disable or remove it themselves. To force removal, block the extension first (Chrome/Edge ExtensionInstallBlocklist, or Firefox ExtensionSettings with installation_mode: blocked) before running the uninstall script.
If you deployed via the MSI instead, uninstall with msiexec /x VelatirExtension-x64.msi /qn (or VelatirExtension-arm64.msi for ARM64 fleets).
To use a policies.json file instead of registry keys for Firefox, run this script in place of (or alongside) the Firefox section above.Configuration script (Configure-VelatirFirefoxJson.ps1):
Firefox updates may remove the distribution folder. If using this method, schedule the script to run regularly (e.g., once per day) to ensure the file is recreated after updates.
Not using Intune or SCCM? Apply the same policies directly with regedit, Group Policy Preferences, or any tool that writes registry values. The tables below list every key, value name, and data.All values are REG_SZ (String) under HKEY_LOCAL_MACHINE (HKLM). Run your tool in 64-bit context so writes don’t land under WOW6432Node.
Use the value name 1000 for the force-install entries. This avoids colliding with MDM-managed entries, which typically start at 1.
Vivaldi is Chromium-based and reads the standard ExtensionInstallForcelist and 3rdparty\extensions\<id>\policy keys under its own vendor namespace. It installs the Chrome Web Store build of the extension and therefore reuses Chrome’s extension ID.Required
Brave’s install directory is Brave-Browser but the documented policy root drops the suffix and lives at SOFTWARE\Policies\BraveSoftware\Brave. It installs the Chrome Web Store build of the extension and therefore reuses Chrome’s extension ID.Required
To remove the configuration, delete the values you added. This does not uninstall the extension from existing profiles; users can then disable or remove it themselves.
Enterprise deployment
Browser support, managed config, and other platforms
Verify the deployment
Confirm policies applied and the extension is installed