The Codex Chrome extension lets AI agents use your browser for authenticated tasks
Use it when Codex needs to read or act on sites such as LinkedIn, Salesforce, Gmail, or internal tools — all through your signed-in Chrome profile with full permission control.
What makes Codex Chrome different from a standard browser tool
The extension bridges AI agent capabilities with your real browser session, giving Codex access to authenticated websites through your existing Chrome profile.
Signed-in browser context, not a sandbox
Codex uses your actual Chrome profile so it can interact with websites you are already logged into — no credential sharing, no separate login flows.
Per-website permission control
Codex asks before interacting with each new website. Approve once, always allow, or block entirely — you stay in control of every domain.
Smart tool switching
Codex automatically picks the right tool — a dedicated plugin when available, Chrome for logged-in browser tasks, and the in-app browser for localhost.
Data-aware security model
Browser activity is stored only when it becomes part of the Codex context. Treat page content as untrusted, and review each website before allowing Codex to proceed.
The setup and control flow, explained
From installing the plugin to managing allowlists, the extension is designed so you can verify every step before Codex acts on a website.
Install the Chrome plugin
Open Codex, go to Plugins, and add the Chrome plugin. The setup flow guides you through installing the Codex Chrome extension and approving permission prompts.
Confirm the connection
Open Chrome and check that the Codex extension shows Connected. If it does, Codex can start using Chrome for browser tasks that need your signed-in state.
Invoke Chrome in a prompt
Codex suggests Chrome when a task needs a signed-in website. You can also invoke it directly: @Chrome open Salesforce and update the account from these call notes.
Control website access
By default, Codex asks before interacting with each new website host. Choose Allow, Always Allow, or Decline — manage the full allowlist and blocklist in Settings.
It turns browser access into something an agent can use safely
Most browser automation tools run in sandboxed environments. Codex Chrome gives agents access to your real browser session with permission controls that keep you in charge.
Real session, not a sandbox
Agents interact with websites through your actual Chrome profile — logged-in, authenticated, ready to work with enterprise tools.
Per-host permission model
Every domain gets its own allow or block decision. Approve once for trusted sites, keep sensitive ones blocked.
Auditable prompt flow
Codex asks before each new site interaction. You see what it wants to do and can review before granting access.
What Is Codex Chrome? How Browser Automation Works for AI Agents
A clear explanation of what the Codex Chrome extension does, how it connects to your browser, and how permissions keep your data safe.
How the extension bridges Codex and Chrome
The Codex Chrome extension acts as a secure bridge between the Codex agent and your Chrome browser. When Codex needs to interact with a website that requires authentication — like Salesforce, Gmail, or LinkedIn — it sends instructions through the extension, which executes them in your signed-in browser session.
Codex can also switch between tools as a task requires, using plugins when a dedicated integration is available, Chrome when it needs logged-in browser context, and the in-app browser for localhost.
How to go from reading about Codex Chrome to using it
The setup assumes you have Codex installed and Chrome running. If that matches your setup, this is the shortest path to your first browser-automated task.
Open Codex and go to Plugins
Navigate to the Plugins section in Codex and add the Chrome plugin. Follow the setup flow — it guides you through installing or connecting the Chrome extension and approving Chrome's permission prompts.
Confirm the extension is connected
Open Chrome and check that the Codex extension shows Connected in the toolbar. If it does, the bridge between Codex and Chrome is ready.
Start a new Codex thread
Codex can suggest Chrome when a task needs a signed-in website. You can also invoke it directly in a prompt with @Chrome followed by your task.
Review and approve website access
Codex asks before it interacts with each new website. Review the prompt and choose Allow, Always Allow, or Decline based on your risk tolerance.
The fastest answers to the questions people ask first
Start here if you want to understand the permission model, security considerations, and troubleshooting steps without reading the full guide.
The extension may request access to the page debugger, read and change data on all websites, read and change browsing history, display notifications, read and change bookmarks, manage downloads, communicate with native applications, and manage tab groups. These Chrome permissions make the extension capable of operating browser workflows. Codex still uses its own confirmations, settings, allowlists, and blocklists before using websites or browser history.
By default, Codex asks before interacting with each new website. You can choose Allow for the current chat, Always Allow the host so Codex can use it again without asking, or Decline. Manage the full allowlist and blocklist in Computer Use settings. Removing a domain from the allowlist means Codex asks again. Turn on "always allow browser content" to skip confirmations entirely (elevated risk).
OpenAI does not store a separate complete record of your Chrome actions from the extension. Browser activity is stored only when it becomes part of the Codex context — such as text Codex reads from a page, screenshots, tool calls, summaries, messages, or other content included in the thread. Your ChatGPT and Codex data controls apply to content processed in context.
Codex asks when it wants to use browser history. History access is scoped to the request, and there is no always-allow option for history. Browser history can include sensitive telemetry, internal URLs, search terms, and activity from Chrome sessions. Malicious page content can increase the risk that Codex copies this data somewhere unintended, so review each prompt carefully.
First confirm the website is not in the blocklist. Then: (1) Check the Codex extension shows Connected in Chrome. If disconnected, remove and re-add the Chrome plugin from Plugins. (2) Confirm the Chrome plugin is on in Codex Plugins. (3) Use the same Chrome profile where the extension is installed. (4) Start a new Codex thread. (5) Restart both Chrome and Codex. (6) If still not connecting, run /feedback in the Codex app and include the thread ID.
Yes. Browser use follows your Codex Memories setting. If Memories is on, Codex can use relevant saved memories while working in Chrome. If Memories is off, browser use does not use memories.
Every claim on this page is grounded in the official Codex documentation so you can verify the details yourself.
Official Documentation
The source for the Chrome extension setup, permissions, allowlist/blocklist management, and troubleshooting guide.
Setup Guide
Where the docs explain the plugin installation flow, permission prompts, and how to confirm the connection status.
Security & Permissions
Detailed documentation on data storage, Chrome extension permissions, and the security model for browser tasks.