Force-install the extension, pre-configure the API key, and audit every redaction — from a single MDM policy. No per-user setup, no shadow-IT risk.
Redacta is a standard Manifest V3 extension distributed through the four major browser stores. Any deployment pattern you already use for other extensions works here.
Apply the following OU-level policy from the Google Admin console (Devices → Chrome → Apps & extensions → Users & browsers), or set it via Windows registry / /etc/opt/chrome/policies on managed endpoints.
{
"ExtensionInstallForcelist": [
"YOUR_CHROME_EXTENSION_ID_HERE;https://clients2.google.com/service/update2/crx"
],
"ExtensionSettings": {
"YOUR_CHROME_EXTENSION_ID_HERE": {
"installation_mode": "force_installed",
"update_url": "https://clients2.google.com/service/update2/crx",
"toolbar_pin": "force_pinned"
}
},
"3rdparty": {
"extensions": {
"YOUR_CHROME_EXTENSION_ID_HERE": {
"apiKey": "rdk_live_xxxxxxxxxxxxxxxx",
"reportingEnabled": true,
"allowedSites": [
"claude.ai",
"chatgpt.com",
"chat.openai.com",
"gemini.google.com"
]
}
}
}
}What this does: force-installs Redacta at next browser start, pins its icon to the toolbar, and pushes the managed API key + reporting config into the extension's managed storage area. Users cannot disable or remove it.
In Microsoft Intune, create a configuration profile of type Settings Catalog → Microsoft Edge. Add Extension Management and paste the JSON below. For classic Group Policy, use the Edge ADMX templates and the matching ExtensionInstallForcelist setting.
{
"ExtensionInstallForcelist": [
"YOUR_EDGE_EXTENSION_ID_HERE;https://edge.microsoft.com/extensionwebstorebase/v1/crx"
],
"3rdparty": {
"extensions": {
"YOUR_EDGE_EXTENSION_ID_HERE": {
"apiKey": "rdk_live_xxxxxxxxxxxxxxxx",
"reportingEnabled": true
}
}
}
}Firefox enterprise deployments use policies.json placed next to the Firefox binary (/Applications/Firefox.app/Contents/Resources/distribution/ on macOS, C:\Program Files\Mozilla Firefox\distribution\ on Windows) or the ADMX templates shipped by Mozilla. Our gecko add-on ID is redacta@getredacta.com.
{
"policies": {
"ExtensionSettings": {
"redacta@getredacta.com": {
"installation_mode": "force_installed",
"install_url": "https://getredacta.com/downloads/redacta-firefox-latest.xpi"
}
},
"3rdparty": {
"Extensions": {
"redacta@getredacta.com": {
"apiKey": "rdk_live_xxxxxxxxxxxxxxxx",
"reportingEnabled": true
}
}
}
}
}Business customers can host the signed .xpi directly (we provide it) or reference the AMO listing once approved.
Jamf, Kandji, Mosyle, and any other Apple MDM can push Chrome and Edge extension policies via a standard .mobileconfig payload. The snippet below is the Chrome-specific portion; Edge and Firefox use the same pattern with their own payload types (com.microsoft.Edge and org.mozilla.firefox).
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadType</key>
<string>com.google.Chrome</string>
<key>ExtensionInstallForcelist</key>
<array>
<string>YOUR_CHROME_EXTENSION_ID_HERE;https://clients2.google.com/service/update2/crx</string>
</array>
<key>PayloadIdentifier</key>
<string>com.sandiadevgroup.redacta.chrome</string>
</dict>
</array>The extension reads a managed-storage schema defined in its manifest. When your policy populates it, the popup hides the API key field and users cannot change it. Recognized keys:
| Key | Type | Purpose |
|---|---|---|
| apiKey | string | Redacta service API key. When set, users cannot override. |
| reportingEnabled | boolean | Forces anonymized reporting on or off regardless of user preference. |
| allowedSites | array<string> | Restrict which supported sites redaction runs on. |
| forceRedactStrict | boolean | If true, block send entirely when redaction fails (vs. silent passthrough). |
| tenantId | string | Attached to every reported event for cross-employee aggregation in your dashboard. |
Every redaction performed by a managed extension emits an event to the Redacta audit log, visible in the dashboard under Reports → Extension activity. Each event records provider host, entity types, counts, tenant ID, and timestamp. Message text and original values are never captured. Export as CSV or stream via webhook.
On the Enterprise plan, we can also forward events to your SIEM (Splunk HEC, Datadog, or any generic webhook).
Only when the managed API key is configured, and only with anonymized redaction counts — never message content. If reportingEnabled is false, it makes zero outbound requests.
Chat sites change their DOMs frequently. We monitor Claude, ChatGPT, and Gemini; when they redesign, we ship updates through the usual store-update mechanism (auto-applied within hours of publication). If a fix is needed faster, Enterprise customers get a direct signed build.
Not when installed via ExtensionInstallForcelist and installation_mode: force_installed. The extension cannot be removed or disabled from Chrome/Edge settings by end-users.
Anonymized event metadata (entity types, counts, host, timestamp, tenant ID) for the retention period configured on your plan — default 90 days on Enterprise, configurable 1 hour to 365 days. No message content, ever.
Scope the force-install policy to a pilot OU first, collect feedback via the dashboard, then expand. The same policy can target by OU, device, or user group in every MDM listed above.
It runs as a content script on the four supported sites only. It doesn't intercept network traffic globally, so it's compatible with Zscaler, Netskope, and other CASB / DLP stacks. In fact, many customers use Redacta upstream of their DLP specifically so outbound scans see already-redacted payloads.
We'll walk your IT team through the deployment in a 30-minute session, ship a test build, and help configure your pilot OU.