Deployment Guide
GPO & Policy Deployment
Step-by-step instructions for IT administrators to force-install Beaver Browser on managed machines using Group Policy, Google Admin Console, Firefox policies, and Microsoft Intune.
Overview
| Browser | Method | Key artifact |
|---|---|---|
| Chrome | Google Admin Console | Extension ID + update URL |
| Chrome / Edge | Windows GPO (Active Directory) | Extension ID + update URL |
| Chrome / Edge | Microsoft Intune | Extension ID + update URL |
| Firefox | policies.json (file drop) | XPI download URL |
| Firefox | Windows GPO | XPI download URL + ADMX |
Chrome — Google Admin Console
Recommended for Google Workspace organizations. Applies to Chrome and all Chromium-based browsers managed by Google Admin.
Chrome / Edge — Windows GPO
For on-premise Active Directory environments. The same Extension ID and update URL work for both Chrome and Edge.
Install ADMX templates
Download the Chrome ADMX bundle or Edge ADMX bundle, then copy the .admx and .adml files to:
C:\Windows\PolicyDefinitions\ C:\Windows\PolicyDefinitions\en-US\
\\DOMAIN\SYSVOL\DOMAIN\Policies\PolicyDefinitions instead.Configure force-install via GPO Editor
For Chrome: navigate to Computer Configuration → Administrative Templates → Google Chrome → Extensions → Configure the list of force-installed apps.
For Edge: navigate to Computer Configuration → Administrative Templates → Microsoft Edge → Extensions → Control which extensions are installed silently.
Enable the policy and add the force-install entry (copy from dashboard):
{EXTENSION_ID};https://app.beaverbrowser.com/extension/updates?companyCode={YOUR_CODE}Alternative: deploy via .reg file
Download the pre-filled .reg file from Settings → Deploy → Windows GPO tab, then deploy via a GPO startup script:
reg import BeaverBrowserExtension.reg
Apply and verify
gpupdate /force
Then open chrome://policy or edge://policy and verify the extension appears under ExtensionInstallForcelist.
Firefox — policies.json (recommended)
The simplest Firefox deployment method. Firefox reads policies.json at startup from a fixed path — no GPO or registry changes required.
Get the pre-filled file
Download policies.json from Settings → Deploy → Windows GPO tab → Firefox. It is pre-filled with your company code.
Place the file
| OS | Path |
|---|---|
| Windows | C:\Program Files\Mozilla Firefox\distribution\policies.json |
| macOS | /Applications/Firefox.app/Contents/Resources/distribution/policies.json |
| Linux | /usr/lib/firefox/distribution/policies.json |
"SignatureRequired": false is required because the extension is not distributed through addons.mozilla.org. Without it, Firefox refuses to install the XPI.Deploy to all machines
Push the file using SCCM, PDQ Deploy, Ansible (copy module), or Intune shell script. Once in place, Firefox installs the extension automatically on next launch.
Firefox — Windows GPO
Manage Firefox via Active Directory Group Policy using Mozilla's ADMX templates.
Install Mozilla ADMX templates
Download the Mozilla policy templates and copy firefox.admx, mozilla.admx, and their .adml files to C:\Windows\PolicyDefinitions\.
Configure force-install
Navigate to Computer Configuration → Administrative Templates → Mozilla → Firefox → Extensions → Extensions to Install.
Enable the policy and add your XPI URL (copy from dashboard):
https://app.beaverbrowser.com/extension/download?companyCode={YOUR_CODE}&browser=firefoxDisable signature requirement
Navigate to Mozilla → Firefox and set Do not check signatures for extension installs (SignatureRequired) to Disabled.
SignatureRequired is not set to false, Firefox will show "could not be installed because it could not be verified".gpupdate /force
Verify in Firefox at about:policies — the extension install URL should appear under ExtensionsInstall.
Microsoft Intune (Edge / Chrome)
Option A — Pre-built export (recommended)
Option B — Manual configuration
In the Settings catalog, search for:
- Edge: Microsoft Edge › Extensions › Control which extensions are installed silently
- Chrome: Google Chrome › Extensions › Configure the list of force-installed apps
Enter the force-install entry from Settings → Deploy → Chrome/Edge tab. Policy propagates within 8 hours or trigger sync manually.
Troubleshooting
Extension shows as "blocked by policy"
The ExtensionInstallBlocklist policy contains a wildcard (*). Open chrome://policy and check for it. Add your Extension ID to ExtensionInstallAllowlist to permit it while keeping the blocklist.
Firefox: "could not be installed because it could not be verified"
Add "SignatureRequired": false to your policies.json or set the GPO key SignatureRequired to Disabled (see Section 05).
Extension installed but not registering in dashboard
The company code in the update URL does not match the one in your dashboard. Go to Settings, copy your company code, and verify it matches the URL configured in your GPO / Google Admin / Intune policy exactly (case-sensitive).
Navigator appears without employee email (shows as "Unknown")
The employee needs to be signed into Gmail or Outlook in the browser. For Google Workspace users, ensure the employee is signed into Chrome with their work account. For Microsoft 365 users, ensure Outlook Web App is open or the employee is signed into Edge with their work account.