User/Device Identity for enterprise chrome extension via Chrome Browser Cloud Management

162 views
Skip to first unread message

Jane Jones

unread,
Aug 19, 2024, 4:28:40 AM8/19/24
to Chromium Extensions

Hello!

We are building an enterprise browser extension and it will be deployed via Chrome Browser Cloud Management on Windows/MacOS/Linux Devices.

How can we gather the user identity or the device identifier, such that the extension can use it for further communication with our API services?

In case of managed devices, where the extension is deployed via GPO, we have the option to populate the registry/managed policy and retrieve the information via managed storage. However, in case of Chrome Browser Cloud Management, how can we get this information on the extension.

The extension API "chrome.enterprise.deviceAttributes" seems to be way, but it says it is only available for ChromeOS, does it work for Windows and other devices?

We have tried:

  • Using chrome.enterprise.deviceAttributes, however, it didn't work, We are not fully sure if there was an issue in our code or the API is not available on Windows/MacOS/Linux as the web page says its only available on ChromeOS.

  • Using Custom configurations on the Chrome Browser Cloud Management to add the relevant properties inside the managed storage, but it threw the error "The following policies are invalid: 3rdparty".


Regards, 
Jane

Patrick Kettner

unread,
Aug 21, 2024, 11:46:08 PM8/21/24
to Jane Jones, Chromium Extensions
Hi Jane!

> How can we gather the user identity or the device identifier, such that the extension can use it for further communication with our API services?

chrome.identity has a few options - chrome.identity.getAuthToken if you have an oauth token associated with your service. There is also chrome.identity.getProfileUserInfo, which would give you the email address of the currently logged in user - if this is only being used in a managed device environment, this would be populated. 

> The extension API "chrome.enterprise.deviceAttributes" seems to be way, but it says it is only available for ChromeOS, does it work for Windows and other devices?

No, as you pointed out the doc mention it is ChromeOS only, and the docs are correct.

> Using Custom configurations on the Chrome Browser Cloud Management to add the relevant properties inside the managed storage, but it threw the error "The following policies are invalid: 3rdparty".

Would you be able to share more on this? What threw the error where?

--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/683d9bb4-c605-463a-87ac-6c1e5f80a2f8n%40chromium.org.

Ryan Guilbault

unread,
Aug 22, 2024, 10:23:31 AM8/22/24
to Chromium Extensions, Patrick Kettner, Chromium Extensions, Jane Jones
fwiw, my organization faced the same requirement, and we filled the gap with a native messaging host that could run native code to reconcile device identifiers. unless there have been changes or relaxations, I remember reading about the philosophical stance against fingerprinting users to preserve the anonymity of web browsing. device identification runs counter to that, though for corporate use cases, it's often crucial information. we found a way to bridge that gap, but it required us to build the solution ourselves.
Reply all
Reply to author
Forward
0 new messages