Privent
  • Agent Security
  • Pricing
  • Docs
  • Blog
Privent

Agent Security for n8n workflows and AI Monitoring for enterprise AI usage, deployed in our cloud or fully on-prem.

GDPREU AI ActHIPAASOC 2SOC 2
Get your reportGet started

Product

  • Agent Security
  • Risk Report
  • Pricing
  • Use Cases

Integrations

  • n8n

Resources

  • Security
  • FAQ
  • Docs
  • Extension setup

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

Connect

  • LinkedIn
  • X / Twitter
  • Get started

© 2026 Privent Technologies, Inc. All rights reserved.

trust.privent.ai
Documentation

Extension Setup Guide

IT deployment steps for managed (force-install) and unmanaged deployment models.

On this pageOverviewManaged · Google WorkspaceManaged · Microsoft IntuneUnmanaged · ActivationVerificationTroubleshooting
01

Overview

What gets deployed, what permissions are needed, and what your employees will see.

What's deployed
  • –Chrome extension (Manifest V3)
  • –No background service or on-prem agent required
  • –Connects to Privent cloud API over HTTPS
Permissions required
  • –activeTab - reads prompt content on supported domains
  • –storage - stores activation token hash only
  • –No access to browser history or other sites
Employee experience
  • –Extension icon visible in Chrome toolbar
  • –No UI change on ChatGPT, Claude, or Gemini
  • –High-risk prompts show a brief inline notice

Enterprise (MDM) rollout: For managed Chrome / Edge, IT pushes a policy JSON into chrome.storage.managed with your organization's apiKey and deploymentGroupKey (from Dashboard → Settings → Keys & Distribution). The extension manifest includes a managed_schema so those keys validate against the published schema. Use the Deployment Models section below for Google Workspace and Microsoft Intune walkthroughs.

The extension never proxies or modifies network traffic. It operates entirely at the DOM level and communicates with Privent only through the service worker on supported GenAI domains.
02–04

Deployment Models

Choose the model that fits your environment. Managed is recommended for production rollouts.

Extension setup
Choose your deployment model and follow the guided steps.
Copied

Force-install the extension to Chrome via Google Workspace and attach a managed configuration.

  1. Open Google Admin Console at admin.google.com.
  2. Go to Devices → Chrome → Apps and extensions.
  3. Select the OU you want to protect.
  4. Add the Privent extension by ID and set it to Force install.
  5. Set the extension configuration with your org API key and deploymentGroupKey.
Managed configuration
Copied
{ "apiKey": "<org_api_key>", "deploymentGroupKey": "<deployment_group_key>" }
05

Verification

Confirm the extension is active and detection is flowing to your dashboard.

01
Check the extension icon

After installation, the Privent icon should appear in the Chrome extensions toolbar. A grey icon means inactive (not yet activated). A white icon means active.

02
Open a supported GenAI tool

Navigate to chat.openai.com, claude.ai, or gemini.google.com. The page should load normally - no visible change to the UI.

03
Send a test prompt

Type a prompt that contains a fake sensitive string - for example: "My SSN is 123-45-6789". Submit it. The extension should intercept and score it.

04
Verify in the admin dashboard

Within a few seconds, a new detection event should appear in your admin dashboard with a risk score, category (PII), and risk level (medium or high depending on your policy thresholds).

06

Troubleshooting

Common issues and how to resolve them.

Extension icon is grey after installation

The extension is installed but not activated. For managed deployments, verify the managed configuration JSON contains a valid apiKey and deploymentGroupKey. For unmanaged, ensure the user has clicked the activation link and completed the flow.

API key rejected on activation

Confirm the apiKey belongs to an active organization in the admin dashboard. API keys are scoped to a deployment group - ensure deploymentGroupKey matches the intended group for this rollout.

No events appearing in the dashboard

Check that the extension is active (white icon) on the supported GenAI domain. Confirm the browser allows the extension on the target domain. Review the service worker logs in Chrome DevTools → Extensions → Privent → Service Worker.

Extension active but prompts pass through unscored

Verify your organization policy thresholds in the admin dashboard. If both warnThreshold and blockThreshold are set to 1.0, all prompts will ALLOW. Lower thresholds to start seeing risk events.

Managed configuration not applying after push

Chrome may cache managed policies for up to 8 hours. Force a policy refresh with chrome://policy → Reload policies. For Intune, allow 24h for MDM sync to propagate.

Still stuck? Email us at hello@privent.ai with your Chrome version, extension version (visible in chrome://extensions), and a description of the issue.