What does the Codex Chrome extension do?

It lets Codex use Chrome for browser tasks that need signed-in browser state -- LinkedIn, Salesforce, Gmail, internal tools. OpenAI's announcement frames the workflows as debugging browser flows, checking dashboards, conducting research, and updating CRMs. The extension is available in the Codex app in all regions except EU and UK at launch, with support coming.

When should you use the Chrome extension versus the in-app browser?

Per the docs, use the in-app browser first for local dev servers, file-backed previews, and public pages that do not require sign-in. Use the Chrome extension when the task needs signed-in browser state (your LinkedIn, your Salesforce, your Gmail, your internal tools). For dedicated integrations, plugins are the right surface.

How do you set it up?

In the Codex app, open Plugins, add Chrome, install the extension when prompted, approve the requested permissions, and confirm the status reads Connected. You then invoke the browser surface with @Chrome in a prompt. The setup flow is in the official docs at developers.openai.com/codex/app/chrome-extension.

What permissions does the extension request?

Per the docs, permissions may include debugger, read/change data on websites, history, notifications, bookmarks, downloads, native app communication, and tab groups. Browser history access is scoped and prompts the user. OpenAI states it stores browser activity only when it becomes part of Codex context.

How does Codex decide which sites it can use?

By default Codex asks before each new website. You can configure allowlists and blocklists in Computer Use settings. There are elevated-risk options like 'always allow browser content' -- those are explicit opt-ins because they widen what Codex can do without per-site prompting.

Why is the EU and UK excluded at launch?

OpenAI's announcement says the Chrome extension is available in all regions except EU and UK at launch, with support coming. The post does not give a reason; regulatory and consent-flow review for browser-extension features in those regions is the most common cause of staggered rollouts of this kind. Treat the timing as 'announced, not committed' for EU/UK availability.

Codex Chrome Extension: How Codex Drives a Signed-In Browser for LinkedIn, Salesforce, Gmail, and Internal Tools

OpenAI shipped a Codex Chrome extension on May 7, 2026. From the official OpenAI announcement:

The Chrome extension expands what Codex can do for coding and work. Use it to debug browser flows, check dashboards, conduct research, update CRMs, and more.

The extension is available in the Codex app in all regions except EU and UK, with support for those regions coming. The detailed setup, permission, and policy surface lives in the official docs.

For context on Codex's broader push into general work, see our April writeup of Codex computer use, browser comment mode, and thread automations. For where this lands versus other computer-use agents, see Perplexity vs Codex vs Claude computer use.

Key Takeaways

Purpose: lets Codex use Chrome for tasks that need signed-in browser state -- LinkedIn, Salesforce, Gmail, internal tools.
In-app browser still exists. Use it first for local dev servers, file-backed previews, and public pages that do not require sign-in.
Plugins are the right surface for dedicated integrations. Chrome is the catch-all for arbitrary signed-in browser tasks.
Region availability: all regions except EU and UK at launch. EU/UK support announced as coming.
Setup is Codex > Plugins > Chrome > install extension > approve permissions > Connected.
Invoke with @Chrome in a prompt.
By default Codex asks before each new website. Allowlist/blocklist in Computer Use settings.
Elevated-risk options exist like "always allow browser content" -- opt-in only, because they widen what Codex can do without per-site prompting.

When the Extension Is the Right Surface

The docs draw a useful three-way line between Codex's browser surfaces:

Surface	Best for	Skip when
In-app browser	Local dev servers, file-backed previews, public pages with no sign-in	Task needs your real session for a third-party site
Chrome extension	LinkedIn, Salesforce, Gmail, internal tools, anything requiring signed-in state	A dedicated plugin already integrates that service
Plugins	Dedicated integrations with first-class API or UI surface	Task needs ad-hoc browser work not covered by an integration

If you ask "should I install the Chrome extension or use the in-app browser?", the answer is whether the task needs your logged-in session. Public docs and pre-prod dev servers do not. CRMs, mail clients, dashboards, and intranet tools do.

Setup Flow

The official setup steps:

In the Codex app, open Plugins.
Add Chrome.
Install the extension when prompted (Chrome Web Store install flow).
Approve the requested permissions.
Confirm the status in the Codex app reads Connected.

You then invoke the Chrome surface in a Codex prompt with @Chrome -- the same @-prefix convention Codex uses for plugins and other context handles.

Permissions

Permissions the extension may request, per the official docs:

Debugger -- low-level browser inspection (DOM, network, console).
Read and change data on websites -- the core capability for any browser-driving extension.
History -- scoped, with explicit prompts.
Notifications -- surface state changes back to the user.
Bookmarks -- read/write bookmark state.
Downloads -- handle file downloads triggered by browser work.
Native app communication -- bridge to the Codex native app.
Tab groups -- organize tabs across a session.

OpenAI states it stores browser activity only when it becomes part of Codex context. That's a narrower bar than blanket capture: routine page loads outside an active Codex task do not get persisted just because the extension is installed.

How Codex Decides Which Sites It Can Use

Three layers, from least to most permissive:

Default: ask before each new website. Codex prompts you the first time it wants to interact with a domain.
Allowlist / blocklist in Computer Use settings. Pre-approve domains you trust; pre-deny domains you don't want Codex on.
Elevated-risk options like "always allow browser content." Explicitly disable per-site prompting. This is opt-in because it widens what Codex can do unsupervised.

Browser history access is scoped and prompts -- it is not a one-time grant covering all future history reads.

How a Reader Uses This

Three concrete patterns where the Chrome extension is the right tool:

Pattern 1: CRM Update From an Email Thread

You're working with Codex on a deal-tracking task. The agent reads a thread in your Gmail, extracts a status update, and pushes it to your Salesforce. Neither side has a Codex plugin you'd want to set up for one-off work. The Chrome extension lets Codex drive both with your signed-in sessions.

Pattern 2: Dashboard Check Inside a Coding Session

You're debugging an issue and want Codex to check the production error-rate dashboard before deciding what to fix. The dashboard is on an internal SSO-gated tool. The in-app browser cannot sign in; the Chrome extension can.

Pattern 3: Research Across Logged-In Sources

You're researching prospects on LinkedIn and need to combine that with notes in your CRM. Codex with @Chrome can navigate logged-in LinkedIn pages and update CRM records in the same session, with your real account context.

When NOT to Use the Chrome Extension

Local dev work. The in-app browser is faster and doesn't need permission grants.
Public docs. No sign-in required; use the in-app browser.
Services with a dedicated plugin. Use the plugin -- it's a first-class integration.
Tasks where you don't want browser-side automation visible to the site. Some sites have ToS or security postures that don't permit extension-driven automation.

Region Availability

Region	At launch
United States and Canada	Available
Most of the rest of the world	Available
EU	Not available; support coming
UK	Not available; support coming

OpenAI did not state a target date for EU/UK availability. Treat "coming soon" as announced, not committed.

How This Fits Codex's Surface Expansion

The Chrome extension is one of several Codex surface additions over the last month:

April 16, 2026: Mac computer use, in-app browser comment mode, thread automations.
May 7, 2026: Codex CLI 0.129.0 (Vim composer, /hooks browser, plugins) -- and the Chrome extension announcement (this post).
May 9, 2026: Codex CLI 0.130.0 -- headless codex remote-control.

The pattern is consistent. Codex is being pushed into more places -- IDE, terminal, browser, mobile, headless service -- with one underlying agent and a shared permission/plugin model. The Chrome extension closes the gap on "what about my real, logged-in browser?"

Caveats and Open Questions

Permission scope is real. "Read and change data on websites" is a broad grant. Treat the extension like any other agentic browser tool -- review the allowlist/blocklist, do not enable "always allow browser content" lightly.
Region rollout uncertain. EU and UK availability is announced as coming. No timeline in the OpenAI post.
Storage policy is task-scoped. OpenAI states browser activity is stored only when it becomes part of Codex context. That's narrower than blanket capture, but verify your organization's policy if you're enabling the extension on a managed device.
Plugin vs. extension overlap. If a dedicated plugin exists for a service you need (Slack, GitHub, etc.), use that. The Chrome extension is the universal fallback, not a replacement for first-class integrations.

FAQ

See structured FAQ in the schema header for question-level details: what the extension does, when to use it versus the in-app browser, setup, permissions, site-access policy, and EU/UK availability.

Sources

OpenAI announcement (X): https://x.com/OpenAI/status/2052480804971028879 (May 7, 2026)
Official Chrome extension docs: https://developers.openai.com/codex/app/chrome-extension