Skip to content
Claresia Docs

Browser extension

The Claresia browser extension lets end users invoke skills anywhere — on their CRM, ticketing, code review, anywhere on the web. It opens a sidebar with the user’s @claresia picker; the skill runs inline, the response appears in the sidebar, and the Hub record is logged with the page URL as context.

Supported browsers

Section titled “Supported browsers”
BrowserDistribution channelStatus
Microsoft EdgeEdge Add-ons + Intune managed-storageGA
Google ChromeChrome Web Store + Workspace forced-installGA
Mozilla FirefoxFirefox Add-onsBeta (Q3 2026 GA)
SafariSafari App Extension via Mac App StorePlanned (Q4 2026)

Install paths

Section titled “Install paths”

Self-install (individual users)

Section titled “Self-install (individual users)”
  • Edge: search “Claresia” in Edge Add-ons
  • Chrome: search “Claresia” in Chrome Web Store

After install, the user signs in with their corporate SSO (the IdP you wired in Identity → Overview).

Section titled “IT-managed install (recommended for enterprise)”
  • Edge: push via Microsoft Intune managed-storage policy
  • Chrome: push via Google Workspace Chrome Browser Cloud Management
  • Both methods set the tenant_slug automatically — no per-user signin configuration required

Configuration policy (managed-storage JSON):

{
  "ClaresiaTenantSlug": "dainese",
  "ClaresiaIdpHint": "azure-ad",
  "ClaresiaSidebarPosition": "right",
  "ClaresiaAutoOpenOn": ["app.claresia.com", "claude.ai", "copilot.microsoft.com"]
}

Permissions requested

Section titled “Permissions requested”
PermissionWhy
activeTabRead the URL + page title for skill context (no DOM scraping)
storageCache the user’s archetype + skill picker locally (LRU, 24h)
cookies for claresia.com onlyMaintain SSO session
Host permissions: *.claresia.com onlyAPI calls to Claresia

The extension does not request:

  • Page DOM access (Claresia doesn’t scrape your CRM, your Jira, your code)
  • All-hosts permission
  • Tab-history permission
  • Cookies for non-Claresia domains
Section titled “Sidebar UI”
┌────────────────────────────────────────┐
│ Claresia · Marco Mazzolin               │
│ Firmware Engineer · L1 (60%)            │
├────────────────────────────────────────┤
│ Search skills…                          │
│                                         │
│ Recently used:                          │
│  • gatespic.incident-postmortem         │
│  • steve.prd-review                     │
│                                         │
│ Suggested for this page:                │
│  • gatespic.firmware-changelog-qa       │
│    (you're on JIRA — try this)          │
│                                         │
│ All skills (15):                        │
│  Boss        ▶                          │
│  Gatespic    ▶                          │
│  Steve       ▶                          │
│  Forge       ▶                          │
└────────────────────────────────────────┘

Page-context skill suggestions

Section titled “Page-context skill suggestions”

The extension reads the URL (and page <title>) to suggest contextually relevant skills. No DOM scraping. No content read.

Example suggestions:

  • On a JIRA issue page → gatespic.firmware-changelog-qa, steve.acceptance-criteria-gen
  • On a Salesforce opportunity → sailford.deal-summary, sailford.competitive-battlecard
  • On a GitHub PR → steve.prd-review, gatespic.change-risk-review
  • On an Outlook email → boss.one-on-one-prep (for emails to/from a direct report)

The mapping URL → suggested skills is configured per-tenant in Command Center → Surfaces → Browser Extension → Page-context rules.

Skill invocation flow

Section titled “Skill invocation flow”
  1. User clicks a skill in the sidebar
  2. Extension opens an Adaptive Card-equivalent params form
  3. User submits → extension POSTs to Claresia API
  4. API routes to the user’s connected LLM platform → runs the skill
  5. Response streams back into the sidebar (Markdown rendering)
  6. Standard footer with cost, latency, “View record” link
  7. Hub record logged with context_url = current tab URL

Authentication

Section titled “Authentication”

SSO via the IdP wired in Identity setup. The extension uses OAuth Authorization Code with PKCE — the IdP token is exchanged for a Claresia JWT, stored in the extension’s encrypted storage area.

If your tenant requires MFA, the user completes it once per session via a popup window; subsequent invocations within the session window run silently.

Mode C considerations

Section titled “Mode C considerations”

The extension communicates with Claresia Cloud for the skill picker + the LLM proxy, but the Hub write goes directly to your customer-cloud Hub endpoint (via mTLS, certificate provisioned to the extension via managed-storage policy).

In Mode C, the extension policy must include:

{
  "ClaresiaHubEndpoint": "https://hub-api.claresia.dainese.cloud",
  "ClaresiaHubMtlsCertId": "policy-managed:dainese-mtls-cert-2026"
}

Common gotchas

Section titled “Common gotchas”
SymptomCauseFix
Sidebar not appearingExtension not enabled in private windowsEdit extension settings → “Allow in InPrivate / Incognito”
Sign in failedOAuth redirect URI mismatch (managed-storage policy stale)Re-deploy policy from Intune / Workspace
Tenant not foundClaresiaTenantSlug typo in policyRe-check policy JSON, re-deploy
Skills don’t appearUser not yet provisioned in tenantWait for SCIM sync (60s); then refresh sidebar
Page-context suggestions wrongStale rules cacheClick sidebar header → Refresh (forces rule re-fetch)

Reference

Section titled “Reference”