OpenAI Codex Chrome extension is now available, allowing you to log in and operate your computer.

OpenAI’s AI programming assistant Codex launched a Chrome extension on the 7th, allowing AI to operate on real accounts like Gmail, Salesforce, etc., on behalf of users while logged in.
(Background: Google Stitch open-source design system: DESIGN.md enables Claude Code, Codex, Antigravity to generate high-quality UI)
(Additional context: Harness Engineering (AI-driven engineering) beginner guide: OpenAI’s latest coding standards teach you how to easily reach Lv.1)

Table of Contents

Toggle

• What is the Chrome extension and how to use it
• Setting up Chrome via plugin (Plugins)
• The cost of authorization for login status and browsing history

OpenAI released the Codex Chrome extension simultaneously with CLI v0.129.0 on the 7th, enabling the AI programming assistant to operate directly within your real browser environment while you stay logged in, accessing Gmail, Salesforce, LinkedIn, or internal enterprise tools.

What is the Chrome extension and how to use it

Codex’s browser strategy consists of three layers: the built-in browser (in-app browser), external plugin integrations, and this time’s Chrome extension. Each has its own role.

The built-in browser handles local development servers (localhost), static file previews, and public pages that don’t require login. Its advantage is being isolated; all preview and validation work stays within Codex, without touching the user’s Chrome profile.

The Chrome extension fills in scenarios that the built-in browser cannot reach: websites requiring login status. After users add the Chrome plugin on the Codex Plugins page, they follow the prompts to complete installation and approve Chrome’s permission requests. Once the extension shows “Connected,” the setup is complete.

Setting up Chrome via plugin (Plugins)

In Codex, to set up the extension:

2. Open Codex and go to Plugins.
3. Add the Chrome plugin.
4. Follow the setup process. The system will guide you through installing or linking the Chrome extension and approving Chrome’s permission requests.
5. Open Chrome and confirm that the Codex extension shows as Connected.

After setting up the plugin, start a new Codex conversation. When a task requires access to a logged-in website, Codex will proactively suggest switching to Chrome. You can also invoke it directly in prompts:

Once setup is complete, open a new Codex thread. When the task needs login status, Codex will suggest switching to Chrome. Users can also call it directly in prompts, e.g., “@Chrome open Salesforce and update the account from these call notes.”

OpenAI emphasizes in their official documentation that these three tools can be switched based on task needs: prioritize the plugin when available, switch to Chrome when login is required, and use the built-in browser for local development and static pages.

The cost of authorization for login status and browsing history

The permissions list for installing the Chrome extension includes:

• Access to page debugging tools
• Read and change all data on all websites
• Read and change browsing history on all logged-in devices
• Show notifications, read and change bookmarks, manage downloads
• Communicate with native applications
• View and manage tab groups

“Read and change all data on all websites” is the most extensive permission, covering user actions and input content across all sites.

OpenAI states that before accessing any new website, Codex will ask for user confirmation, displaying prompts based on the website’s hostname. Users can choose “Allow for this session,” “Always allow this host,” or “Deny.” The Computer Use settings also include whitelist and blacklist management for fine-grained control over domains.

The documentation also reveals two options marked as “Elevated Risk”: “Always allow browser content,” which bypasses all website prompts, and “Browsing history,” which allows Codex to read history for context. However, OpenAI warns that malicious or misleading pages may increase the risk of data being copied to unintended locations.

Regarding data retention, OpenAI states they do not store full Chrome activity logs separately. They only store data when browser activity becomes part of a Codex task context, including text read from pages, screenshots, tool calls, summaries, or other thread content.

In other words, what Codex reads or captures screenshots of will be stored in OpenAI’s system. This is different from not storing browsing history altogether.