Is it possible to create a Chrome Extension for private distribution outside Chrome Web Store?

Question

We have a Chrome Extension application that we have developed and would like to distribute it only a limited number of internal users.

This would be a private app, but t

Answer 1

Yes, you can. You need to create the crx file through the google chrome "Extensions" page (visit: chrome://extensions/ NOTE: You cannot click the link you have to manually copy and paste it, chrome does not allow you to visit the link from href)

On the Extensions page, check the box "developer mode", choose "pack extension".

Now you get the following popup. Click "browse" for the Extension root directory and navigate to the folder containing your extension (the folder containing manifest.json).

The first time you do this, ignore private key file. It will generate one for you automatically and save it to the same folder.

When you release a new version of the extension, use the generated private key file. This way for someone to update the extension, it won't ask for permissions again.

---

TO INSTALL

• To install the extension, just get each user to manually drag the newly created extension crx into the Extensions page (chrome://extensions/).
• The first time it will ask for permissions just like when installing from the Chrome Web Store.
• For each new version, as long as you used the same private key file for each new version, users just drag the new version into the Extensions page the same way except they won't be asked for permissions again. It will just update the extension.

---

WARNINGS:

• Beware the way you distribute the extension crx file. When user downloads the extension .crx file in Google Chrome, it will think you're trying to install the extension from that page, and come up a warning "couldn't be installed from this site". You need to make sure that users know to ignore the error, and check their downloads folder for the extension to manually install it.
• Whenever you download the .crx file, Chrome will give the user a warning saying it might contain a virus. There is no way around this. Even if you zip up the file, Chrome will read the contents and give the same warning. Some users won't install because of this. A workaround is to rename the .crx to something else, like .RENAME_TO_CRX, but this is a hassle and a lot of users either won't want to or won't be able to figure it out.
• You can't update the extension automatically. It's just not possible because Chrome manually blocked this capability.

---

NOTE: Another way would be to release it on the Chrome Store, but only for certain users (not public). Only people with the link could install, OR you could make it only certain people can install and even if you had the link but weren't part of the group, they couldn't view the extension. Only problem here is if you don't want Google to see the extension.

Answer 2

You use the Chrome Web Store. 2 options are available:

1. Share an unlisted Chrome extension from the Chrome Web Store (anyone with the link will be able to install it)
2. Chrome customers using G Suite or Education can use the Chrome Web Store to host private apps restricted only to their users on the same domain.

See https://support.google.com/chrome/a/answer/2663860

---

Update 2016-05-20: From https://support.google.com/chrome/a/answer/2663860?hl=en

Chrome customers using Google Apps for Work or Education can use the Chrome Web Store to host private apps restricted only to their users or people who you share a direct link to the app with. Users from the same Chrome domain will see their organization's private apps in a private collection in the Chrome Web Store.

Update 2015-10-27: Google has updated installation policies in attempt to curb malicious extension activity on Windows. On the chrome extension hosting page:

Warning: As of Chrome 33, Windows users can only download extensions hosted in the Chrome Web store, except for installs via enterprise policy or developer mode (see Protecting Windows users from malicious extensions). As of Chrome 44, no external installs are allowed from a path to a local .crx on Mac (see Continuing to protect Chrome users from malicious extensions).

With the latest versions of Google Chrome, users are no longer going to be able to just click a download link and have it install with the correct HTTP headers. This leaves you with 4 possible options:

• user downloads extension and then drags the file into the extension management page (This no longer works on Windows per update note)
• change registry settings on users computers
• user downloads extension source folder and loads extension from source in the extension management page
• Re-enable extension installs with command-line flag as suggested by Rob W

I have created and distributed several different Google Chrome extensions privately within my company and went with the first option. It is an extra step for the users but it wasn't a big deal. The users did not have to have developer mode enabled in their Chrome browser for this to work.

Answer 3

If you use Google Apps, it appears there's now a way to publish apps and extensions to the Chrome Web Store, but only make it visible to users of that domain.

https://support.google.com/chrome/a/answer/2663860?hl=en

Answer 4

Since its internal, could you change registry settings on their computers?
Because if so, you can use them to allow easy install of extensions from outside the web store or force install extensions on their machine.
Look here....
http://www.chromium.org/administrators/policy-templates
http://www.chromium.org/administrators/policy-list-3#ExtensionInstallSources http://www.chromium.org/administrators/policy-list-3#ExtensionInstallForcelist