Handle SPA-heavy apps
Use Sidekar more effectively on apps like Gmail and Google Docs where the interface keeps shifting inside a long-lived client-side shell.
Add stronger in-page control for Gmail, Docs, and other SPA-heavy sites.
The Sidekar Chrome extension adds an in-page bridge for the web apps that push past plain browser automation. Use it for the harder cases, not as the default path for every site.
01
Install Sidekar
Run curl -fsSL https://sidekar.dev/install | sh.
02
Log in locally
sidekar device login stores the CLI device token and installs the native messaging host.
03
Install the extension
Add the Sidekar Chrome extension and sign in from the popup with GitHub.
04
Use sidekar ext
Your local Sidekar bridge connects the CLI and the extension, and your agent can work with your normal Chrome profile.
What it does
Why the extension exists
CDP is enough for a lot of browser automation. The extension is for the cases where an in-page bridge is more reliable: rich editors, dense client-side UIs, and apps that keep most of their behavior inside the page.
Keep local control
The extension talks to a local bridge on 127.0.0.1. It is not a hosted browser service.
Use your signed-in browser state
Work inside the browser you already use instead of recreating cookies, sessions, and app state in a separate automation environment.
Keep CDP as the default
The extension is an extra layer for specific sites. Most browser work should still run through Sidekar’s normal browser commands.
Permissions
Why it needs native messaging and broad host access
The extension needs native messaging to talk to the local Sidekar process and broad host access because agents may need to act on any page you explicitly direct them to.
Native messaging
Used to start or discover the local Sidekar bridge and communicate with the Sidekar binary on your machine.
Host permissions
Needed because the agent may need to automate any site you choose. The extension is inactive until Sidekar sends a command.
No autonomous browsing
The extension does not crawl the web, collect analytics, or act unless a local Sidekar command tells it to.
Local-first data path
Page reads, clicks, typing, and screenshots are driven from your local machine. The website is for auth, dashboards, and account-level services.
FAQ
What people will ask first
This page covers the first questions people ask before they trust a local browser bridge.
Does the extension send my browsing data to Sidekar servers?
No. The extension talks to a local bridge on your machine. Hosted services are used for authentication, dashboard features, and relay sessions, not for the browser bridge itself.
Why do I need both CLI login and extension sign-in?
The CLI login identifies the local Sidekar device. The extension sign-in identifies the browser user. The local bridge verifies that they belong to the same account.
What happens if I do not install the extension?
Sidekar still supports browser automation through direct CDP. Skip the extension unless the site really benefits from the in-page bridge.