Best practices for extension developers

This article is for Chrome Enterprise developers creating Chrome extensions for users.

If you’re creating extensions and publishing them through the Chrome Web Store, follow these Chrome extension development guidelines. The recommendations apply to extensions you publish for any user on the web (publicly) and users in your own organization only (privately).

Use group publishing

Use the group publisher in Chrome Web Store to manage the set of extension owners.

  • Keep the group private to only those who should publish the extension.
  • If you can’t use the group publishing, use company email accounts to publish enterprise extensions. To avoid difficulties if an email address owner leaves your company, do not use personal email addresses to publish enterprise extensions.
  • Do not filter email sent to the group. Have a person in your company read it. This way, you won’t miss updates or warnings about take-downs if your extension is flagged for a violation.

For instructions, read Set up group publishing.

Protect accounts that modify extensions

Prevent targeted attacks. Don’t let attackers hijack your extension and push malware to your users:

  • Set up strong 2-Factor Authentication with a security key on accounts. Learn more
  • Use the Advanced Protection Program. Learn more

Stay compliant and up to date

Keep your extension code paths up to date and ensure you adhere to the current security and privacy requirements. Monitor new Chrome releases.

  • Regularly read the Developer Guide. Learn more
  • Review the Chrome Enterprise release notes. Learn more

Create a rule that gives higher priority to emails with subjects with "Announcement:" from @chromium.org addresses. Monitor general extensions platform updates. Also, identify breaking changes and regressions before they reach your users by developing and testing extensions in both the Chrome Stable and Canary channels.

  • Subscribe to the Chromium Extensions Google Group. Learn more
  • Develop in the Chrome Canary channel. Learn more
Was this helpful?
How can we improve it?