Firefox Managed Deployment

Updated: May 25, 2026

Integrations AI Logging Employee Logs Logging Integrations AI Integrations Workforce

Deploy the FireTail AI Monitor extension to Firefox across your organisation with managed configuration, so end users never interact with credentials directly.

If you are deploying the browser extension from the XPI file below, follow the steps for manual deployment below to find the Firefox extension ID. Otherwise, the Firefox extension ID is firetail-ai-monitor@firetail.app.

Firefox Download for Firefox

Configuration reference

Key Type Required Description
firetailProjectToken string Yes FireTail project token. How to generate a project token
firetailAPIRegion string Yes The region of the FireTail SaaS to use: eu or us

macOS - Manual Deployment

  1. Download the XPI file above.
  2. Visit about://addons/ and click the settings icon.
  3. Click Install Add-On from file, then select the XPI file.
  4. Locate the ID for the FireTail Firefox extension.
  5. Create a new file and paste in the plist fragment below.
    • Replace <FIREFOX_EXTENSION_ID> and <REGION> with your values.
    • Generate two UUIDs and replace both instances of <GENERATED_UUID>.
    • Save as firefox-firetail.mobileconfig.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
  "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>PayloadType</key>        <string>Configuration</string>
    <key>PayloadVersion</key>     <integer>1</integer>
    <key>PayloadScope</key>       <string>System</string>
    <key>PayloadIdentifier</key>  <string>com.firetail.firefox.policy</string>
    <key>PayloadUUID</key>        <string><GENERATED_UUID></string>
    <key>PayloadDisplayName</key> <string>Firetail Firefox Extension Policy</string>
    <key>PayloadContent</key>
    <array>
      <dict>
        <key>PayloadType</key>        <string>com.apple.ManagedClient.preferences</string>
        <key>PayloadVersion</key>     <integer>1</integer>
        <key>PayloadIdentifier</key>  <string>com.firetail.firefox.mcx</string>
        <key>PayloadUUID</key>        <string><GENERATED_UUID></string>
        <key>PayloadEnabled</key>     <true/>
        <key>PayloadContent</key>
        <dict>
          <key>org.mozilla.firefox</key>
          <dict>
            <key>Forced</key>
            <array>
              <dict>
                <key>mcx_preference_settings</key>
                <dict>
                  <key>EnterprisePoliciesEnabled</key>
                  <true/>
                  <key>3rdparty</key>
                  <dict>
                    <key>Extensions</key>
                    <dict>
                      <key><FIREFOX_EXTENSION_ID></key>
                      <dict>
                        <key>firetailAPIRegion</key>
                        <string><REGION></string>
                      </dict>
                    </dict>
                  </dict>
                </dict>
              </dict>
            </array>
          </dict>
        </dict>
      </dict>
    </array>
  </dict>
</plist>
  1. Open a terminal and run the following command to ensure a clean installation: sudo profiles remove -identifier com.firetail.firefox.extension.
  2. Open firefox-firetail.mobileconfig to install the FireTail Firefox Extension Policy.
    • You may be prompted to open System Settings to approve and complete installation.
  3. Run the following commands in a terminal, then reopen Firefox:
sudo killall cfprefsd
sudo killall firefox

Windows - Intune (Enterprise Policy)

  1. Download the Firefox ADMX templates from Mozilla.
  2. In Intune, go to Devices -> Configuration profiles -> Create -> Windows 10 and later -> Imported Administrative Templates, and upload firefox.admx and firefox.adml.
  3. Set the 3rd Party Extension Settings policy:
{
  "firetail-ai-monitor@firetail.app": {
    "firetailProjectToken": "<PROJECT_TOKEN>",
    "firetailAPIRegion": "<REGION>"
  }
}
  1. Set the Extension Settings policy to force-install the extension:
{
  "firetail-ai-monitor@firetail.app": {
    "installation_mode": "force_installed",
    "install_url": "https://addons.mozilla.org/firefox/downloads/latest/firetail-ai-monitor/latest.xpi"
  }
}
  1. Assign the profile to your device or user groups and sync.

Windows - Group Policy

  1. Install the Firefox ADMX templates on your domain controller:
Copy-Item firefox.admx "C:\Windows\PolicyDefinitions\"
Copy-Item en-US\firefox.adml "C:\Windows\PolicyDefinitions\en-US\"
  1. In Group Policy Management Console, create or edit a GPO for your target OU and navigate to: Computer Configuration -> Administrative Templates -> Mozilla -> Firefox
  2. Configure 3rd Party Extension Settings with the credential payload.
  3. Configure Extension Settings to force-install the extension.
  4. Run gpupdate /force on a test device and restart Firefox.

All platforms - Managed Storage Native Manifest

Deploy a JSON file to a system-protected location. Firefox reads this at startup and populates browser.storage.managed. The file should not be modifiable by standard users.

Create a file named firetail-ai-monitor@firetail.app.json:

{
  "name": "firetail-ai-monitor@firetail.app",
  "description": "FireTail AI Monitor managed configuration",
  "type": "storage",
  "data": {
    "firetailProjectToken": "<PROJECT_TOKEN>",
    "firetailAPIRegion": "<REGION>"
  }
}

Place the file in the appropriate system-protected directory:

OS Path
Windows C:\ProgramData\Mozilla\ManagedStorage\
macOS /Library/Application Support/Mozilla/ManagedStorage/
Linux /etc/firefox/policies/managed/

On macOS and Linux, set file permissions to root:root / 0644.

Windows - Intune PowerShell script

$path = "C:\ProgramData\Mozilla\ManagedStorage\firetail-ai-monitor@firetail.app.json"
New-Item -ItemType Directory -Force -Path (Split-Path $path) | Out-Null
@{
    name        = "firetail-ai-monitor@firetail.app"
    description = "FireTail AI Monitor managed configuration"
    type        = "storage"
    data        = @{
        firetailProjectToken = "<PROJECT_TOKEN>"
      firetailAPIRegion    = "<REGION>"
    }
} | ConvertTo-Json -Depth 3 | Set-Content -Path $path -Force

macOS - Jamf Pro script

MANIFEST="/Library/Application Support/Mozilla/ManagedStorage/firetail-ai-monitor@firetail.app.json"
mkdir -p "$(dirname "$MANIFEST")"
cat > "$MANIFEST" <<'EOF'
{
  "name": "firetail-ai-monitor@firetail.app",
  "description": "FireTail AI Monitor managed configuration",
  "type": "storage",
  "data": {
    "firetailProjectToken": "<PROJECT_TOKEN>",
    "firetailAPIRegion": "<REGION>"
  }
}
EOF
chown root:wheel "$MANIFEST"
chmod 644 "$MANIFEST"

Verifying the deployment

  1. Open about:policies in Firefox — the FireTail policy should be listed.
  2. In the browser console, run:
browser.storage.managed.get().then(console.log)

You should see the exact payload you deployed. Note that browser.storage.managed.set() will throw an error — managed storage is intentionally read-only.

  1. Interact with an AI provider and confirm events appear in the FireTail platform.

Need help?

Contact FireTail support