Chrome extension for exporting auth cookies to Plasmate.
One click. No dev tools.
Agents need authenticated access to sites like X, GitHub, and LinkedIn. But automated login triggers bot detection. The solution: you log in normally, then hand the cookies to Plasmate.
This extension makes that handoff instant.
- Navigate to a site and log in normally
- Click the Plasmate icon in the toolbar
- Auth cookies are pre-selected for known sites
- Click Push to Plasmate (or copy to clipboard as fallback)
The fastest way: run the Plasmate bridge server and cookies get pushed directly with one click. No copy-paste needed.
# Start the bridge server (runs on 127.0.0.1:9271)
plasmate auth serveWhen the bridge is running, the extension shows a green dot with the version number. Click Push to Plasmate and cookies are stored instantly with AES-256-GCM encryption.
When the bridge is offline, the extension shows "Bridge offline" and falls back to copying a CLI command to your clipboard.
The extension sends each cookie's expirationDate from Chrome's cookie API. Plasmate tracks expiry so you get warnings when cookies are about to expire:
# Check cookie status
plasmate auth list
# ✓ x.com (2 cookies) - valid
# ⚠ github.com (2 cookies) - expires soon
plasmate auth info x.com
# Domain: x.com
# Cookies: 2
# Encrypted: yes
# ct0 - ✓ valid (expires in 14 days)
# auth_token - ✓ valid (expires in 30 days)If you prefer not to run the bridge, the extension copies CLI commands to your clipboard:
Copy CLI:
plasmate auth set x.com --cookies "ct0=abc123; auth_token=xyz789"Copy JSON:
{
"domain": "x.com",
"cookies": {
"ct0": "abc123",
"auth_token": "xyz789"
},
"expiry": {
"ct0": 1742500000,
"auth_token": 1745000000
}
}Chrome Web Store listing coming soon. For now, install via developer mode.
- Clone this repo
- Open
chrome://extensions/ - Enable Developer mode (top right toggle)
- Click Load unpacked and select this directory
Pre-configured cookie recommendations for popular platforms:
| Site | Cookies |
|---|---|
| X / Twitter | ct0, auth_token |
| GitHub | user_session, __Host-user_session_same_site |
li_at, JSESSIONID |
|
reddit_session, token_v2 |
|
sessionid, csrftoken |
Every site works. These just get auto-selected for convenience.
- Permissions:
cookies,activeTab,host_permissions(needed for cross-domain cookie access in MV3) - Local only: the extension only communicates with
127.0.0.1:9271(the local Plasmate bridge). It never contacts any external server. - No storage: nothing persisted in the extension itself
- No analytics: no tracking, no telemetry
- Encrypted at rest: cookies pushed via the bridge are encrypted with AES-256-GCM before being written to disk
- Open source: read every line, it's ~200 lines of JS
- Plasmate - The browser engine for agents
- Auth profiles - Cookie persistence in Plasmate core
- OpenClaw Skill - Use Plasmate from OpenClaw agents
MPL-2.0 - Modifications to these files must stay open. Use freely in any project.
| Engine | plasmate - The browser engine for agents |
| MCP | plasmate-mcp - Claude Code, Cursor, Windsurf |
| Extension | plasmate-extension - Chrome cookie export |
| SDKs | Python / Node.js / Go / Rust |
| Frameworks | LangChain / CrewAI / AutoGen / Smolagents |
| Tools | Scrapy / Audit / A11y / GitHub Action |
| Resources | Awesome Plasmate / Notebooks / Benchmarks |
| Docs | docs.plasmate.app |
| W3C | Web Content Browser for AI Agents |