Are there clients available or does this work solely via the browser plugin?

Ovidiu · August 14, 2018, 9:34am

Sorry for the possibly basic question but are there clients available or does passbolt work solely as a browser extension?

Also, what browsers are supported?

diego · August 16, 2018, 9:03am

Hi @Ovidiu

Passbolt works mainly with a browser extension that supports firefox and chrome. There is an official CLI client and thanks to Liip people there is a python CLI client

Ovidiu · August 20, 2018, 9:51am

Thanks for clarifying.

upperlimit · December 26, 2025, 1:10pm

The CLI Client is now marked as read-only.

Sadly, we cannot make use of passbolt in a enterprise space because where download of browser plugins is blocked.

Are there any plans to create a client that does not rely on a browser plugin ?

AnatomicJC · December 26, 2025, 10:10pm

Hi,

The official CLI client is now this one written in golang:

https://github.com/passbolt/go-passbolt-cli

upperlimit · December 26, 2025, 11:42pm

Thanks.

These is a command line tool though.

I should have made myself more clear.

What I am interested in is a UI tool instead, to replace the browser pages because they make use of the browser plugin which is often blocked in enterprise spaces.

The tool is great but useless in enterprise spaces with strong security measures.

AnatomicJC · December 27, 2025, 8:32am

Hum I understand, you also have a Windows app: https://github.com/passbolt/passbolt-windows

But the recommanded way is to install it through Windows store who is probably blocked in your company

I let the team answers to you regarding this point.

upperlimit · December 27, 2025, 11:33am

Thanks.

Just to confirm, your suspicion is correct, Windows store is also blocked in enterprise spaces with strong security measures, including the one I work for.

In our studies we have discovered that “passbolt” seems to be the only tool that satisfies our requirements, but unfortunately it is not usable due to our security restrictions, which include browser plugins, Windows store, executable files downloading , MSI files downloading and executable files extraction from archive files.

AnatomicJC · December 27, 2025, 12:41pm

You can send an email at support@passbolt.com I guess the team will propose you a solution for your restricted air-gapped environment

gyaresu · December 29, 2025, 1:20am

G’day upperlimit.

The browser extension is indeed the ‘application’ which handles UI logic as well as the OpenPGP keys that makes passbolt so secure. The Windows application is effectively the browser extension in some Windows UI wrapping.

Is there a reason you can’t audit, build, and distribute the browser extension or Windows application from source via your organisation’s approved methods?
Separate browser profiles are required for isolation with passbolt so you could keep the extension in a separate profile that didn’t interact with any other browser profiles.
https://github.com/passbolt/passbolt_browser_extension?tab=readme-ov-file#quick-bundling-the-buildall-source

“The tool is great but useless in enterprise spaces with strong security measures.”
If you can tell me which Enterprise software deployment method you’re using I’d be happy to address any legitimate concerns.

Cheers
Gareth

upperlimit · December 29, 2025, 12:10pm

Thanks.

Either the browser plugin or the windows application would be suitable deployment methods for us.

Unfortunately, as I mentioned, both are blocked in our enterprise environment.

I am afraid that getting an exemption would be very difficult, if not impossible.

Keep in mind that MSI packages and executable file downloads are also blocked in our enterprise environment.

Assuming we cannot get an exemption, I am afraid we may have to build the windows application from source after all, even though it is more demanding , cumbersome and a rather discouraged practice.

The ideal situation would be browser access without need for a browser extension but I understand the reasons.
Would such an option be possible from your end?

gyaresu · December 29, 2025, 10:46pm

Good morning upperlimit.

A browser with no extension is not (currently) possible because passbolt uses OpenPGP cryptography to address many of the Guiding principles you’ll see on page 7 of the white paper I link below. As such you need a client that can handle GPG keys.

Passbolt’s Security White Paper:
https://www.passbolt.com/docs/files/security_white_paper_-_passbolt_pro_edition_v5.4_-_(august_2025_-_rev9).pdf (pdf)

I’m familiar with enterprise environments but what you explain sounds more like an isolated and dedicated machine. Perhaps a Windows OS running a single specific application controlling physical machinery rather than a workstation?
For such a device it may be more practical to use a mobile device with the passbolt app.

For typical enterprise fleets, any app deployed by the Windows App store would typically be assessed alongside all the other productivity apps a modern workstation requires for it to be a functional tool.
This would normally be done with application whitelisting or an enterprise app catalog.

Let me know if I’m not addressing the issue you’re raising and I’m happy to try and help.

Cheers
Gareth

upperlimit · December 30, 2025, 12:39am

Thanks @gyaresu

I am afraid our personal machines are strongly controlled by security software, blocking extensions , downloads of MSI packages , download of executable files and the Microsoft Store.

Since standard browser access is not possible, I can only request an exemption or whitelisting , in hope that our security teams will approve it.