Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.nusomi.com/llms.txt

Use this file to discover all available pages before exploring further.

The browser extension captures whatever the user does in a tab — URLs, clicks, form fills, validation errors, network metadata — with the DOM as the source of truth. It runs without screenshots if you ask it to, since the DOM alone is enough for most browser workflows.

Install

BrowserLink
Chrome / Brave / ArcChrome Web Store
EdgeMicrosoft Edge Add-ons
SafariSafari Extensions
FirefoxComing soon
For enterprise managed deployment: 
// Chrome managed policy
{
  "ExtensionInstallForcelist": [
    "<extension-id>;https://clients2.google.com/service/update2/crx"
  ],
  "ExtensionSettings": {
    "<extension-id>": {
      "installation_mode": "force_installed",
      "runtime_blocked_hosts": ["https://*.bank.example.com"]
    }
  }
}
runtime_blocked_hosts is enforced by Chrome itself and is the recommended way to keep the extension off sensitive domains.

What gets captured

LayerDefaultNotes
URL + page titlePer navigation
Click targetsDOM selector + bounding box
Form inputField name + value (subject to masking)
Network metadataURL, method, status — not request/response bodies
DOM snapshotsTrimmed; CSS is captured as a hash, not inlined
ScreenshotsoptionalOff by default; flip on per-workflow
Console logsoptionalOff by default
Browser cookiesnever

Domain allowlisting

By default the extension records on no domains. You opt domains in via the workspace dashboard or the workflow config: 
# nusomi.workflow.yaml
workflow: process_invoice
capture:
  browser:
    domains:
      - "*.salesforce.com"
      - "internal-app.acme.com"
    record_screenshots: true
    record_console: false
Operators can also flip recording on per-tab from the extension popup, but workflow-level config wins on conflicts.

Identifying the user

The extension does not require login. It picks up the workspace API key from one of:
  1. A managed-policy preset (recommended for enterprise).
  2. A one-time install code shown in the dashboard.
  3. SSO via the workspace’s IdP.
// Managed policy preset
{
  "NusomiApiKey": "nsk_live_...",
  "NusomiWorkspaceId": "ws_..."
}

DOM snapshot details

Snapshots are taken at every event. To keep them small:
  • Inline styles are kept; external CSS is hashed.
  • Images are referenced by URL, not embedded.
  • <script> content is dropped.
  • Repeated subtrees (e.g. table rows) are deduped.
A typical snapshot is 5–40 KB. For UIs that exceed 200 KB the extension switches to a delta-encoded snapshot relative to the previous one.

Replay against the DOM

The big advantage of capturing the DOM is that exact replay can target stable selectors instead of pixel coordinates. When a button moves, exact replay still finds it. When the markup changes structurally, replay falls back to guided mode automatically.

Limitations

  • Cross-origin iframes without explicit permissions: the extension records the parent frame’s events but cannot read inside the iframe. Workflows inside Stripe or DocuSign iframes will see “click in iframe” but not the click target. Switching to desktop capture gets you the visual ground truth.
  • <canvas>-heavy apps (Figma, AutoCAD on the web): the DOM is empty — only screenshots are useful. Enable record_screenshots: true.
  • PDFs in tab: captured as the embedded viewer’s frames, not as PDF text.

Privacy controls

The extension popup exposes:
  • A pause toggle.
  • A redact this field action — right-click any input to mark it sensitive for the rest of the session.
  • A delete recent recording action for sessions younger than 5 minutes.