Comment on page
AARI Extensions Enterprise IT Setup Guide
This guide is intended for Enterprise IT Administrators provisioning AARI Extensions within their organization.
Outbound hosts to allowlist from client devices:
- Automation Anywhere Control Room host
📧 Before configuring your Control Room in the Admin Console, contact PixieBrix support ([email protected]) to enable the static IP feature on your Control Room.
Firewall, port, and protocol requirements for Automation Anywhere deployment: Automation 360 Ports, protocols, and firewall requirements
The PixieBrix Web Service makes API calls to the Control Room API for syncing permissions and AARI Extensions. If you’re running your Control Room behind a firewall (e.g. inside a VPC) the, the firewall may block inbound traffic from the PixieBrix Web Service, causing the integration not to function

Error in Admin Console if the PixieBrix service cannot reach the Control Room
To fix this, you’ll need to allowlist incoming PixieBrix traffic in your firewall configuration. The PixieBrix platform provides a load-balanced pair of IP addresses so if one IP fails, traffic will automatically route through the second IP with health checks and automated failover. The PixieBrix static outbound IP addresses and ports are:
For detailed information on provisioning the Chrome Browser Extension to your organization, see: Broken link
Officially, AARI Extensions support the latest two versions of the Chrome Web Browser.
AARI Extension is also known to work on Microsoft Edge for most use cases. To confirm support for your use case, email [email protected]
Force install browser extension via Google Workspace, Group Policy, or your Enterprise Device Management policy:
- Display Name: PixieBrix
- Chrome Web Store ID:
mpjjildhmpddojocokjkgmlkkkfjnepo
Enterprise Browser Extensions are configured using Chrome’s managed storage feature. For end-users, set the following extension properties:
Name | Type | Value | Purpose |
---|---|---|---|
managedOrganizationId | REG_SZ (string) | The UUID of the PixieBrix tenant | Enforces association with a particular PixieBrix tenant |
partnerId | REG_SZ (string) | automation-anywhere | Applies Automation Anywhere branding and enforces Control Room authentication |
controlRoomUrl | REG_SZ (string) | URL (including scheme) of the Control Room to connect to | Pre-fills the controlRoomUrl for connecting the Automation Anywhere |
Locating the UUID of the PixieBrix tenant
The UUID of the PixieBrix tenant is in the URL path when the team is selected:

The team UUID in the URL
Windows
On Windows, use the registry to set the properties for the extension:
HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Google\\Chrome\\3rdparty\\extensions\\mpjjildhmpddojocokjkgmlkkkfjnepo\\policy
The initial AARI Extensions setup requires the Admin to login via Google, Microsoft, or email. After the initial setup, AARI users will login with Automation Anywhere using Automation Anywhere OAuth2 services support.
See Use AuthConfig App to enable OAuth2 services in the Automation Anywhere documentation portal for how to set up Login with Automation Anywhere
To enable Login with Google, ensure the following Google Client is in the allowlist:
- Display name: PixieBrix
- Client Id:
676864882630-tlp6gj33v5np4fp8fojr32n3m2l4m6lv.apps.googleusercontent.com
To enable Login with Microsoft, ensure the following Azure Application is in the allowlist:
- Display name: PixieBrix
- Application (client) ID:
add06cfe-a38f-443f-9572-dd92ec7ab06b
To enable login by email (magic link), ensure the following IP is in the allowlist:
- Domain:
pixiebrix.com
149.72.154.34
Additional security information on the Chrome Browser Extension is available in the Broken link article.
Last modified 23d ago