OpenErrand gives your product a safe, auditable way to run actions inside your users' own browsers — log in somewhere, fill a form, upload a file, pull a report. One SDK call; their credentials never leave their device.
✓ Built to Chrome Web Store standards·Apache-2.0·No remote code
// Run an action in your user's real browser. One call. const run = client.run({ url, userId: "alex", playbookId: "acme.upload-report" }); for await (const s of run) render(s.phase); // live status const result = await run; // the result
Your app needs to do something on a site that has no API — for your user, in their session. OpenErrand is the safe way to run it. You keep the UI and the intelligence; you never hold their credentials.
Third-party portals, dashboards, internal tools, legacy web apps — anywhere a person logs in and does something by hand. If they can do it in a browser, your product can run it for them.
Actions run in your user's own logged-in session. Logins are encrypted on their device and go straight to the destination site — never through your servers or ours.
Built for insurance, healthcare, fintech, and ops teams whose users live inside third-party portals with no API.
The whole point is running actions for your users without anyone — your users, your security team, or you — having to over-trust the system.
Logins are AES-GCM encrypted on the device and go straight to the destination site. They never touch our servers, so there's nothing for us to leak or subpoena.
Everything security-critical is open source under Apache-2.0. Your security team runs the conformance suite and verifies the relay's behavior themselves — no vendor trust required.
Actions run in the user's real, authenticated session, so bot detection has nothing to flag. MFA and CAPTCHA are handled by the person who's right there.
Every task is fenced to specific domains and actions. Even a compromised relay can't widen a recipe or read a credential — the open extension re-verifies each step on-device.
From a manual process to one safe API call, in three steps.
A lightweight Chrome extension, force-installable via Google Workspace; any logins live in an on-device encrypted vault.
Record a flow once and it becomes a signed, permission-fenced recipe you register on the relay.
Your backend calls client.run(task); the action runs in your user's real browser and streams status back until it's done.
The protocol is open — self-host it for free. You pay for the managed relay: uptime, dashboard, audit, and support.
You only pay for successful tasks. Prefer to run it yourself? OpenErrand is just a conformant relay — self-host the open reference relay and pay nothing.
OpenErrand is the managed implementation of OBEP, the Open Browser Execution Protocol — an open specification with a reference implementation, not a black box. Because every security-critical component is open source and auditable, a security review doesn't have to end in "trust us." Run the conformance suite, read the extension source, and verify exactly what executes on the machine.
Run it in your users' real browsers without your product ever handling their credentials.