Chrome Verified Access Overview

About Chrome Verified Access

Your network service can use the Verified Access feature in the Google Admin console to communicate with both the client Chrome device and the Verified Access API. Doing so gains information about the policy compliance and (optionally) the identity of the client device from Google. To that end, a Chrome extension must be running on the device that interacts with the enterprise.platformKeys extension API, and the network service needs to talk to the Verified Access API.

How Chrome Verified Access Works

Here’s the suggested implementation:

Suggested implementation.

  1. The Chrome extension contacts the Verified Access API to create a challenge.
  2. The Chrome extension calls the enterprise.platformKeys API to generate a challenge-response and sends the access request to the network service, including the challenge-response in the request.
  3. The network service contacts the Verified Access API to verify the challenge-response.
  4. In case of successful verification, the network service grants access to the device.