---- url: https://www.kernel.sh/docs/auth/profiles ---- Profiles let you capture browser state created during a session (cookies and local storage) and reuse it in later sessions. This is the primitive to instantiate [authenticated browsers](https://www.kernel.sh/docs/auth/overview). ## [​](#1-create-a-profile)1. Create a profile Managed Auth automatically creates browser profiles for each [connection](https://www.kernel.sh/docs/auth/overview) you successfully authenticate. You can also use profiles without Managed Auth. The first step in using profiles is to create one, optionally giving it a meaningful `name` that is unique within your organization. ``` import Kernel, { ConflictError } from '@onkernel/sdk'; const kernel = new Kernel(); try { await kernel.profiles.create({ name: 'profiles-demo' }); } catch (err) { if (err instanceof ConflictError) { // Profile already exists } else { throw err; } } ``` ## [​](#2-start-a-browser-session-using-the-profile-and-save-changes)2. Start a browser session using the profile and save changes After creating the profile, reference it by its `name` or `id` when creating a browser. Set `save_changes` to true to persist any state created during this session back into the profile when the browser is closed. ``` const kernelBrowser = await kernel.browsers.create({ profile: { name: 'profiles-demo', save_changes: true, }, }); ``` ## [​](#3-use-the-browser-then-close-it-to-persist-the-state)3. Use the browser, then close it to persist the state After using a browser with `save_changes: true`, closing the browser will save cookies and local storage into the profile. Calling `browser.close()` does **not** save the profile state. You **must** explicitly delete the Kernel browser (or let the browser [timeout](https://www.kernel.sh/docs/browsers/termination#automatic-deletion-via-timeout)) to persist the Profile. ``` console.log('Live view:', kernelBrowser.browser_live_view_url); // Navigate and create login state... await kernel.browsers.deleteByID(kernelBrowser.session_id); ``` ## [​](#4-start-a-new-session-with-the-saved-profile-read-only)4. Start a new session with the saved profile (read-only) Create another browser using the same profile name. Omitting `save_changes` leaves the stored profile untouched. ``` const kernelBrowser2 = await kernel.browsers.create({ profile: { name: 'profiles-demo' }, }); console.log('Live view:', kernelBrowser2.browser_live_view_url); ``` ## [​](#loading-a-profile-into-an-existing-browser)Loading a profile into an existing browser You can load a profile into a browser after it has been created using the [update browser endpoint](https://www.kernel.sh/docs/api-reference/browsers/update-browser-session). ``` // Create a browser without a profile const kernelBrowser = await kernel.browsers.create(); // Later, load a profile into the browser await kernel.browsers.update(kernelBrowser.session_id, { profile: { name: 'profiles-demo' } }); ``` You cannot load a profile into a browser that was already created with a profile. The browser must have been created without any profile configuration. ## [​](#other-ways-to-use-profiles)Other ways to use profiles The API and SDKs support listing, deleting, and downloading profile data as JSON. See the [API reference](https://www.kernel.sh/docs/api-reference/profiles/list-profiles) for more details. ## [​](#notes)Notes * A profile’s `name` must be unique within your organization. * Profiles store cookies and local storage. Start the session with `save_changes: true` to write changes back when the browser is closed. * To keep a profile immutable for a run, omit `save_changes` (default) when creating the browser. * Multiple browsers in parallel can use the same profile, but only one browser should write (`save_changes: true`) to it at a time. Parallel browsers with `save_changes: true` may cause profile corruption and unpredictable behavior. * Profile data is encrypted end to end using a per-organization key. ---- url: https://www.kernel.sh/docs/reference/mcp-server ---- Our Model Context Protocol (MCP) server lets any compatible AI model or agent launch Chromium browsers, execute Playwright code, capture video replays, and automate web interactions from Kernel’s cloud platform via a single secure endpoint. ## Setup Instructions ### General (Transports) Use the streamable HTTP endpoint where supported for increased reliability. If your client does not support remote MCP, use `mcp-remote` over stdio. Kernel’s server is a centrally hosted, authenticated remote MCP using OAuth 2.1 with dynamic client registration. ## Authentication ### OAuth (Recommended) The MCP server uses OAuth 2.1 for user authentication. When you connect through supported clients, you’ll be prompted to authorize access via your browser. ### API Key Authentication For programmatic access or service-to-service authentication, you can use your Kernel API key instead of OAuth. Add your API key to the MCP configuration: The server automatically detects non-JWT tokens and treats them as API keys. API key authentication is useful for: ## Connect in your client ### Claude #### Pro, Max, Team & Enterprise (Claude.ai and Claude Desktop) 1. Go to **Settings → Connectors → Add custom connector**. 2. Enter: **Integration name:** `Kernel`, **Integration URL:** `https://mcp.onkernel.com/mcp`, then click **Add**. 3. In **Settings → Connectors**, click **Connect** next to `Kernel` to launch OAuth and approve. 4. In chat, click **Search and tools** and enable the Kernel tools if needed. #### Claude Code CLI **Using Kernel CLI (recommended):** **Manual setup:** ### Cursor **Using Kernel CLI (recommended):** **One-click install:** Click [here](https://cursor.com/en/install-mcp?name=Kernel\&config=eyJ1cmwiOiAiaHR0cHM6Ly9tY3Aub25rZXJuZWwuY29tL21jcCJ9) to install Kernel on Cursor. #### Manual setup 1. Press **⌘/Ctrl Shift J**. 2. Go to **MCP & Integrations → New MCP server**. 3. Add this configuration: 4) Save. The server will appear in Tools. ### OpenCode Add the following to your `~/.config/opencode/opencode.jsonc`: Then authenticate using the OpenCode CLI: ### Goose **Using Kernel CLI (recommended):** The command will display the YAML configuration to add to your Goose config file. **One-click install:** Click [here](goose://extension?cmd=npx\&arg=-y\&arg=mcp-remote\&arg=https%3A%2F%2Fmcp.onkernel.com%2Fmcp\&timeout=300\&id=kernel\&name=Kernel\&description=Access%20Kernel%27s%20cloud-based%20browsers%20via%20MCP) to install Kernel on Goose in one click. #### Goose Desktop 1. Click `Extensions` in the sidebar of the Goose Desktop. 2. Click `Add custom extension`. 3. On the `Add custom extension` modal, enter: 4. Click `Save Changes` button. #### Goose CLI 1. Run the following command: 2. Select `Add Extension` from the menu. 3. Choose `Command-line Extension`. 4. Follow the prompts: ### Visual Studio Code **Using Kernel CLI (recommended):** **Manual setup:** Add to your VS Code settings.json: Or use the UI: 1. Press **⌘/Ctrl Shift P** → search **MCP: Add Server**. 2. Select **HTTP (HTTP or Server-Sent Events)**. 3. Enter: `https://mcp.onkernel.com/mcp` 4. Name the server **Kernel** → Enter. ### Windsurf **Using Kernel CLI (recommended):** **Manual setup:** 1. Press **⌘/Ctrl ,** to open settings. 2. Navigate **Cascade → MCP servers → View raw config**. 3. Paste: 4) On **Manage MCPs**, click **Refresh** to load Kernel MCP. ### Zed **Using Kernel CLI (recommended):** **Manual setup:** 1. Press **⌘/Ctrl ,** to open settings. 2. Paste: ### Smithery You can connect directly to `https://mcp.onkernel.com/mcp`, or use Smithery as a proxy using its provided URL. ### Others Many other MCP-capable tools accept: Configure these values wherever the tool expects MCP server settings. ## Tools ### Browser Automation ### Profile Management ### App Management ### Documentation & Search ## Resources ## Prompts ## Troubleshooting ## Examples ### Invoke apps from anywhere ### Execute Playwright code dynamically ### Set up browser profiles for authentication ### Debug a browser session ---- url: https://www.kernel.sh/docs/apps/secrets ---- There are multiple ways to pass secrets and API keys to your Kernel app: ## [​](#1-deployment-environment-variables)1. Deployment environment variables Deploy your app with secrets as [environment variables](https://www.kernel.sh/docs/apps/deploy#environment-variables). Your app can then access them at runtime. You can set environment variables in two ways: * **`--env` flag**: Pass individual key-value pairs directly in the command * **`--env-file` flag**: Load variables from a `.env` file ``` # Using --env flag for individual variables kernel deploy my_app.ts --env OPENAI_API_KEY=sk-... --env ANTHROPIC_API_KEY=sk-ant-... # Using --env-file to load from a file kernel deploy my_app.ts --env-file .env # Combine both approaches kernel deploy my_app.ts --env-file .env --env OPENAI_API_KEY=sk-... ``` Then access the variables in your app: ``` import Anthropic from "@anthropic-ai/sdk"; import OpenAI from "openai"; app.action('ai-action', async (ctx: KernelContext) => { // Access API keys from environment variables const anthropic = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY, }); const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY, }); // Use the clients... }); ``` ## [​](#2-runtime-variables)2. Runtime variables For use cases where different API keys are needed per invocation (such as platforms using end-user keys), pass the secrets at runtime using the [payload parameter](https://www.kernel.sh/docs/apps/invoke#payload-parameter). Use encryption standards in your app to protect sensitive data. ``` import OpenAI from "openai"; app.action('ai-action', async (ctx: KernelContext, payload) => { // Decrypt the API key passed at runtime const apiKey = decrypt(payload.encryptedApiKey); const openai = new OpenAI({ apiKey: apiKey, }); // Use the client with the user's API key... }); ``` ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/type-text-on-the-browser-instance ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.typeText('id', { text: 'text' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` type JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.typeText('id', { text: 'text' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body application/json [​](#body-text) text string required Text to type on the browser instance [​](#body-delay) delay integer default:0 Delay in milliseconds between keystrokes Required range : `x >= 0` #### Response Text typed successfully [Capture a screenshot of the browser instance](https://www.kernel.sh/docs/api-reference/browser-computer-controls/capture-a-screenshot-of-the-browser-instance) [Previous](https://www.kernel.sh/docs/api-reference/browser-computer-controls/capture-a-screenshot-of-the-browser-instance) [Press one or more keys on the host computer](https://www.kernel.sh/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/profiles/create-a-new-profile ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const profile = await client.profiles.create(); console.log(profile.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ``` POST / profiles JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const profile = await client.profiles.create(); console.log(profile.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Body application/json Request body for creating a profile. [​](#body-name) name string Optional name of the profile. Must be unique within the organization. #### Response Profile created successfully [List profiles](https://www.kernel.sh/docs/api-reference/profiles/list-profiles) [Previous](https://www.kernel.sh/docs/api-reference/profiles/list-profiles) [Get profile by ID or name](https://www.kernel.sh/docs/api-reference/profiles/get-profile-by-id-or-name) [Next](https://www.kernel.sh/docs/api-reference/profiles/get-profile-by-id-or-name) ⌘I ---- url: https://www.kernel.sh/docs/apps/develop ---- In addition to our browser API, Kernel provides a code execution platform for deploying and invoking code. Typically, Kernel’s code execution platform is used for deploying and invoking browser automations or web agents. When using Kernel’s code execution platform, we co-locate your code with any Kernel browser environments you instantiate in your app. This solves common issues with browser connections over CDP: ## Apps, Actions, and Invocations An `App` is a codebase deployed on Kernel. You can deploy any codebase in Typescript or Python on Kernel. An `Action` is an invokable method within an app. Actions allow your to register entry points or functions that can be triggered on-demand. Actions can call non-action methods. Apps can have multiple actions. An `Invocation` is a single execution of an action. Invocations can be triggered via API, scheduled as a job, or run on-demand. ## Getting started: create an app First, install the Kernel SDK for your language: Then create an app: Then, define and register an action that you want to invoke. ## Registering actions Action methods receive two parameters: You can register actions using either approach: ### Inline definition (recommended) ### Define then register This approach is better for larger apps, unit testing, and team collaboration since functions can be tested independently and reused across multiple actions. ## Environment variables You can set environment variables when [deploying](https://www.kernel.sh/docs/apps/deploy#environment-variables) your app. They then can be accessed in the usual way: ## Return values Action methods can return values, which will be included in the invocation’s final response. The examples above show actions returning data. ## Building browser automations with Kernel apps To implement a browser automation or web agent, instantiate an app and define an action that creates a Kernel browser. ## Next steps Once you’re happy with your app, follow [these steps](https://www.kernel.sh/docs/apps/deploy) to deploy and invoke it on the Kernel platform. ---- url: https://www.kernel.sh/docs/api-reference/browser-filesystem/stop-watching-a-directory ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.fs.watch.stop('watch_id', { id: 'id' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` DELETE JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.fs.watch.stop('watch_id', { id: 'id' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters #### Response Watch stopped successfully [Stream filesystem events for a watch](https://www.kernel.sh/docs/api-reference/browser-filesystem/stream-filesystem-events-for-a-watch) [Previous](https://www.kernel.sh/docs/api-reference/browser-filesystem/stream-filesystem-events-for-a-watch) [Download a directory as a ZIP archive](https://www.kernel.sh/docs/api-reference/browser-filesystem/download-a-directory-as-a-zip-archive) [Next](https://www.kernel.sh/docs/api-reference/browser-filesystem/download-a-directory-as-a-zip-archive) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/profiles/download-profile-archive ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.profiles.download('id_or_name'); console.log(response); const content = await response.blob(); console.log(content); ``` ``` "" ``` GET / profiles / {id\_or\_name} / download JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.profiles.download('id_or_name'); console.log(response); const content = await response.blob(); console.log(content); ``` ``` "" ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id-or-name) id\_or\_name string required Profile ID or name #### Response Profile ZIP archive The response is of type `file`. [Delete profile by ID or name](https://www.kernel.sh/docs/api-reference/profiles/delete-profile-by-id-or-name) [Previous](https://www.kernel.sh/docs/api-reference/profiles/delete-profile-by-id-or-name) [List auth connections](https://www.kernel.sh/docs/api-reference/managed-auth/list-auth-connections) [Next](https://www.kernel.sh/docs/api-reference/managed-auth/list-auth-connections) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/profiles/list-profiles ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const profile of client.profiles.list()) { console.log(profile.id); } ``` ``` [ { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ] ``` GET / profiles JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const profile of client.profiles.list()) { console.log(profile.id); } ``` ``` [ { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ] ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Query Parameters [​](#parameter-limit) limit integer default:20 Limit the number of profiles to return. Required range : `1 <= x <= 100` [​](#parameter-offset) offset integer default:0 Offset the number of profiles to return. Required range : `x >= 0` [​](#parameter-query) query string Search profiles by name or ID. #### Response List of profiles [​](#response-items-id) id string required Unique identifier for the profile [​](#response-items-created-at) created\_at string\ required Timestamp when the profile was created [​](#response-items-name-one-of-0) name string | null Optional, easier-to-reference name for the profile [​](#response-items-updated-at) updated\_at string\ Timestamp when the profile was last updated [​](#response-items-last-used-at) last\_used\_at string\ Timestamp when the profile was last used [Flush all idle browsers in the pool](https://www.kernel.sh/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) [Previous](https://www.kernel.sh/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) [Create a new profile](https://www.kernel.sh/docs/api-reference/profiles/create-a-new-profile) [Next](https://www.kernel.sh/docs/api-reference/profiles/create-a-new-profile) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browsers/update-browser-session ---- Initial browser window size in pixels with optional refresh rate. If omitted, image defaults apply (1920x1080\@25). For GPU images, the default is 1920x1080\@60. Arbitrary viewport dimensions and refresh rates are accepted. Known-good presets include: 2560x1440\@10, 1920x1080\@25, 1920x1200\@25, 1440x900\@25, 1280x800\@60, 1024x768\@60, 1200x800\@60. For GPU images, recommended presets use one of these resolutions with refresh rates 60, 30, 25, or 10: 800x600, 960x720, 1024x576, 1024x768, 1152x648, 1200x800, 1280x720, 1368x768, 1440x900, 1600x900, 1920x1080, 1920x1200, 390x844, 360x250, 768x1024, 800x1600. Viewports outside this list may exhibit unstable live view or recording behavior. If refresh\_rate is not provided, it will be automatically determined based on the resolution (higher resolutions use lower refresh rates to keep bandwidth reasonable). ---- url: https://www.kernel.sh/docs/api-reference/browser-filesystem/delete-a-directory ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.fs.deleteDirectory('id', { path: '/J!' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` delete\_directory JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.fs.deleteDirectory('id', { path: '/J!' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body #### Response Directory deleted [Delete a file](https://www.kernel.sh/docs/api-reference/browser-filesystem/delete-a-file) [Previous](https://www.kernel.sh/docs/api-reference/browser-filesystem/delete-a-file) [Set file or directory permissions/ownership](https://www.kernel.sh/docs/api-reference/browser-filesystem/set-file-or-directory-permissionsownership) [Next](https://www.kernel.sh/docs/api-reference/browser-filesystem/set-file-or-directory-permissionsownership) Ctrl+I ---- url: https://www.kernel.sh/docs/apps/deploy ---- Kernel’s app deployment process is as simple as it is fast. There are no configuration files to manage or complex CI/CD pipelines. Once you deploy an app on Kernel, you can schedule its actions on a job or run them from other contexts. You can even run actions multiple times in parallel. ## [​](#deploy-the-app)Deploy the app ### [​](#from-local-directory)From local directory Use our CLI from the root directory of your project: ``` kernel deploy ``` #### [​](#notes)Notes * The `entrypoint_file_name` is the file name where you [defined](https://www.kernel.sh/docs/apps/develop) your app. * Include a `.gitignore` file to exclude dependency folders like `node_modules` and `.venv`. ### [​](#from-github)From GitHub You can deploy a Kernel app directly from a public or private GitHub repository using the Kernel CLI. No need to clone or manually push code. ``` kernel deploy github \ --url https://github.com// \ --ref \ --entrypoint \ [--path ] \ [--github-token ] \ [--env KEY=value ...] \ [--env-file .env] \ [--version latest] \ [--force] ``` #### [​](#notes-2)Notes * **`--path` vs `--entrypoint`:** Use `--path` to specify a subdirectory within the repo (useful for monorepos), and `--entrypoint` for the path to your app’s entry file relative to that directory (or repo root if no `--path` is specified). * The CLI automatically downloads and extracts the GitHub source code and uploads your app for deployment. * For private repositories, provide a `--github-token` or set the `GITHUB_TOKEN` environment variable. ## [​](#environment-variables)Environment variables You can set environment variables for your app using the `--env` flag. For example: ``` kernel deploy my_app.ts --env MY_ENV_VAR=my_value # Can add multiple env vars delimited by space ``` ## [​](#deployment-notes)Deployment notes * **The dependency manifest (`package.json` for JS/TS, `pyproject.toml` for Python) must be present in the root directory of your project.** * **For JS/TS apps, set `"type": "module"` in your `package.json`.** * View deployment logs using: `kernel deploy logs --follow` * If you encounter a 500 error during deployment, verify that your entrypoint file name and extension are correct (e.g., `app.py` not `app` or `app.js`). * Kernel assumes the root directory contains at least this file structure: ``` project-root/ ├─ .gitignore # Exclude dependency folders like node_modules ├─ my_app.ts # Entrypoint file (can be located in a subdirectory, e.g. src/my_app.ts) ├─ package.json ├─ tsconfig.json # If using TypeScript └─ bun.lock | package-lock.json | pnpm-lock.yaml # One of these lockfiles ``` ``` # Successful deployment CLI output SUCCESS Compressed files SUCCESS Deployment successful SUCCESS App "my_app.ts" deployed with action(s): [my-action] INFO Invoke with: kernel invoke my-app my-action --payload '{...}' SUCCESS Total deployment time: 2.78s ``` Once deployed, you can [invoke](https://www.kernel.sh/docs/apps/invoke) your app from anywhere. ---- url: https://www.kernel.sh/docs/api-reference/managed-auth/submit-field-values ---- #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Auth connection ID #### Body application/json Request to submit field values, click an SSO button, or select an MFA method. Provide exactly one of fields, sso\_button\_selector, or mfa\_option\_id. [​](#body-fields) fields object Map of field name to value Show child attributes Example: ``` { "email": "user@example.com", "password": "secret" } ``` [​](#body-sso-button-selector) sso\_button\_selector string Optional XPath selector if user chose to click an SSO button instead Example: `"xpath=//button[contains(text(), 'Continue with Google')]"` [​](#body-mfa-option-id) mfa\_option\_id string Optional MFA option ID if user selected an MFA method Example: `"sms"` #### Response Submission accepted for processing Response from submitting field values [​](#response-accepted) accepted boolean required Whether the submission was accepted for processing ---- url: https://www.kernel.sh/docs/browsers/bot-detection/overview ---- Automating the web as a browser agent is hard. Modern websites deploy increasingly sophisticated bot detection systems to prevent fraud, abuse, and denial-of-service attacks. Even if you have explicit permission to automate — for example, QA’ing your own site or performing actions on behalf of users with their consent — these systems often assume any automated browser is hostile. Kernel provides tools to help with these challenges. Under the hood, our browsers are optimized for realistic environments. **Everything we do is open source and inspectable — you can view our build configurations and runtime layers [here](https://github.com/onkernel/kernel-images).** This guide explains how bot detection works at a high level, common pitfalls to avoid, and how Kernel’s features can help your automations run reliably. ## How Bot Detection Works Most detection systems look for inconsistencies between how a real user’s browser behaves and how an automated one does. Common giveaways include: * **IP addresses**: IPs from data centers (AWS, GCP, Azure) * **Browser environment**: unusual viewport sizes, incorrect timezones, or missing APIs * **Automation frameworks**: traces of Playwright, Puppeteer, or Chrome DevTools Protocol (CDP) connections * **Headless browsers** — browsers started without a visible window expose subtle differences (rendering, GPU, fonts) * **Typing/clicking signals** — identical cursor paths, uniform typing speeds, or rapid mouse movements * **Metadata** — mismatched cookies, inconsistent user-agent strings These systems are heuristic and probabilistic — small mismatches can still trigger blocks. The goal isn’t to “beat” detection but rather emulate the real-world conditions of a normal browser session. ## Kernel Features That Help ### [Stealth Mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) A basic configuration that launches Kernel’s browser through a residential proxy and integrates a Google [reCAPTCHA solver](https://www.google.com/recaptcha/api2/demo). ### [Configurable Proxies](https://www.kernel.sh/docs/proxies/overview) Bring your own proxy network or use Kernel’s managed pool (selectable down to ZIP-code level). If needed, use the same IP to reduce detection and allow for regional testing or QA. ### [Profiles](https://www.kernel.sh/docs/auth/profiles) Profiles persist cookies, local storage, and session data between runs. Combined with a fixed proxy, this mimics a returning user. We recommend using them to persist authenticated states and reduce CAPTCHAs. ### [Browser Pools](https://www.kernel.sh/docs/browsers/pools/overview) Browser pools let you reuse browsers across multiple visits to the same website, which introduces consistency with respect to the IP address. Since IP addresses are one of the main components of fingerprinting used by modern bot detection systems, browser pools drastically increase your chances of avoiding detection. ### [Playwright Execution API](https://www.kernel.sh/docs/browsers/playwright-execution) Executes Playwright scripts in the same VM as the browser, ensuring headers, user-agent strings, and environment match. Kernel automatically applies Patchright to remove automation fingerprints, including headless indicators. ### [Computer Controls API](https://www.kernel.sh/docs/browsers/computer-controls) Controls the browser without using the Chrome DevTools Protocol (CDP), which can reduce bot detection signals. Emulates native keyboard and mouse input directly at the OS level. ## Getting Started Before you start automating your workflow, we recommend that you manually test your website to understand how it behaves with Kernel’s browsers. Here’s how to do that: 1. **Launch a browser from the [Kernel dashboard](https://dashboard.onkernel.com/browsers).** This opens a Kernel browser instance in a clean virtual machine. 2. **Navigate to the target website** and perform the same actions you plan to automate — logging in, filling forms, loading dashboards, etc. 3. **Observe potential friction points:** 4. **Adjust environment settings** — such as proxy configurations — until the manual session works smoothly. Once you have a stable baseline, replicate those conditions in your automations. ## Recommended Practices | Category | Recommendation | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | | **Viewport & Display** | Use Kernel’s default viewport — we’ve tuned it to mirror realistic device profiles. | | **Headless Mode** | Avoid headless mode. Kernel runs full, rendered browsers by default. | | **User Agent Headers** | Don’t override headers manually. Let Kernel manage them for minimize mismatches. | | **Execution Method** | Prefer our **Playwright Execution API** or **Computer Controls API** over self-hosted Playwright/Puppeteer. | | **Session Persistence** | Use **Profiles** to retain cookies and local storage between sessions. | | **Typing & Scrolling** | Add natural variation to interaction timing. | | **Rate Limits** | Many sites monitor request frequency; rapid / concurrent actions can trigger blocking. | | **Network Identity** | Use stable IP addresses, especially if logging in. | | **Extensions** | Use the [Extensions API](https://www.kernel.sh/docs/browsers/extensions) carefully — each adds its own fingerprint, which can be detected. | ## Conclusion Bot detection is nuanced and constantly evolving. **Kernel provides the building blocks — browsers, proxies, profiles, and APIs — to help agents operate safely and reliably.** Our mission is to help developers automate the web on behalf of users and with their consent, while respecting the systems that keep the internet secure. ---- url: https://www.kernel.sh/docs/browsers/bot-detection/stealth ---- Kernel browsers can be configured to `stealth` mode, which automatically adds our recommended proxy to your browser instances. It also adds a `reCAPTCHA solver` to the browser, so it automatically solves [reCAPTCHAs](https://www.google.com/recaptcha/api2/demo) on your behalf. To turn on stealth mode, set its flag when instantiating Kernel browsers: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create({ stealth: true, }); ``` If you’re looking for proxy-level configuration with Kernel browsers, see [Proxies](https://www.kernel.sh/docs/proxies/overview). ## [​](#captcha-handling-behavior)CAPTCHA Handling Behavior Below are tips for working with Kernel’s Stealth Mode auto-CAPTCHA solver across different challenge types and automation frameworks. ### [​](#anthropic-computer-use)Anthropic Computer Use Anthropic Computer Use stops when it encounters a CAPTCHA. Use Kernel’s auto-CAPTCHA solver by adding this to your prompt: `"If you see a CAPTCHA or similar test, just wait for it to get solved automatically by the browser."` ### [​](#cloudflare-challenge)Cloudflare Challenge When encountering a Cloudflare challenge, our auto-CAPTCHA solver will attempt to handle it. Once the “Ready” message appears on the screen, continue with your intended browser actions (e.g., entering credentials and submitting a login attempt). After the “Ready” message appears, don’t click the Cloudflare CAPTCHA checkbox — this can interfere with the solver. ---- url: https://www.kernel.sh/docs/integrations/computer-use/openai ---- [Computer Use](https://openai.com/index/computer-using-agent/) is OpenAI’s feature that enables AI models to interact with computers the way humans do—by looking at screens, moving cursors, clicking buttons, and typing text. This powerful feature allows AI agents to control web browsers, navigate interfaces, and perform complex tasks across applications. By integrating Computer Use with Kernel, you can run these AI-powered browser automations on cloud-hosted infrastructure, eliminating the need for local browser management and enabling scalable, reliable AI agents. ## [​](#quick-setup-with-our-computer-use-example-app)Quick setup with our Computer Use example app Get started quickly with our Kernel app template that includes a pre-configured Computer Use integration: ``` kernel create --name my-computer-use-app --template cua ``` Choose `TypeScript` or `Python` as the programming language. Then follow the [Quickstart guide](https://www.kernel.sh/docs/quickstart) to deploy and run your Computer Use automation on Kernel’s infrastructure. ## [​](#benefits-of-using-kernel-with-computer-use)Benefits of using Kernel with Computer Use * **No local browser management**: Run Computer Use automations without installing or maintaining browsers locally * **Scalability**: Launch multiple browser sessions in parallel for concurrent automations * **Stealth mode**: Built-in anti-detection features for web interactions * **Session state**: Maintain browser state across runs via [Profiles](https://www.kernel.sh/docs/auth/profiles) * **Live view**: Debug your automations with real-time browser viewing ## [​](#next-steps)Next steps * Check out [live view](https://www.kernel.sh/docs/browsers/live-view) for debugging your automations * Learn about [stealth mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) for avoiding detection * Learn how to properly [terminate browser sessions](https://www.kernel.sh/docs/browsers/termination) * Learn how to [deploy](https://www.kernel.sh/docs/apps/deploy) your Computer Use app to Kernel ---- url: https://www.kernel.sh/docs/browsers/computer-controls ---- Use OS-level controls to move and click the mouse, type and press keys, scroll, drag, and capture screenshots from a running browser session. Both `moveMouse` and `dragMouse` use human-like [Bézier curves](https://en.wikipedia.org/wiki/B%C3%A9zier_curve) by default. ## Click the mouse Simulate mouse clicks at specific coordinates. You can select the button, click type (down, up, click), number of clicks, and optional modifier keys to hold. ## Move the mouse Move the cursor to specific screen coordinates. By default, the cursor follows a human-like Bezier curve path instead of teleporting instantly. You can control this with `smooth` and `duration_ms`. | Parameter | Type | Default | Description | | ------------- | ------- | ------- | ---------------------------------------------------------------------------------------------------------- | | `x` | integer | — | X coordinate to move the cursor to | | `y` | integer | — | Y coordinate to move the cursor to | | `smooth` | boolean | `true` | Use human-like Bezier curve path instead of instant teleport | | `duration_ms` | integer | auto | Target duration in milliseconds for smooth movement (50–5000). Omit for automatic timing based on distance | | `hold_keys` | array | — | Modifier keys to hold during the move | ### Smooth vs instant movement Try it yourself — open [live view](https://www.kernel.sh/docs/browsers/live-view) and paste this (requires CLI v0.15.4+ — run `kernel upgrade` to update): ## Take screenshots Capture a full-screen PNG or a specific region. ## Type text Type literal text, optionally with a delay in milliseconds between keystrokes. ## Press keys Press one or more key symbols (including combinations like “Ctrl+t” or “Ctrl+Shift+Tab”). Optionally hold modifiers and/or set a duration to hold keys down. Scroll the mouse wheel at a specific position. Positive `delta_y` scrolls down; negative scrolls up. Positive `delta_x` scrolls right; negative scrolls left. ## Drag the mouse Drag by pressing a button, moving along a path of points, then releasing. By default, drag movement uses human-like Bezier curves between waypoints. Set `smooth: false` to use linear interpolation with `steps_per_segment` and `step_delay_ms` instead. | Parameter | Type | Default | Description | | ------------------- | ------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------- | | `path` | array | — | Ordered list of `[x, y]` coordinate pairs to move through (minimum 2 points) | | `button` | string | `left` | Mouse button: `left`, `middle`, or `right` | | `smooth` | boolean | `true` | Use human-like Bezier curves between waypoints. When `true`, `steps_per_segment` and `step_delay_ms` are ignored | | `duration_ms` | integer | auto | Target duration in milliseconds for the entire drag when `smooth=true` (50–10000). Omit for automatic timing based on total path length | | `delay` | integer | `0` | Delay in milliseconds between button down and starting to move | | `steps_per_segment` | integer | `10` | Number of interpolation steps per path segment (only when `smooth=false`) | | `step_delay_ms` | integer | `50` | Delay in milliseconds between steps (only when `smooth=false`) | | `hold_keys` | array | — | Modifier keys to hold during the drag | ### Smooth vs linear drag ---- url: https://www.kernel.sh/docs/api-reference/browser-processes/stream-process-stdout-via-sse ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.stdoutStream( '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { id: 'id' }, ); console.log(response.data_b64); ``` ``` { "stream": "stdout", "data_b64": "", "event": "exit", "exit_code": 123 } ``` stdout / stream JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.stdoutStream( '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { id: 'id' }, ); console.log(response.data_b64); ``` ``` { "stream": "stdout", "data_b64": "", "event": "exit", "exit_code": 123 } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters #### Response SSE stream of process output and lifecycle events SSE payload representing process output or lifecycle events. [​](#response-stream) stream enum\ Source stream of the data chunk. Available options : `stdout`, `stderr` [​](#response-data-b64) data\_b64 string Base64-encoded data from the process stream. [​](#response-event) event enum\ Lifecycle event type. Available options : `exit` [​](#response-exit-code) exit\_code integer Exit code when the event is "exit". [Get process status](https://www.kernel.sh/docs/api-reference/browser-processes/get-process-status) [Previous](https://www.kernel.sh/docs/api-reference/browser-processes/get-process-status) [Write to process stdin](https://www.kernel.sh/docs/api-reference/browser-processes/write-to-process-stdin) [Next](https://www.kernel.sh/docs/api-reference/browser-processes/write-to-process-stdin) Ctrl+I ---- url: https://www.kernel.sh/docs/apps/invoke ---- ## [​](#via-api)Via API You can invoke your app by making a `POST` request to Kernel’s API or via the CLI. Both support passing a payload. **For automations and agents that take longer than 100 seconds, use [async invocations](https://www.kernel.sh/docs/apps/invoke#asynchronous-invocations).** Synchronous invocations time out after 100 seconds. ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const invocation = await kernel.invocations.create({ action_name: 'analyze', app_name: 'my-app', version: '1.0.0', }); console.log(invocation.id); ``` ### [​](#asynchronous-invocations)Asynchronous invocations For long running jobs, use asynchronous invocations to trigger Kernel actions without waiting for the result. You can then stream real-time [status updates](https://www.kernel.sh/docs/apps/status#streaming-status-updates) for the result. Asynchronous invocations time out after 15 minutes by default but can be configured to last up to 1 hour by setting the optional `async_timeout_seconds` parameter during invocation. ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const invocation = await kernel.invocations.create({ async: true, action_name: 'analyze', app_name: 'my-app', version: '1.0.0', }); console.log(invocation.id); ``` ## [​](#via-cli)Via CLI Invoke an app action immediately via the CLI: ``` kernel invoke ``` ### [​](#payload-parameter)Payload parameter `--payload` allows you to invoke the action with specified parameters. This enables your action to receive and handle dynamic inputs at runtime. For example: Payloads are stringified JSON and have a maximum size of 4.5 MB. ``` kernel invoke --payload '{"tshirt_size": "small", "color": "black", "shipping_address": "2 Mint Plz, San Francisco CA 94103"}' ``` See [here](https://www.kernel.sh/docs/apps/develop#parameters) to learn how to access the payload in your action method. ### [​](#return-values)Return values If your action specifies a [return value](https://www.kernel.sh/docs/apps/develop#return-values), the invocation returns its value once it completes. (The Kernel CLI uses asynchronous invocations under the hood) ---- url: https://www.kernel.sh/docs/quickstart ---- ## Getting started This quickstart guide will help you deploy and invoke your first browser automation on Kernel. You’ll create a simple automation using Playwright, Computer Use, or a web agent framework like Browser Use. ## Prerequisites > **Note:** You can also deploy and invoke apps using the [Kernel MCP server](https://www.kernel.sh/docs/reference/mcp-server) from AI assistants (Cursor, Goose, Claude, etc.). ## 1. Install the Kernel CLI Verify the installation exists: ## 2. Create a new Kernel app ## 3. Authenticate with Kernel The easiest way to authenticate is using OAuth: This will open your browser to complete the authentication flow. Your credentials will be securely stored and automatically refreshed. ## 4. Deploy the sample app on Kernel ## 5. Invoke the app ## Next steps Nice work! With Kernel, you: 1. Developed an app that uses Playwright, Computer Use, or a web agent framework like Browser Use 2. Deployed and invoked it in the cloud You can now update your browser automation with your own logic and deploy it again. Install our [MCP server](https://www.kernel.sh/docs/reference/mcp-server) to give your coding agent our `search_docs` tool. ## Sample apps reference These are the sample apps currently available when you run `kernel create`: | Template | Description | Framework | | -------------------------- | ------------------------------------------------ | -------------------------- | | **sample-app** | Implements a basic Kernel app | Playwright | | **captcha-solver** | Demo of Kernel’s auto-CAPTCHA solving capability | Playwright | | **browser-use** | Implements Browser Use SDK | Browser Use | | **stagehand** | Implements the Stagehand v3 SDK | Stagehand | | **anthropic-computer-use** | Implements an Anthropic computer use agent | Anthropic Computer Use API | | **openai-computer-use** | Implements an OpenAI computer use agent | OpenAI Computer Use API | | **gemini-computer-use** | Implements a Gemini computer use agent | Gemini Computer Use API | | **openagi-computer-use** | Implements an OpenAGI computer use agent | OpenAGI Computer Use API | | **magnitude** | Implements the Magnitude.run SDK | Magnitude.run | ---- url: https://www.kernel.sh/docs/apps/logs ---- ## [​](#via-api)Via API After you [invoke](https://www.kernel.sh/docs/apps/invoke) an action, you can stream the invocation’s logs in real time: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const logs = await kernel.invocations.follow(invocation_id); ``` Log lines will be truncated to 64KiB. For large payloads write data to external storage and log a reference instead. ### [​](#example)Example Here’s an example showing how to handle streaming logs: Typescript/Javascript ``` const follow = await kernel.invocations.follow(invocation.id); for await (const evt of follow) { if (evt.event === 'log') { console.log(`[${evt.timestamp}] ${evt.message}`); } else if (evt.event === 'error') { console.error('Error:', evt.error.message); break; } else if (evt.event === 'invocation_state') { if (evt.invocation.status === 'succeeded' || evt.invocation.status === 'failed') { break; } } } ``` ## [​](#via-cli)Via CLI You can also stream the logs to your terminal via the CLI: ``` kernel logs --follow ``` If you don’t specify `--follow`, the logs will print to the terminal until 3 seconds of inactivity and then stops. You can get logs for a specific invocation by adding: ``` -i --invocation Show logs for a specific invocation of the app. ``` ---- url: https://www.kernel.sh/docs/api-reference/profiles/get-profile-by-id-or-name ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const profile = await client.profiles.retrieve('id_or_name'); console.log(profile.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ``` GET / profiles / {id\_or\_name} JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const profile = await client.profiles.retrieve('id_or_name'); console.log(profile.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "name": "", "updated_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id-or-name) id\_or\_name string required Profile ID or name #### Response Profile details [Create a new profile](https://www.kernel.sh/docs/api-reference/profiles/create-a-new-profile) [Previous](https://www.kernel.sh/docs/api-reference/profiles/create-a-new-profile) [Delete profile by ID or name](https://www.kernel.sh/docs/api-reference/profiles/delete-profile-by-id-or-name) [Next](https://www.kernel.sh/docs/api-reference/profiles/delete-profile-by-id-or-name) Ctrl+I ---- url: https://www.kernel.sh/docs/browsers/extensions ---- Kernel’s browsers support running with custom Chrome extensions. Chrome extensions must be unpacked and can be uploaded to Kernel via the CLI or API. ## Uploading extensions Here is a simple example of an unpacked extension: Once these files are in place, you can upload them to Kernel via the CLI (or [API](https://www.kernel.sh/docs/api-reference/extensions/upload-a-browser-extension)): Extensions uploaded to Kernel are assigned a random ID, but you can also give them a name for easier reference. This name must be unique within your organization. ## Using extensions in a browser Passing the extension name or ID to the `create` method will load it into the browser. ## Using extensions directly from the Chrome Web Store Kernel’s CLI offers a command for fetching and unpacking extensions directly from the Chrome Web Store. Simply pass the URL of the extension you want to download and the CLI will download the extension and unpack it into the specified directory. From here you can upload the extension to Kernel as normal. ## Loading an extension into a running browser If you have a browser running and would like to load an extension into it after the browser session has started, Kernel also allows you to do that via the CLI (or [API](https://www.kernel.sh/docs/api-reference/browsers/ad-hoc-upload-one-or-more-unpacked-extensions-to-a-running-browser-instance)): ## Extensions requiring enterprise policies For a complete list of available extension settings and policies, refer to the [Chrome Enterprise Policy documentation](https://chromeenterprise.google/policies/extension-settings/). ### Uploading extensions requiring enterprise policies Some Chrome extensions require elevated permissions that Chrome will only grant when the extension is installed via enterprise policies. These extensions cannot be loaded with the standard `--load-extension` flag and require special handling. ### What are enterprise policy extensions? Extensions that require enterprise policies typically: Common examples include extensions for network filtering, request signing, or advanced content modification. ### Required files for upload When uploading an extension that requires enterprise policies to Kernel, your extension directory or zip file must include: 1. **Extension source files** - Your `manifest.json` and all extension code (background scripts, content scripts, etc.) 2. **`update.xml`** - A Chrome update manifest that points to the `.crx` file location 3. **`.crx` file** - The signed and packed extension file ### Automatic detection and validation Kernel automatically detects extensions that require enterprise policies by analyzing the `manifest.json` file during upload. No manual configuration is needed. **Detection process:** 1. You upload an extension via CLI or API 2. Kernel scans the `manifest.json` for permissions like `webRequestBlocking` 3. If enterprise policies are required, Kernel validates the required files are present ### How it works Once you successfully upload an enterprise policy extension, Kernel handles the rest automatically: 1. **Upload** - You upload your extension with all required files 2. **Detection** - Kernel detects the enterprise policy requirement from the manifest 3. **Policy configuration** - Extension is automatically added to `ExtensionInstallForcelist` 4. **File serving** - The kernel-images server serves update files at `http://127.0.0.1:10001/extensions/{extension-id}/update.xml` 5. **Installation** - Chrome installs the extension via enterprise policy when the browser starts No additional HTTP server or manual policy configuration is needed. The extension works seamlessly in any browser session that it’s uploaded to. ---- url: https://www.kernel.sh/docs/browsers/create-a-browser ---- Kernel browsers were designed to be lightweight and fast. Your agent can quickly create them on-demand and tear them down as soon as it is done using them. They can be used as part of the Kernel [app platform](https://www.kernel.sh/docs/apps/develop) or connected to from another service with the Chrome DevTools Protocol. ## [​](#1-create-a-kernel-browser)1. Create a Kernel browser First, install the Kernel SDK: * Typescript/Javascript: `npm install @onkernel/sdk` * Python: `pip install kernel` Use our SDK to create a browser: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create(); console.log(kernelBrowser.session_id); ``` ## [​](#2-connect-over-cdp)2. Connect over CDP Then, you can connect to the browser with any Chrome DevTools Protocol framework, such as Playwright or Puppeteer. You can also use our [Computer Controls API](https://www.kernel.sh/docs/browsers/computer-controls) to control the browser’s mouse and keyboard without using a CDP connection. This is useful for vision-based LLM loops like [Claude Computer Use](https://www.kernel.sh/docs/integrations/computer-use/anthropic). ``` import { chromium } from 'playwright'; // Playwright const browser = await chromium.connectOverCDP(kernelBrowser.cdp_ws_url); // Or with Puppeteer import puppeteer from 'puppeteer'; const browser = await puppeteer.connect({ browserWSEndpoint: kernelBrowser.cdp_ws_url, defaultViewport: null, // Optional: inherit viewport from the browser }); ``` ## [​](#3-tear-it-down)3. Tear it down When you’re finished with the browser, you can delete it: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); await kernel.browsers.deleteByID(kernelBrowser.session_id); ``` Browsers automatically delete after a timeout (default 60 seconds) if they don’t receive a CDP or live view connection. You can [configure this timeout](https://www.kernel.sh/docs/browsers/termination#automatic-deletion-via-timeout) when creating the browser. ## [​](#full-example)Full example Once you’ve connected to the Kernel browser, you can do anything with it. Kernel browsers launch with a default context and page. Make sure to access the [existing context and page](https://playwright.dev/docs/api/class-browsertype#browser-type-connect-over-cdp) (`contexts()[0]` and `pages()[0]`), rather than trying to create a new one. ``` import Kernel from '@onkernel/sdk'; import { chromium } from 'playwright'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create(); const browser = await chromium.connectOverCDP(kernelBrowser.cdp_ws_url); try { const context = browser.contexts()[0] || (await browser.newContext()); const page = context.pages()[0] || (await context.newPage()); await page.goto('https://www.onkernel.com'); const title = await page.title(); } catch (error) { console.error(error); } finally { await browser.close(); await kernel.browsers.deleteByID(kernelBrowser.session_id); } ``` ---- url: https://www.kernel.sh/docs/integrations/overview ---- Kernel’s browsers are compatible with all browser and Computer Use frameworks. ## [​](#universal-cdp-compatibility)Universal CDP compatibility Kernel browsers work with any framework or tool that supports the Chrome DevTools Protocol (CDP). This means you can: * **Use any agent framework**: Integrate with popular frameworks like Browser Use, Stagehand, Playwright, Puppeteer, Selenium, and more * **Connect via CDP**: All browsers expose a CDP WebSocket URL for direct connection * **No vendor lock-in**: Switch between frameworks or use multiple frameworks simultaneously * **Standard protocols**: Built on open standards that work with the entire browser automation ecosystem ## [​](#computer-use)Computer Use For vision-language models (VLMs) that predict browser actions from screenshots, Kernel provides [Computer Controls APIs](https://www.kernel.sh/docs/browsers/computer-controls) that enable direct mouse, keyboard, and screen interactions. These low-level controls let you: * Capture screenshots to send to your VLM * Execute predicted actions (clicks, typing, scrolling, dragging) * Build custom agentic loops with any VLM provider This approach works with any computer use model, including Anthropic Claude, OpenAI CUA, Google Gemini, and others. ## [​](#popular-framework-integrations)Popular Framework Integrations Kernel provides detailed guides for popular agent frameworks: * **[Agent Browser](https://www.kernel.sh/docs/integrations/agent-browser)** - Browser automation CLI for AI agents * **[Browser Use](https://www.kernel.sh/docs/integrations/browser-use)** - AI browser agent framework * **[Claude Agent SDK](https://www.kernel.sh/docs/integrations/claude-agent-sdk)** - Run Claude Agent SDK automations in cloud browsers * **[Stagehand](https://www.kernel.sh/docs/integrations/stagehand)** - AI browser automation with natural language * **[Computer Use (Anthropic)](https://www.kernel.sh/docs/integrations/computer-use/anthropic)** - Claude’s computer use capability * **[Computer Use (OpenAI)](https://www.kernel.sh/docs/integrations/computer-use/openai)** - OpenAI’s computer use capability * **[Computer Use (Gemini)](https://www.kernel.sh/docs/integrations/computer-use/gemini)** - Gemini’s computer use capability * **[Computer Use (OpenAGI)](https://www.kernel.sh/docs/integrations/computer-use/openagi)** - OpenAGI’s computer use capability * **[Computer Use (Yutori)](https://www.kernel.sh/docs/integrations/computer-use/yutori)** - Yutori n1 pixels-to-actions model * **[Laminar](https://www.kernel.sh/docs/integrations/laminar)** - Observability and tracing for AI browser automations * **[Magnitude](https://www.kernel.sh/docs/integrations/magnitude)** - Vision-focused browser automation framework * **[Notte](https://www.kernel.sh/docs/integrations/notte)** - AI agent framework for browser automation * **[Val Town](https://www.kernel.sh/docs/integrations/valtown)** - Serverless function runtime * **[Vercel](https://github.com/onkernel/vercel-template)** - Deploy browser automations to Vercel * **[Web Bot Authentication](https://www.kernel.sh/docs/browsers/bot-detection/web-bot-auth)** - Create signed Chrome extensions for web bot authentication * **[1Password](https://www.kernel.sh/docs/integrations/1password)** - Use credentials from your 1Password vaults for Managed Auth ## [​](#custom-integrations)Custom Integrations Kernel works with any tool that supports CDP. Check out our [browser creation guide](https://www.kernel.sh/docs/browsers/create-a-browser) to learn how to connect any other agent framework. ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/read-text-from-the-clipboard-on-the-browser-instance ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.computer.readClipboard('id'); console.log(response.text); ``` ``` { "text": "" } ``` read JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.computer.readClipboard('id'); console.log(response.text); ``` ``` { "text": "" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Response Clipboard content read successfully [​](#response-text) text string required Current clipboard text content [Set cursor visibility](https://www.kernel.sh/docs/api-reference/browser-computer-controls/set-cursor-visibility) [Previous](https://www.kernel.sh/docs/api-reference/browser-computer-controls/set-cursor-visibility) [Write text to the clipboard on the browser instance](https://www.kernel.sh/docs/api-reference/browser-computer-controls/write-text-to-the-clipboard-on-the-browser-instance) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/write-text-to-the-clipboard-on-the-browser-instance) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browser-processes/execute-a-command-asynchronously ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.spawn('id', { command: 'command' }); console.log(response.pid); ``` ``` { "process_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "pid": 123, "started_at": "2023-11-07T05:31:56Z" } ``` spawn JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.spawn('id', { command: 'command' }); console.log(response.pid); ``` ``` { "process_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "pid": 123, "started_at": "2023-11-07T05:31:56Z" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body [​](#body-allocate-tty) allocate\_tty boolean default:false Allocate a pseudo-terminal (PTY) for interactive shells. [​](#body-rows) rows integer Initial terminal rows. Only used when allocate\_tty is true. Required range : `1 <= x <= 65535` [​](#body-cols) cols integer Initial terminal columns. Only used when allocate\_tty is true. Required range : `1 <= x <= 65535` #### Response Spawned Information about a spawned process. [​](#response-process-id) process\_id string\ Server-assigned identifier for the process. [​](#response-pid) pid integer OS process ID. [​](#response-started-at) started\_at string\ Timestamp when the process started. [Execute a command synchronously](https://www.kernel.sh/docs/api-reference/browser-processes/execute-a-command-synchronously) [Previous](https://www.kernel.sh/docs/api-reference/browser-processes/execute-a-command-synchronously) [Get process status](https://www.kernel.sh/docs/api-reference/browser-processes/get-process-status) [Next](https://www.kernel.sh/docs/api-reference/browser-processes/get-process-status) Ctrl+I ---- url: https://www.kernel.sh/docs/browsers/live-view ---- Humans-in-the-loop can access the live view of Kernel browsers in real-time to resolve errors or take unscripted actions. To access the live view, visit the `browser_live_view_url` provided when you create a Kernel browser: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const browser = await kernel.browsers.create(); console.log(browser.browser_live_view_url); ``` ## [​](#query-parameters)Query parameters The `browser_live_view_url` supports additional query parameters to customize the live view: * `readOnly` (bool): when set to `true`, the view will be non-interactive. Example: ``` https://api.onkernel.com/browser/live/?readOnly=true ``` ## [​](#embedding-in-an-iframe)Embedding in an iframe The live view URL can be embedded in an iframe to integrate the browser view into your own application or dashboard. ``` ``` ## [​](#kiosk-mode)Kiosk mode Kiosk mode provides a fullscreen live view experience without browser UI elements like the address bar and tabs. You can enable kiosk mode when creating a browser by setting the `kiosk_mode` parameter to `true`. Kiosk mode triggers a Chromium restart, which can take several seconds. Use [browser pools](https://www.kernel.sh/docs/browsers/pools/overview) to access kiosk mode browsers faster. ``` const browser = await kernel.browsers.create({ kiosk_mode: true }); ``` ## [​](#url-lifetime)URL lifetime `browser_live_view_url` becomes invalid once the browser is [deleted](https://www.kernel.sh/docs/browsers/termination) manually or via timeout. ---- url: https://www.kernel.sh/docs/auth/faq ---- ## How does automatic re-authentication work? When you link credentials to a connection, Kernel monitors the login session and re-authenticates automatically when it expires. Periodic health checks detect logged-out sessions and trigger re-auth in the background, so the profile stays logged in without additional action on your part. ## How often are health checks performed? Health checks on regular cadences based on your plan: ## How do I know if a Kernel can automatically re-authenticate a connection? Check the `can_reauth` field on a connection. This boolean checks the following conditions: 1. **Credential linked** — A credential must be attached to the connection (stored in Kernel or via an external provider like [1Password](https://www.kernel.sh/docs/integrations/1password)) 2. **No external action required** — The learned login flow doesn’t require human intervention Only if all of the above conditions are met will `can_reauth` be `true`. When true, Kernel will attempt to automatically re-authenticate the connection. ### External actions that prevent auto-reauth After a successful login, Kernel saves the login flow. If the flow includes steps that require human action—like SMS/email OTP, push notifications, or manual MFA selection—Kernel marks the connection as unable to auto-reauth because those steps can’t be automated without user input. If your login flow requires one of these, you can still automate around it: ## Which authentication methods are supported? Managed Auth supports username/password authentication and most SSO providers. ## What happens if login fails? If a login attempt fails, Kernel will retry with exponential backoff. After multiple failures, the [login flow](https://www.kernel.sh/docs/auth/hosted-ui) will be marked as failed and you’ll receive an error. Common failure reasons include: ## Can I use Managed Auth with any website? Managed Auth works with most websites. Sites with aggressive bot detection may require additional configuration (stealth mode, proxies). Passkeys and hardware security keys are not currently supported. ## How is Managed Auth billed? Managed Auth is included on all paid plans with no per-connection fees. It uses browser sessions to log in and keep your sessions fresh—these count toward your browser usage like any other browser session. Auth sessions are fast (typically 5-30 seconds each). Kernel monitors session health and re-authenticates automatically when sessions expire—most stay valid for days. For example, keeping 100 auth connections logged in typically costs less than $5/month in browser usage. See [Pricing & Limits](https://www.kernel.sh/docs/info/pricing#managed-auth) for details. ---- url: https://www.kernel.sh/docs/browsers/pools/scaling ---- ## Introduction This guide explains how to architect production-scale browser automation systems using Kernel, how to handle high-concurrency workloads, and best practices for building resilient systems. After understanding the [basics](https://www.kernel.sh/docs/browsers/create-a-browser) of our browsers, you should understand how to create and connect to individual browsers on-demand. This guide builds on that foundation to help you design systems using browser pools that can handle hundreds or thousands of concurrent browser tasks reliably. ## Understanding your requirements Before selecting an architecture, assess your workload’s characteristics: **Concurrency**: How many browsers need to run simultaneously? **Request Patterns**: How do tasks arrive? **Throughput**: How quickly do you need to create and tear down browsers? ## Architecture patterns ### Direct browser creation (POC) For proof-of-concept work and early production systems with modest concurrency needs, creating browsers on-demand is the simplest approach. **When to use:** Example ### Single browser pool (scaling) For production systems with consistent, high-frequency workloads, a browser pool allows you to access higher concurrency plus predictable performance. **When to use:** Example ``` import Kernel from '@onkernel/sdk'; import { chromium } from 'playwright'; const kernel = new Kernel(); const POOL_NAME = 'production-pool'; // Initialize pool once (typically in deployment/startup) async function initializePool() { await kernel.browserPools.create({ name: POOL_NAME, size: 25, // Balance cost and availability timeout_seconds: 300, // Destroy browsers after 5 minutes of inactivity stealth: true, headless: false, // headless: true for cost savings if no live view needed }); } async function processTask(taskData: any) { let session; try { // Acquire browser (returns immediately if available) session = await kernel.browserPools.acquire(POOL_NAME, { acquire_timeout_seconds: 30, // Wait up to 30s for availability }); const browser = await chromium.connectOverCDP(session.cdp_ws_url); const context = browser.contexts()[0]; const page = context.pages()[0]; // Perform work await page.goto(taskData.url); // ... automation logic ... return { success: true, data: /* results */ }; } catch (error) { console.error('Task failed:', error); return { success: false, error: error.message }; } finally { // Critical: Always release back to pool if (session) { await kernel.browserPools.release(POOL_NAME, { session_id: session.session_id, reuse: true, // Reuse for efficiency }); } } } ``` **Key considerations:** ### Queue-based processing (high scale) For systems exceeding pool capacity or with unpredictable bursts, implement a task queue to manage workloads gracefully. **When to use:** Example ``` import { Queue } from 'bullmq'; // or any queue system import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const POOL_NAME = 'production-pool'; const POOL_SIZE = 50; // Task queue configuration const taskQueue = new Queue('browser-tasks', { connection: { /* Redis config */ } }); // Worker that processes tasks async function startWorker() { const worker = new Worker('browser-tasks', async (job) => { let session; try { // Acquire browser with reasonable timeout session = await kernel.browserPools.acquire(POOL_NAME, { acquire_timeout_seconds: 120, }); const browser = await chromium.connectOverCDP(session.cdp_ws_url); const context = browser.contexts()[0]; const page = context.pages()[0]; // Process job data await page.goto(job.data.url); const result = await page.evaluate(() => /* extract data */); return { success: true, data: result }; } catch (error) { // Handle errors with retry logic if (error.message.includes('timeout')) { throw new Error('RETRY'); // BullMQ will retry } throw error; } finally { if (session) { await kernel.browserPools.release(POOL_NAME, { session_id: session.session_id, reuse: true, }); } } }, { connection: { /* Redis config */ }, concurrency: POOL_SIZE, // Match pool size }); return worker; } // Add tasks to queue async function submitTask(taskData: any, priority?: number) { await taskQueue.add('process', taskData, { priority: priority || 5, attempts: 3, backoff: { type: 'exponential', delay: 2000, }, }); } ``` **Queue-specific considerations:** ---- url: https://www.kernel.sh/docs/auth/credentials ---- Credentials allow you to store login information securely and enable Kernel’s automated re-authentication without requiring user interaction. **There are three ways to provide credentials:** ## Save credentials during login By default, credentials entered during login are automatically saved for re-authentication. No extra parameters are needed: Once saved, browser profiles stay authenticated automatically. When the session expires, Kernel re-authenticates using the stored credentials. Credentials are updated after every successful login. One-time codes (TOTP, SMS, etc.) are not saved. To opt out of credential saving, set `save_credentials: false` when creating the connection: ## Pre-store credentials For fully automated flows where no user is involved, create credentials upfront: Then link the credential when creating a connection: ### 2FA with TOTP For sites with authenticator app 2FA, include `totp_secret` to fully automate login: ### SSO / OAuth For sites with “Sign in with Google/GitHub/Microsoft”, set `sso_provider` and include the OAuth provider’s domains in `allowed_domains`. The workflow automatically clicks the matching SSO button and completes OAuth: ## Partial Credentials Credentials don’t need to contain every field required by the login form. You can store what you have and collect the necessary fields from the user. `auth.connections.login()` pauses for missing values. As an example, the below credential has email + TOTP secret stored (and automatically handled), but no password. The password is dynamically collected from the user using Kernel’s Hosted UI or your Programmatic flow: This is useful when you want to: ## Security | Feature | Description | | ---------------------- | ---------------------------------------------------- | | **Encrypted at rest** | Values encrypted using per-organization keys | | **Write-only** | Values cannot be retrieved via API after creation | | **Never logged** | Values are never written to logs | | **Never shared** | Values are never passed to LLMs | | **Isolated execution** | Authentication runs in isolated browser environments | ## Notes ---- url: https://www.kernel.sh/docs/api-reference/browser-pools/get-browser-pool-details ---- ``` { "id": "iv25ujqf37x3j07dwoffegqr", "available_count": 85, "acquired_count": 15, "created_at": "2023-11-07T05:31:56Z", "browser_pool_config": { "size": 10, "name": "my-pool", "fill_rate_per_minute": 10, "timeout_seconds": 600, "stealth": true, "headless": false, "profile": { "id": "", "name": "", "save_changes": false }, "extensions": [ { "id": "", "name": "" } ], "proxy_id": "", "viewport": { "width": 1280, "height": 800, "refresh_rate": 60 }, "kiosk_mode": true }, "name": "my-pool" } ``` ---- url: https://www.kernel.sh/docs/api-reference/extensions/upload-a-browser-extension ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.extensions.upload({ file: fs.createReadStream('path/to/file') }); console.log(response.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "size_bytes": 123, "name": "", "last_used_at": "2023-11-07T05:31:56Z" } ``` POST / extensions JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.extensions.upload({ file: fs.createReadStream('path/to/file') }); console.log(response.id); ``` ``` { "id": "", "created_at": "2023-11-07T05:31:56Z", "size_bytes": 123, "name": "", "last_used_at": "2023-11-07T05:31:56Z" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Body multipart/form-data [​](#body-file) file file required ZIP file containing the browser extension. [​](#body-name) name string Optional unique name within the organization to reference this extension. Pattern: `^[A-Za-z0-9._-]{1,255}$` #### Response Extension uploaded successfully A browser extension uploaded to Kernel. [​](#response-id) id string required Unique identifier for the extension [​](#response-created-at) created\_at string\ required Timestamp when the extension was created [​](#response-size-bytes) size\_bytes integer required Size of the extension archive in bytes [​](#response-name-one-of-0) name string | null Optional, easier-to-reference name for the extension. Must be unique within the organization. [​](#response-last-used-at-one-of-0) last\_used\_at string\ | null Timestamp when the extension was last used [List browser extensions](https://www.kernel.sh/docs/api-reference/extensions/list-browser-extensions) [Previous](https://www.kernel.sh/docs/api-reference/extensions/list-browser-extensions) [Download extension archive](https://www.kernel.sh/docs/api-reference/extensions/download-extension-archive) [Next](https://www.kernel.sh/docs/api-reference/extensions/download-extension-archive) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browser-processes/get-process-status ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.status('182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { id: 'id', }); console.log(response.cpu_pct); ``` ``` { "state": "running", "exit_code": 123, "cpu_pct": 123, "mem_bytes": 123 } ``` status JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.process.status('182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { id: 'id', }); console.log(response.cpu_pct); ``` ``` { "state": "running", "exit_code": 123, "cpu_pct": 123, "mem_bytes": 123 } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters #### Response Status Current status of a process. [​](#response-state) state enum\ Process state. Available options : `running`, `exited` [​](#response-exit-code-one-of-0) exit\_code integer | null Exit code if the process has exited. [​](#response-cpu-pct) cpu\_pct number Estimated CPU usage percentage. [​](#response-mem-bytes) mem\_bytes integer Estimated resident memory usage in bytes. [Execute a command asynchronously](https://www.kernel.sh/docs/api-reference/browser-processes/execute-a-command-asynchronously) [Previous](https://www.kernel.sh/docs/api-reference/browser-processes/execute-a-command-asynchronously) [Stream process stdout via SSE](https://www.kernel.sh/docs/api-reference/browser-processes/stream-process-stdout-via-sse) [Next](https://www.kernel.sh/docs/api-reference/browser-processes/stream-process-stdout-via-sse) Ctrl+I ---- url: https://www.kernel.sh/docs/integrations/computer-use/yutori ---- [n1](https://yutori.com/blog/introducing-n1) is Yutori’s pixels-to-actions LLM that predicts browser actions from screenshots. This computer use model enables AI agents to interact with web interfaces by analyzing visual content and generating appropriate mouse and keyboard actions. By integrating Yutori n1 with Kernel, you can run these AI-powered browser automations on cloud-hosted infrastructure, eliminating the need for local browser management and enabling scalable, reliable AI agents. ## [​](#quick-setup-with-our-yutori-example-app)Quick setup with our Yutori example app Get started quickly with our Kernel app template that includes a pre-configured Yutori n1 integration: ``` kernel create --name my-yutori-app --template yutori ``` Choose `TypeScript` or `Python` as the programming language. Then follow the [Quickstart guide](https://www.kernel.sh/docs/quickstart) to deploy and run your Yutori automation on Kernel’s infrastructure. ## [​](#benefits-of-using-kernel-with-yutori-n1)Benefits of using Kernel with Yutori n1 * **No local browser management**: Run n1 automations without installing or maintaining browsers locally * **Scalability**: Launch multiple browser sessions in parallel for concurrent AI agents * **Stealth mode**: Built-in anti-detection features for reliable web interactions * **Session state**: Maintain browser state across runs via [Profiles](https://www.kernel.sh/docs/auth/profiles) * **Live view**: Debug your Yutori agents with real-time browser viewing * **Cloud infrastructure**: Run computationally intensive AI agents without local resource constraints ## [​](#next-steps)Next steps * Check out [live view](https://www.kernel.sh/docs/browsers/live-view) for debugging your automations * Learn about [stealth mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) for avoiding detection * Learn how to properly [terminate browser sessions](https://www.kernel.sh/docs/browsers/termination) * Learn how to [deploy](https://www.kernel.sh/docs/apps/deploy) your Yutori app to Kernel * Read the [Yutori n1 API documentation](https://docs.yutori.com/reference/n1) for model details ---- url: https://www.kernel.sh/docs/browsers/file-io ---- ## Downloads Kernel browsers run in fully sandboxed environments with writable filesystems. When your automation downloads a file, it’s saved inside the browser’s filesystem and can be retrieved using Kernel’s File I/O APIs. ### Playwright Playwright performs downloads via the browser itself, so there are a few steps: ### Stagehand v3 When using Stagehand with Kernel browsers, you need to configure the download behavior in the `localBrowserLaunchOptions`: Here’s a complete example: ``` import { Stagehand } from "@browserbasehq/stagehand"; import Kernel from "@onkernel/sdk"; import fs from "fs"; const DOWNLOAD_DIR = "/tmp/downloads"; // Poll listFiles until any file appears in the directory async function waitForFile( kernel: Kernel, sessionId: string, dir: string, timeoutMs = 30_000 ) { const start = Date.now(); while (Date.now() - start < timeoutMs) { const files = await kernel.browsers.fs.listFiles(sessionId, { path: dir }); if (files.length > 0) { return files[0]; } await new Promise((r) => setTimeout(r, 500)); } throw new Error(`No files found in ${dir} after ${timeoutMs}ms`); } async function main() { const kernel = new Kernel(); console.log("Creating browser via Kernel..."); const kernelBrowser = await kernel.browsers.create({ stealth: true, }); console.log(`Kernel Browser Session Started`); console.log(`Session ID: ${kernelBrowser.session_id}`); console.log(`Watch live: ${kernelBrowser.browser_live_view_url}`); // Initialize Stagehand with Kernel's CDP URL and download configuration const stagehand = new Stagehand({ env: "LOCAL", verbose: 1, localBrowserLaunchOptions: { cdpUrl: kernelBrowser.cdp_ws_url, downloadsPath: DOWNLOAD_DIR, acceptDownloads: true, }, }); await stagehand.init(); const page = stagehand.context.pages()[0]; await page.goto("https://browser-tests-alpha.vercel.app/api/download-test"); // Use Stagehand to click the download button await stagehand.act("Click the download file link"); console.log("Download triggered"); // Wait for the file to be fully available via Kernel's File I/O APIs console.log("Waiting for file to appear..."); const downloadedFile = await waitForFile( kernel, kernelBrowser.session_id, DOWNLOAD_DIR ); console.log(`File found: ${downloadedFile.name}`); const remotePath = `${DOWNLOAD_DIR}/${downloadedFile.name}`; console.log(`Reading file from: ${remotePath}`); // Read the file from Kernel browser's filesystem const resp = await kernel.browsers.fs.readFile(kernelBrowser.session_id, { path: remotePath, }); // Save to local filesystem const bytes = await resp.bytes(); fs.mkdirSync("downloads", { recursive: true }); const localPath = `downloads/${downloadedFile.name}`; fs.writeFileSync(localPath, bytes); console.log(`Saved to ${localPath}`); // Clean up await stagehand.close(); await kernel.browsers.deleteByID(kernelBrowser.session_id); console.log("Browser session closed"); } main().catch((err) => { console.error(err); process.exit(1); }); ``` ### Browser Use Browser Use handles downloads automatically when configured properly. ## Uploads Playwright’s `setInputFiles()` method allows you to upload files directly to file input elements. You can fetch a file from a URL and pass the buffer directly to `setInputFiles()`. ## Considerations ---- url: https://www.kernel.sh/docs/browsers/replays ---- Replays capture browser sessions as video recordings that you can view or download later. You have full control over when replays start and stop, allowing you to capture specific interactions or workflows. ## [​](#starting-and-stopping-recordings)Starting and stopping recordings To start recording a browser session, use the replays API on an active browser: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create(); const replay = await kernel.browsers.replays.start(kernelBrowser.session_id); console.log(`Recording started with ID: ${replay.replay_id}`); // Perform some automation... await kernel.browsers.replays.stop(replay.replay_id, { id: kernelBrowser.session_id }); console.log('Recording stopped and processing'); ``` ## [​](#multiple-recordings-per-session)Multiple recordings per session You can create multiple replay recordings for a single browser session. Each recording gets a unique `replay_id` and can be started and stopped independently: ``` const replay1 = await kernel.browsers.replays.start(kernelBrowser.session_id); // Perform some automation... await kernel.browsers.replays.stop(replay1.replay_id, { id: kernelBrowser.session_id }); const replay2 = await kernel.browsers.replays.start(kernelBrowser.session_id); // Perform different automation... await kernel.browsers.replays.stop(replay2.replay_id, { id: kernelBrowser.session_id }); ``` ## [​](#downloading-all-replays)Downloading all replays To access all replays for a browser session, list and access them via url or as downloads: ``` import fs from 'fs'; import { Buffer } from 'buffer'; const replays = await kernel.browsers.replays.list(kernelBrowser.session_id); for (const replay of replays) { console.log(`Replay ID: ${replay.replay_id}`); console.log(`View URL: ${replay.replay_view_url}`); const videoData = await kernel.browsers.replays.download( replay.replay_id, { id: kernelBrowser.session_id } ); const content = await videoData.blob(); const buffer = Buffer.from(await content.arrayBuffer()); const filename = `replay-${replay.replay_id}-${kernelBrowser.session_id}.mp4`; fs.writeFileSync(filename, buffer); } ``` ---- url: https://www.kernel.sh/docs/browsers/pools/faq ---- ### When should I use browser pools vs. creating browsers on-demand? Use browser pools when you need to run many browsers concurrently (50+ simultaneous browsers). Pools allow you to pre-configure a set of browsers for your use case, enabling you to scale to hundreds or thousands of concurrent browser sessions. ### How do I know if my pool is too small or too large? Monitor the `available_count` metric. If it frequently drops to 0, your pool is too small. If it stays above 30-40% of the pool size during normal operation, you’re over-provisioned. Target 10-20% available browsers during typical load. ### What happens if I don’t release a browser back to the pool? The browser will remain “acquired” until the idle timeout expires, at which point it’s destroyed and a new browser is created to refill the pool. Unreleased browsers create inefficiency and can exhaust your pool. ### What is `fill_rate_per_minute`? `fill_rate_per_minute` is the percentage of the pool that will be refilled per minute. For example, if you set `fill_rate_per_minute` to 10, the pool will be refilled with 10% of the pool size per minute. When a browser from a pool is set to be destroyed (by reaching its specified `timeout_seconds` or `reuse: false`), a pool refill will be triggered to replace any destroyed browsers with new ones. Refill checks run once per minute. ### Can I update a pool’s configuration without recreating it? Yes, use `kernel.browserPools.update()`. By default, idle browsers are discarded and rebuilt with new configuration. Set `discard_all_idle: false` to only apply changes to newly created browsers. ### Should I set `reuse: true` or `reuse: false` when releasing? Use `reuse: true` (default) for efficiency. Only use `reuse: false` when you suspect browser state corruption or need a guaranteed clean browser session. ### How do pool timeouts interact with task duration? The pool’s `timeout_seconds` only applies while the browser is acquired. If your task takes 5 minutes and timeout is 3 minutes, the browser won’t be destroyed—the timeout only triggers if the browser is idle (no CDP connection) for 3 minutes. ### Can I use different browser configurations within the same pool? All browsers in a pool initialize with the same configuration. Calling `kernel.browserPools.update()` updates the configuration for all idle browsers in the pool. Once you’ve acquired a browser, you can apply certain [hot swap configurations](https://www.kernel.sh/docs/api-reference/browsers/update-browser-session) to that browser instance using `kernel.browsers.update()`. ### How do I handle rate limiting from target websites? ### What’s the best way to debug issues in production? ---- url: https://www.kernel.sh/docs/api-reference/browsers/ad-hoc-upload-one-or-more-unpacked-extensions-to-a-running-browser-instance ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.loadExtensions('id', { extensions: [{ name: 'name', zip_file: fs.createReadStream('path/to/file') }], }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` POST / browsers / {id} / extensions JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.loadExtensions('id', { extensions: [{ name: 'name', zip_file: fs.createReadStream('path/to/file') }], }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body multipart/form-data [​](#body-extensions) extensions object\[] required List of extensions to upload and activate Show child attributes #### Response Extensions uploaded, Chromium restarted, and DevTools is ready [Update browser session](https://www.kernel.sh/docs/api-reference/browsers/update-browser-session) [Previous](https://www.kernel.sh/docs/api-reference/browsers/update-browser-session) [Execute a batch of computer actions sequentially](https://www.kernel.sh/docs/api-reference/browsers/execute-a-batch-of-computer-actions-sequentially) [Next](https://www.kernel.sh/docs/api-reference/browsers/execute-a-batch-of-computer-actions-sequentially) ⌘I ---- url: https://www.kernel.sh/docs/auth/hosted-ui ---- Collect credentials securely via Kernel’s hosted page, then use the authenticated session in your automations. This is the recommended approach for most applications. Use the Hosted UI when: * You need users to provide their credentials * You want the simplest integration with minimal code * You want Kernel to handle 2FA and multi-step login flows ## [​](#getting-started)Getting started ### [​](#1-create-a-connection)1. Create a Connection A Managed Auth Connection associates a [profile](https://www.kernel.sh/docs/auth/profiles) to a domain you want to keep authenticated so you can use the auth connection future browsers. ``` const auth = await kernel.auth.connections.create({ domain: 'linkedin.com', profile_name: 'linkedin-profile', // Name of the profile to associate with the connection }); ``` ### [​](#2-start-a-login-session)2. Start a Login Session Start a Managed Auth Session to get the hosted login URL. ``` const login = await kernel.auth.connections.login(auth.id); ``` ### [​](#3-collect-credentials)3. Collect Credentials Send the user to the hosted login page: ``` window.location.href = login.hosted_url; ``` The user will: 1. See the login page for the target website 2. Enter their credentials 3. Complete 2FA if needed ### [​](#4-poll-for-completion)4. Poll for Completion On your backend, poll until authentication completes: ``` let state = await kernel.auth.connections.retrieve(auth.id); while (state.flow_status === 'IN_PROGRESS') { await new Promise(r => setTimeout(r, 2000)); state = await kernel.auth.connections.retrieve(auth.id); } if (state.status === 'AUTHENTICATED') { console.log('Authentication successful!'); } ``` Poll every 2 seconds. The session expires after 20 minutes if not completed, and the flow times out after 10 minutes of waiting for user input. ### [​](#5-use-the-profile)5. Use the Profile Create browsers with the profile and navigate to the site. The browser session will already be authenticated: ``` const browser = await kernel.browsers.create({ profile: { name: 'linkedin-profile' }, stealth: true, }); // Navigate to the site—you're already logged in await page.goto('https://linkedin.com'); ``` Managed Auth Connections are generated using Kernel’s [stealth](https://www.kernel.sh/docs/browsers/bot-detection/stealth) mode. Use `stealth: true` when creating authenticated browser sessions for the best experience. ## [​](#complete-example)Complete Example ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); // Create connection const auth = await kernel.auth.connections.create({ domain: 'doordash.com', profile_name: 'doordash-user-123', }); // Start authentication const login = await kernel.auth.connections.login(auth.id); // Send user to hosted page console.log('Login URL:', login.hosted_url); // Poll for completion let state = await kernel.auth.connections.retrieve(auth.id); while (state.flow_status === 'IN_PROGRESS') { await new Promise(r => setTimeout(r, 2000)); state = await kernel.auth.connections.retrieve(auth.id); } if (state.status === 'AUTHENTICATED') { const browser = await kernel.browsers.create({ profile: { name: 'doordash-user-123' }, stealth: true, }); // Navigate to the site—you're already logged in await page.goto('https://doordash.com'); } ``` ## [​](#adding-features)Adding Features The basic flow above gets you started. Add these features as needed: ### [​](#credentials-and-auto-reauth)Credentials and Auto-Reauth Credentials are saved after every successful login, enabling automatic re-authentication when the session expires. One-time codes (TOTP, SMS, etc.) are not saved. To opt out of credential saving, set `save_credentials: false` when creating the connection. See [Credentials](https://www.kernel.sh/docs/auth/credentials) for more on automated authentication. ### [​](#custom-login-url)Custom Login URL If the site’s login page isn’t at the default location, specify it when creating the connection: ``` const auth = await kernel.auth.connections.create({ domain: 'example.com', profile_name: 'my-profile', login_url: 'https://example.com/auth/signin', }); ``` ### [​](#sso/oauth-support)SSO/OAuth Support Sites with “Sign in with Google/GitHub/Microsoft” are supported. The user completes the OAuth flow with the provider, and the authenticated session is automatically saved to the Kernel profile. Make sure to add all of the OAuth provider’s domains to `allowed_domains`: ``` const auth = await kernel.auth.connections.create({ domain: 'example.com', profile_name: 'my-profile', allowed_domains: ['accounts.google.com', 'google.com'], }); ``` ### [​](#post-login-url)Post-Login URL After successful authentication, `post_login_url` will be set to the page where the login landed. Use this start your automation from the right place: ``` const managedAuth = await kernel.auth.connections.retrieve(auth.id); if (managedAuth.post_login_url) { await page.goto(managedAuth.post_login_url); // Start automation from the dashboard/home page } ``` ---- url: https://www.kernel.sh/docs/integrations/vercel/marketplace ---- ## Integrate Kernel through the Vercel Marketplace The Vercel Marketplace allows Vercel users to install and configure third-party services, like Kernel, directly from the Vercel dashboard. Kernel offers an [official integration](https://vercel.com/marketplace/kernel) that Vercel users can install to integrate Kernel cloud browsers into their Vercel projects. Kernel works out of the box with every major agent and automation framework, including **Browser Use**, **Stagehand**, **Playwright**, **Puppeteer**, or **Computer Use** via **OpenAI**, **Anthropic**, and **Gemini**. ### Installing the Kernel Integration 1. Navigate to the [Kernel integration](https://vercel.com/marketplace/kernel) in the Vercel Marketplace. 2. Click **Install** to add Kernel to your Vercel team. 3. Select your pricing plan. 4. Provide a name for your Kernel installation (this is not used for billing or anything else). 5. Click **Create**. Vercel will automatically provision a Kernel User account, Organization, and API key for you. Vercel calls the provisioned account, Organization, and API key a **Resource**. Each Vercel team has an associated Kernel Organization. Kernel will automatically provision a new User account for you, or link to an existing Kernel User account if an account is found with the same email address. An equivalent role in Kernel is assigned to the user based on their Vercel team role. Roles and Vercel team membership are automatically synced to Kernel. ### Connecting to your Vercel projects Once you’ve installed Kernel, you will need to connect it to one of your Vercel projects. Generally, a Kernel Organization should be connected to a single Vercel project. Connecting to a project will automatically sync your Kernel API key to your Vercel project’s environment variables. The following environment variable will be automatically synced to all environments: ### Configuring your Kernel integration Most of your Kernel integration configuration will be done through the Kernel Dashboard. To access the Dashboard after installing the Kernel integration, navigate to your installation details page and click the **Open in Kernel** button. ### Using Kernel in your application Once your Kernel API key is synced to your Vercel project, you can use it in your application. Here’s a quick example: For more examples and features like profiles, stealth mode, and live view, check out the [Browsers documentation](https://www.kernel.sh/docs/browsers/create-a-browser). ### Pricing The pricing for plans purchased through the Vercel Marketplace is the same as the pricing when purchased directly through Kernel. For more information on Kernel’s pricing and available plans, see the [Pricing page](https://onkernel.com/#pricing). Billing and usage data are reported hourly to Vercel and can be viewed directly in the Vercel Dashboard. Billing plan management can be done through both the Vercel Dashboard and the Kernel Dashboard. ### Limitations The following limitations apply when using Kernel through the Vercel Marketplace: ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.pressKey('id', { keys: ['string'] }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` press\_key JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.pressKey('id', { keys: ['string'] }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body application/json [​](#body-keys) keys string\[] required List of key symbols to press. Each item should be a key symbol supported by xdotool (see X11 keysym definitions). Examples include "Return", "Shift", "Ctrl", "Alt", "F5". Items in this list could also be combinations, e.g. "Ctrl+t" or "Ctrl+Shift+Tab". [​](#body-duration) duration integer default:0 Duration to hold the keys down in milliseconds. If omitted or 0, keys are tapped. Required range : `x >= 0` [​](#body-hold-keys) hold\_keys string\[] Optional modifier keys to hold during the key press sequence. #### Response Keys pressed successfully [Type text on the browser instance](https://www.kernel.sh/docs/api-reference/browser-computer-controls/type-text-on-the-browser-instance) [Previous](https://www.kernel.sh/docs/api-reference/browser-computer-controls/type-text-on-the-browser-instance) [Scroll the mouse wheel at a position on the host computer](https://www.kernel.sh/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) Ctrl+I ---- url: https://www.kernel.sh/docs/browsers/pools/overview ---- Browser pools let you maintain a set of reserved, identical browsers ready for immediate use. Use them to set your preferred browser configuration in advance, allowing you to minimize browser start-up latency and scale your workloads in production. ## Create a pool of reserved browsers Create a browser pool with a specified size and configuration. All browsers in the pool share the same settings. ### Pool configuration options Pools can be pre-configured with options like custom extensions, supported viewports, residential proxies, profiles, and more. See the [API reference](https://www.kernel.sh/docs/api-reference/browser-pools/create-a-browser-pool) for more details. ## Acquire a browser Acquire a browser from the pool. The request returns immediately if a browser is available, or waits until one becomes available. The `acquire_timeout_seconds` parameter controls how long to wait; it defaults to the calculated time it would take to fill the pool at the pool’s configured [fill rate](https://www.kernel.sh/docs/api-reference/browser-pools/create-a-browser-pool#body-fill-rate-per-minute). The acquired browser includes all the same properties as a regular browser session, including `cdp_ws_url` for CDP connections and `browser_live_view_url` for live viewing. ### Timeout behavior Browsers remain in the pool indefinitely until acquired. Once acquired, the pool’s `timeout_seconds` applies just like a [regular browser timeout](https://www.kernel.sh/docs/browsers/termination#automatic-deletion-via-timeout)—if the browser is idle (no CDP or live view connection) for longer than the timeout, it is destroyed and **not** returned to the pool. The pool will automatically create a replacement browser at the pool’s configured [fill rate](https://www.kernel.sh/docs/api-reference/browser-pools/create-a-browser-pool#body-fill-rate-per-minute). ## Release a browser When you’re done with a browser, release it back to the pool. By default, the browser instance is reused. Set `reuse: false` to destroy it and create a fresh one. ## Update a pool Update the pool configuration. By default, all idle browsers are discarded and rebuilt with the new configuration. By default, updating a pool discards all idle browsers and rebuilds them with the new configuration. Set `discard_all_idle: false` to keep existing idle browsers and only apply the new configuration to newly created browsers. ## Flush idle browsers Destroy all idle browsers in the pool. Acquired browsers are not affected. The pool will automatically refill with the pool’s specified configuration. ## Get pool details Retrieve the current status and configuration of a pool. ## List pools List all browser pools in your organization. ## Delete a pool Delete a browser pool and all browsers in it. By default, deletion is blocked if browsers are currently acquired. Use `force: true` to terminate acquired browsers and force deletion. ## Full example This example assumes you’ve already created a pool named “my-pool”. In practice, you’d create pools once (via the SDK, CLI, or dashboard) and then acquire from them repeatedly. ## API reference For more details on all available endpoints and parameters, see the [Browser Pools API reference](https://www.kernel.sh/docs/api-reference/browser-pools/list-browser-pools). ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.scroll('id', { x: 0, y: 0 }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` scroll JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.scroll('id', { x: 0, y: 0 }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body application/json [​](#body-x) x integer required X coordinate at which to perform the scroll [​](#body-y) y integer required Y coordinate at which to perform the scroll [​](#body-delta-x) delta\_x integer default:0 Horizontal scroll amount in xdotool "wheel units." Positive scrolls right, negative scrolls left. [​](#body-delta-y) delta\_y integer default:0 Vertical scroll amount in xdotool "wheel units." Positive scrolls down, negative scrolls up. [​](#body-hold-keys) hold\_keys string\[] Modifier keys to hold during the scroll #### Response Scroll performed [Press one or more keys on the host computer](https://www.kernel.sh/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) [Previous](https://www.kernel.sh/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) [Drag the mouse along a path](https://www.kernel.sh/docs/api-reference/browser-computer-controls/drag-the-mouse-along-a-path) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/drag-the-mouse-along-a-path) Ctrl+I ---- url: https://www.kernel.sh/docs/profiles/overview ---- [Skip to main content](https://www.kernel.sh/docs/profiles/overview#content-area) ##### Getting started - [Introduction](https://www.kernel.sh/docs/introduction) - [Quickstart](https://www.kernel.sh/docs/quickstart) ##### Working with your browser - Basics - [Create a Browser](https://www.kernel.sh/docs/browsers/create-a-browser) - [Live View](https://www.kernel.sh/docs/browsers/live-view) - [Termination & Timeouts](https://www.kernel.sh/docs/browsers/termination) - [Standby Mode](https://www.kernel.sh/docs/browsers/standby) - [Headless Mode](https://www.kernel.sh/docs/browsers/headless) - Intermediate - [Replays](https://www.kernel.sh/docs/browsers/replays) - [Viewports](https://www.kernel.sh/docs/browsers/viewport) - [GPU Acceleration](https://www.kernel.sh/docs/browsers/gpu-acceleration) - Auth - [File I/O](https://www.kernel.sh/docs/browsers/file-io) - [SSH Access](https://www.kernel.sh/docs/browsers/ssh) - [Computer Controls](https://www.kernel.sh/docs/browsers/computer-controls) - [Playwright Execution](https://www.kernel.sh/docs/browsers/playwright-execution) - Advanced - Bot Anti-Detection - [Extensions](https://www.kernel.sh/docs/browsers/extensions) - Reserved Browsers ##### Building your app - [Developing](https://www.kernel.sh/docs/apps/develop) - [Deploying](https://www.kernel.sh/docs/apps/deploy) - [Invoking](https://www.kernel.sh/docs/apps/invoke) - [Stopping](https://www.kernel.sh/docs/apps/stop) - [Secrets](https://www.kernel.sh/docs/apps/secrets) - [Status](https://www.kernel.sh/docs/apps/status) - [Logs](https://www.kernel.sh/docs/apps/logs) ##### Integrations - [Overview](https://www.kernel.sh/docs/integrations/overview) - [Agent Browser](https://www.kernel.sh/docs/integrations/agent-browser) - [Browser Use](https://www.kernel.sh/docs/integrations/browser-use) - [Claude Agent SDK](https://www.kernel.sh/docs/integrations/claude-agent-sdk) - Computer Use - [Laminar](https://www.kernel.sh/docs/integrations/laminar) - [Magnitude](https://www.kernel.sh/docs/integrations/magnitude) - [Notte](https://www.kernel.sh/docs/integrations/notte) - [Vibium](https://www.kernel.sh/docs/integrations/vibium) - [Stagehand](https://www.kernel.sh/docs/integrations/stagehand) - [Val Town](https://www.kernel.sh/docs/integrations/valtown) - Vercel - [1Password](https://www.kernel.sh/docs/integrations/1password) ##### Migrations - [Scrapybara](https://www.kernel.sh/docs/migrations/scrapybara) ##### Community - [Github](https://github.com/onkernel/kernel-images) - [Discord](https://discord.gg/FBrveQRcud) ##### Info - [FAQ](https://www.kernel.sh/docs/browsers/faq) - [Concepts](https://www.kernel.sh/docs/info/concepts) - [Pricing & Limits](https://www.kernel.sh/docs/info/pricing) - [Browsers on Unikernels](https://www.kernel.sh/docs/info/unikernels) close [Kernel home page![logo](https://mintcdn.com/tbd-6fc993ce/Lt3m2NlMiCztMtQK/logo/black.svg?fit=max&auto=format&n=Lt3m2NlMiCztMtQK&q=85&s=68e987c751954bbc1d35886a02636c73)](https://www.kernel.sh/docs) Search... Ctrl KAsk AI Search... Navigation Page Not Found [Guides](https://www.kernel.sh/docs/introduction) [API Reference](https://www.kernel.sh/docs/api-reference/invocations/list-invocations) [MCP](https://www.kernel.sh/docs/reference/mcp-server) [CLI](https://www.kernel.sh/docs/reference/cli) [Changelog](https://www.kernel.sh/changelog) 404 # Page Not Found We couldn't find the page. Maybe you were looking for one of these pages below? [Profiles](https://www.kernel.sh/docs/auth/profiles#profiles) [Download profile archive](https://www.kernel.sh/docs/api-reference/profiles/download-profile-archive) [Get profile by ID or name](https://www.kernel.sh/docs/api-reference/profiles/get-profile-by-id-or-name) Ctrl+I Assistant Responses are generated using AI and may contain mistakes. ---- url: https://www.kernel.sh/docs/browsers/playwright-execution ---- Execute arbitrary Playwright/TypeScript code in a fresh execution context against your browser. The code runs in the same VM as the browser, minimizing latency and maximizing throughput. **For complex workloads, Kernel has a full [code execution platform](https://www.kernel.sh/docs/apps)**. ## [​](#how-it-works)How it works When you execute Playwright code through this API: * Your code runs directly in the browser’s VM (no CDP overhead) * You have access to `page`, `context`, and `browser` variables * You can `return` a value, which is returned in the response * Execution is isolated in a fresh context each time ## [​](#quick-example)Quick example ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); // Create a browser const kernelBrowser = await kernel.browsers.create(); // Execute Playwright code const response = await kernel.browsers.playwright.execute( kernelBrowser.session_id, { code: ` await page.goto('https://example.com'); return await page.title(); ` } ); console.log(response.result); // "Example Domain" ``` ## [​](#available-variables)Available variables Your code has access to these Playwright objects: * `page` - The current page instance * `context` - The browser context * `browser` - The browser instance ## [​](#returning-values)Returning values Use a `return` statement to send data back from your code: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://example.com'); const title = await page.title(); const url = page.url(); return { title, url }; ` } ); console.log(response.result); // { title: "Example Domain", url: "https://example.com" } ``` ## [​](#timeout-configuration)Timeout configuration Set a custom timeout (default is 60 seconds, max is 300 seconds): ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://example.com'); return await page.title(); `, timeout_sec: 120 } ); ``` ## [​](#error-handling)Error handling The response includes error information if execution fails: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://invalid-url'); return await page.title(); ` } ); if (!response.success) { console.error('Error:', response.error); console.error('Stderr:', response.stderr); } ``` ## [​](#use-cases)Use cases ### [​](#web-scraping)Web scraping Extract data from multiple pages without CDP overhead: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://news.ycombinator.com'); const titles = await page.$$eval('.titleline > a', links => links.map(link => link.textContent) ); return titles.slice(0, 10); ` } ); ``` ### [​](#form-automation)Form automation Fill and submit forms quickly: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://example.com/form'); await page.fill('#email', 'user@example.com'); await page.fill('#password', 'password123'); await page.click('button[type="submit"]'); await page.waitForNavigation(); return page.url(); ` } ); ``` ### [​](#testing-and-validation)Testing and validation Run quick checks against your browser state: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` const cookies = await context.cookies(); const localStorage = await page.evaluate(() => JSON.stringify(window.localStorage) ); return { cookies, localStorage }; ` } ); ``` ### [​](#screenshots)Screenshots Capture screenshots using Playwright’s native screenshot API: ``` const response = await kernel.browsers.playwright.execute( sessionId, { code: ` await page.goto('https://example.com'); const screenshot = await page.screenshot({ type: 'png', fullPage: true }); return screenshot.toString('base64'); ` } ); // Decode and save the screenshot const buffer = Buffer.from(response.result, 'base64'); fs.writeFileSync('screenshot.png', buffer); ``` For OS-level screenshots using coordinates and regions, see [Computer Controls](https://www.kernel.sh/docs/browsers/computer-controls#take-screenshots). ## [​](#performance-benefits)Performance benefits Compared to connecting over CDP: * **Lower latency** - Code runs in the same VM as the browser * **Higher throughput** - No websocket overhead for commands * **Simpler code** - No need to manage CDP connections This makes it ideal for one-off operations where you need maximum speed. ## [​](#mcp-server-integration)MCP server integration This feature is available as a tool in our [MCP server](https://www.kernel.sh/docs/reference/mcp-server). AI agents can use the `execute_playwright_code` tool to run Playwright code against browsers with automatic video replay and cleanup. ---- url: https://www.kernel.sh/docs/apps/stop ---- You can terminate an invocation that’s running. This is useful for stopping automations or agents stuck in an infinite loop. Terminating an invocation also destroys any browsers associated with it. ## [​](#via-api)Via API You can stop an invocation by setting its status to `failed`. This will cancel the invocation and mark it as terminated. ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const invocation = await kernel.invocations.update('invocation_id', { status: 'failed', output: JSON.stringify({ error: 'Invocation cancelled by user' }), }); ``` ## [​](#via-cli)Via CLI Use `ctrl-c` in the terminal tab where you launched the invocation. ---- url: https://www.kernel.sh/docs/browsers/headless ---- Kernel browsers ship in `Headful` mode by default. In Headful mode, the launched browser has a corresponding GUI. This enables features like [live view](https://www.kernel.sh/docs/browsers/live-view) and [replays](https://www.kernel.sh/docs/browsers/replays). `Headless` mode runs without a visual interface. They generally run faster and have a lighter footprint (1 GB rather than headful’s 8 GB), resulting in significant cost savings. This is useful for short-lived or highly concurrent browser automations. Some bot detectors may detect headless mode. To launch a Kernel browser in `Headless` mode, set its config: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create({ headless: true, }); ``` [Live View](https://www.kernel.sh/docs/browsers/live-view) and [Replays](https://www.kernel.sh/docs/browsers/replays) are not available in headless mode. ---- url: https://www.kernel.sh/docs/api-reference/browser-replays/stop-a-browser-session-replay-recording ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.replays.stop('replay_id', { id: 'id' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` / {replay\_id} / stop JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.replays.stop('replay_id', { id: 'id' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID [​](#parameter-replay-id) replay\_id string required Replay recording identifier #### Response Recording stopped successfully. [Download a replay recording](https://www.kernel.sh/docs/api-reference/browser-replays/download-a-replay-recording) [Previous](https://www.kernel.sh/docs/api-reference/browser-replays/download-a-replay-recording) [Simulate a mouse click action on the browser instance](https://www.kernel.sh/docs/api-reference/browser-computer-controls/simulate-a-mouse-click-action-on-the-browser-instance) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/simulate-a-mouse-click-action-on-the-browser-instance) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browser-pools/list-browser-pools ---- ``` [ { "id": "iv25ujqf37x3j07dwoffegqr", "available_count": 85, "acquired_count": 15, "created_at": "2023-11-07T05:31:56Z", "browser_pool_config": { "size": 10, "name": "my-pool", "fill_rate_per_minute": 10, "timeout_seconds": 600, "stealth": true, "headless": false, "profile": { "id": "", "name": "", "save_changes": false }, "extensions": [ { "id": "", "name": "" } ], "proxy_id": "", "viewport": { "width": 1280, "height": 800, "refresh_rate": 60 }, "kiosk_mode": true }, "name": "my-pool" } ] ``` ---- url: https://www.kernel.sh/docs/api-reference/browser-logs/stream-log-files-on-the-browser-instance-via-sse ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const logEvent = await client.browsers.logs.stream('id', { source: 'path' }); console.log(logEvent.event); ``` ``` { "event": "", "timestamp": "2023-11-07T05:31:56Z", "message": "" } ``` GET / browsers / {id} / logs / stream JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const logEvent = await client.browsers.logs.stream('id', { source: 'path' }); console.log(logEvent.event); ``` ``` { "event": "", "timestamp": "2023-11-07T05:31:56Z", "message": "" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Query Parameters [​](#parameter-source) source enum\ required Available options : `path`, `supervisor` [​](#parameter-follow) follow boolean default:true [​](#parameter-path) path string only required if source is path [​](#parameter-supervisor-process) supervisor\_process string only required if source is supervisor #### Response SSE stream of logs A log entry from the application. [​](#response-event) event string required Event type identifier (always "log"). Allowed value: `"log"` [​](#response-timestamp) timestamp string\ required Time the log entry was produced. [​](#response-message) message string required Log message text. [Execute Playwright/TypeScript code against the browser](https://www.kernel.sh/docs/api-reference/browser-playwright/execute-playwrighttypescript-code-against-the-browser) [Previous](https://www.kernel.sh/docs/api-reference/browser-playwright/execute-playwrighttypescript-code-against-the-browser) [List browser pools](https://www.kernel.sh/docs/api-reference/browser-pools/list-browser-pools) [Next](https://www.kernel.sh/docs/api-reference/browser-pools/list-browser-pools) Ctrl+I ---- url: https://www.kernel.sh/docs/integrations/magnitude ---- [Magnitude](https://magnitude.run/) is an open source AI browser automation framework. It uses vision AI to enable you to control your browser with natural language. By integrating with Kernel, you can run Magnitude agents and automations with cloud-hosted browsers. ## [​](#adding-kernel-to-existing-magnitude-implementations)Adding Kernel to existing Magnitude implementations If you already have a Magnitude implementation, you can easily switch to using Kernel’s cloud browsers by updating your browser configuration. ### [​](#1-install-the-kernel-sdk)1. Install the Kernel SDK ``` npm install @onkernel/sdk ``` ### [​](#2-initialize-kernel-and-create-a-browser)2. Initialize Kernel and create a browser Import the libraries and create a cloud browser session: ``` import { startBrowserAgent } from "magnitude-core"; import Kernel from '@onkernel/sdk'; import z from 'zod'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create({ stealth: true, }); console.log(`Live view url: ${kernelBrowser.browser_live_view_url}`); ``` ### [​](#3-update-your-browser-configuration)3. Update your browser configuration Replace your existing browser setup to use Kernel’s CDP URL and display settings: ``` const agent = await startBrowserAgent({ url: 'https://magnitasks.com', narrate: true, browser: { cdp: kernelBrowser.cdp_ws_url, }, llm: { provider: 'anthropic', options: { model: 'claude-sonnet-4-20250514' } } }); ``` ### [​](#4-use-your-agent)4. Use your agent Use Magnitude’s agent methods with the Kernel-powered browser: ``` await agent.act([ 'click on "Tasks" in the sidebar', 'click on the first item in the "In Progress" column' ]); const assignee = await agent.extract('Extract the task Assignee', z.string()); await agent.stop(); // Clean up the Kernel Browser Session await kernel.browsers.deleteByID(kernelBrowser.session_id); ``` ## [​](#quick-setup-with-our-magnitude-example-app)Quick setup with our Magnitude example app Alternatively, you can use our Kernel app template that includes a pre-configured Magnitude integration: ``` kernel create --name my-magnitude-app --language typescript --template magnitude ``` Then follow the [Quickstart guide](https://www.kernel.sh/docs/quickstart) to deploy and run your Magnitude automation on Kernel’s infrastructure. ## [​](#benefits-of-using-kernel-with-magnitude)Benefits of using Kernel with Magnitude * **No local browser management**: Run automations without installing or maintaining browsers locally * **Scalability**: Launch multiple browser sessions in parallel * **Stealth mode**: Built-in anti-detection features for web scraping * **Session state**: Maintain browser state across runs via [Profiles](https://www.kernel.sh/docs/auth/profiles) * **Live view**: Debug your automations with real-time browser viewing ## [​](#next-steps)Next steps * Check out [live view](https://www.kernel.sh/docs/browsers/live-view) for debugging your automations * Learn about [stealth mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) for avoiding detection * Learn how to properly [terminate browser sessions](https://www.kernel.sh/docs/browsers/termination) * Learn how to [deploy](https://www.kernel.sh/docs/apps/deploy) your Magnitude app to Kernel ---- url: https://www.kernel.sh/docs/reference/cli/mcp ---- ## `kernel mcp install --target ` Install Kernel MCP server configuration for a supported AI development tool. This command automatically configures the MCP server in your tool’s settings file. | Flag | Description | | ------------------- | -------------------------------------- | | `--target ` | Target AI tool to configure. Required. | ### Supported Targets ### Examples ### What It Does The `mcp install` command: 1. **Locates the configuration file** for your target tool (e.g., `~/.cursor/mcp.json` for Cursor) 2. **Creates the file if it doesn’t exist** or reads the existing configuration 3. **Adds the Kernel MCP server** configuration with the correct settings for your tool 4. **Preserves existing MCP servers** - your other MCP configurations remain intact ### Configuration Details The command automatically configures the appropriate transport and settings for each tool: ### Next Steps After installation: 1. **Restart your tool** (or reload the window) to load the new MCP server 2. **Authenticate** when prompted - you’ll be redirected to authorize Kernel access via OAuth 3. **Start using Kernel tools** - browser automation capabilities will be available in your AI conversations ### Troubleshooting If installation fails: ---- url: https://www.kernel.sh/docs/integrations/1password ---- Connect 1Password to automatically use credentials from your existing vaults with [Managed Auth](https://www.kernel.sh/docs/auth/overview). No need to manually create credentials in Kernel—1Password items are discovered by domain matching. ## How It Works 1. **Connect a service account** — Add your 1Password service account token in the dashboard 2. **Domain matching** — When Managed Auth needs credentials, it searches your connected vaults for items matching the target domain 3. **Automatic fill** — Credentials (including TOTP secrets) are used to complete authentication ## Setup ## Path Format When using explicit paths, specify `VaultName/ItemName`: ## Domain Matching 1Password items are matched by their website/URL field: | 1Password Item URL | Matches Domain | | -------------------------- | ------------------------------------ | | `github.com` | `github.com` | | `https://github.com/login` | `github.com` | | `*.example.com` | `app.example.com`, `api.example.com` | If multiple items match a domain, the first match is used. Organize your vaults to ensure the correct credentials are selected. ## TOTP Support If your 1Password item has a one-time password (TOTP) field configured, it will be used automatically for 2FA—no additional setup needed. ## Credential Options The `credential` object supports multiple sources: | Type | Example | Description | | ------------------ | ------------------------------------------- | --------------------------------- | | Kernel credential | `{ name: 'my-creds' }` | Use a credential stored in Kernel | | 1Password explicit | `{ provider: 'my-1p', path: 'Vault/Item' }` | Use a specific 1Password item | | 1Password auto | `{ provider: 'my-1p', auto: true }` | Search 1Password by domain | If no `credential` is specified, the flow will wait for manual input. ## Security | Feature | Description | | ------------------------- | ------------------------------------------------------ | | **Token encrypted** | Service account token encrypted with per-org keys | | **No credential storage** | Credentials stay in 1Password, retrieved at auth time | | **Vault access control** | Limit access via 1Password service account permissions | | **Audit trail** | 1Password logs all credential access | ---- url: https://www.kernel.sh/docs/api-reference/browser-filesystem/stream-filesystem-events-for-a-watch ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.fs.watch.events('watch_id', { id: 'id' }); console.log(response.path); ``` ``` { "type": "CREATE", "path": "", "name": "", "is_dir": true } ``` GET / events JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.browsers.fs.watch.events('watch_id', { id: 'id' }); console.log(response.path); ``` ``` { "type": "CREATE", "path": "", "name": "", "is_dir": true } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters #### Response SSE stream of filesystem events Filesystem change event. [​](#response-type) type enum\ required Event type. Available options : `CREATE`, `WRITE`, `DELETE`, `RENAME` [​](#response-path) path string required Absolute path of the file or directory. [​](#response-name) name string Base name of the file or directory affected. [​](#response-is-dir) is\_dir boolean Whether the affected path is a directory. [Watch a directory for changes](https://www.kernel.sh/docs/api-reference/browser-filesystem/watch-a-directory-for-changes) [Previous](https://www.kernel.sh/docs/api-reference/browser-filesystem/watch-a-directory-for-changes) [Stop watching a directory](https://www.kernel.sh/docs/api-reference/browser-filesystem/stop-watching-a-directory) [Next](https://www.kernel.sh/docs/api-reference/browser-filesystem/stop-watching-a-directory) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browser-pools/release-a-browser-back-to-the-pool ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browserPools.release('id_or_name', { session_id: 'ts8iy3sg25ibheguyni2lg9t' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` POST / browser\_pools / {id\_or\_name} / release JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browserPools.release('id_or_name', { session_id: 'ts8iy3sg25ibheguyni2lg9t' }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id-or-name) id\_or\_name string required Browser pool ID or name #### Body application/json Request body for releasing a browser back to the pool. [​](#body-session-id) session\_id string required Browser session ID to release back to the pool Example: `"ts8iy3sg25ibheguyni2lg9t"` [​](#body-reuse) reuse boolean default:true Whether to reuse the browser instance or destroy it and create a new one. Defaults to true. Example: `false` #### Response Browser released successfully [Acquire a browser from the pool](https://www.kernel.sh/docs/api-reference/browser-pools/acquire-a-browser-from-the-pool) [Previous](https://www.kernel.sh/docs/api-reference/browser-pools/acquire-a-browser-from-the-pool) [Flush all idle browsers in the pool](https://www.kernel.sh/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) [Next](https://www.kernel.sh/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) ⌘I ---- url: https://www.kernel.sh/docs/browsers/gpu-acceleration ---- **Research Preview** — GPU acceleration is currently in research preview. Capacity may be limited and requires a Start-Up or Enterprise plan. GPU acceleration enables GPU-accelerated rendering in Kernel browsers, providing enhanced performance for graphics-intensive workloads. GPU acceleration is only available for headful browsers. ## [​](#enable-gpu-acceleration)Enable GPU acceleration Set the `gpu` parameter to `true` when creating a browser: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const kernelBrowser = await kernel.browsers.create({ gpu: true }); ``` You can also enable GPU acceleration in the dashboard when deploying a browser under **Advanced Configuration**. ## [​](#use-cases)Use cases GPU acceleration is useful for: * High performance live view streaming * Rendering complex 3D graphics or WebGL content * Video processing and playback * Canvas-heavy applications ## [​](#availability)Availability GPU acceleration is available on Start-Up and Enterprise plans. Due to limited capacity during the research preview, GPU-enabled browsers may not always be available. ---- url: https://www.kernel.sh/docs/api-reference/browser-replays/list-browser-session-replays ---- [Skip to main content](#content-area) [Kernel home page](/docs) [Guides](/docs/introduction)[API Reference](/docs/api-reference/invocations/list-invocations)[MCP](/docs/reference/mcp-server)[CLI](/docs/reference/cli)[Changelog](https://www.kernel.sh/changelog) ##### Invocations * [GET](/docs/api-reference/invocations/list-invocations) [List invocations](/docs/api-reference/invocations/list-invocations) * [POST](/docs/api-reference/invocations/invoke-an-action) [Invoke an action](/docs/api-reference/invocations/invoke-an-action) * [GET](/docs/api-reference/invocations/get-invocation-details) [Get invocation details](/docs/api-reference/invocations/get-invocation-details) * [PATCH](/docs/api-reference/invocations/update-invocation) [Update invocation](/docs/api-reference/invocations/update-invocation) * [GET](/docs/api-reference/invocations/list-browsers-for-an-invocation) [List browsers for an invocation](/docs/api-reference/invocations/list-browsers-for-an-invocation) * [DEL](/docs/api-reference/invocations/delete-browser-sessions-for-an-invocation) [Delete browser sessions for an invocation](/docs/api-reference/invocations/delete-browser-sessions-for-an-invocation) * [GET](/docs/api-reference/invocations/stream-invocation-events-via-sse) [Stream invocation events via SSE](/docs/api-reference/invocations/stream-invocation-events-via-sse) ##### Proxies * [GET](/docs/api-reference/proxies/list-proxies) [List proxies](/docs/api-reference/proxies/list-proxies) * [POST](/docs/api-reference/proxies/create-a-proxy) [Create a proxy](/docs/api-reference/proxies/create-a-proxy) * [GET](/docs/api-reference/proxies/get-proxy-by-id) [Get proxy by ID](/docs/api-reference/proxies/get-proxy-by-id) * [DEL](/docs/api-reference/proxies/delete-proxy-by-id) [Delete proxy by ID](/docs/api-reference/proxies/delete-proxy-by-id) * [POST](/docs/api-reference/proxies/check-proxy-health) [Check proxy health](/docs/api-reference/proxies/check-proxy-health) ##### Browsers * [GET](/docs/api-reference/browsers/list-browser-sessions) [List browser sessions](/docs/api-reference/browsers/list-browser-sessions) * [POST](/docs/api-reference/browsers/create-a-browser-session) [Create a browser session](/docs/api-reference/browsers/create-a-browser-session) * [DEL](/docs/api-reference/browsers/delete-a-persistent-browser-session) [Delete a persistent browser session](/docs/api-reference/browsers/delete-a-persistent-browser-session) [deprecated](/docs/api-reference/browsers/delete-a-persistent-browser-session) * [GET](/docs/api-reference/browsers/get-browser-session-details) [Get browser session details](/docs/api-reference/browsers/get-browser-session-details) * [DEL](/docs/api-reference/browsers/delete-a-browser-session-by-id) [Delete a browser session by ID.](/docs/api-reference/browsers/delete-a-browser-session-by-id) * [PATCH](/docs/api-reference/browsers/update-browser-session) [Update browser session](/docs/api-reference/browsers/update-browser-session) * [POST](/docs/api-reference/browsers/ad-hoc-upload-one-or-more-unpacked-extensions-to-a-running-browser-instance) [Ad-hoc upload one or more unpacked extensions to a running browser instance.](/docs/api-reference/browsers/ad-hoc-upload-one-or-more-unpacked-extensions-to-a-running-browser-instance) * [POST](/docs/api-reference/browsers/execute-a-batch-of-computer-actions-sequentially) [Execute a batch of computer actions sequentially](/docs/api-reference/browsers/execute-a-batch-of-computer-actions-sequentially) * [POST](/docs/api-reference/browsers/get-the-current-mouse-cursor-position-on-the-browser-instance) [Get the current mouse cursor position on the browser instance](/docs/api-reference/browsers/get-the-current-mouse-cursor-position-on-the-browser-instance) ##### Browser Replays * [GET](/docs/api-reference/browser-replays/list-browser-session-replays) [List browser session replays](/docs/api-reference/browser-replays/list-browser-session-replays) * [POST](/docs/api-reference/browser-replays/start-a-browser-session-replay-recording) [Start a browser session replay recording](/docs/api-reference/browser-replays/start-a-browser-session-replay-recording) * [GET](/docs/api-reference/browser-replays/download-a-replay-recording) [Download a replay recording](/docs/api-reference/browser-replays/download-a-replay-recording) * [POST](/docs/api-reference/browser-replays/stop-a-browser-session-replay-recording) [Stop a browser session replay recording](/docs/api-reference/browser-replays/stop-a-browser-session-replay-recording) ##### Browser Computer Controls * [POST](/docs/api-reference/browser-computer-controls/simulate-a-mouse-click-action-on-the-browser-instance) [Simulate a mouse click action on the browser instance](/docs/api-reference/browser-computer-controls/simulate-a-mouse-click-action-on-the-browser-instance) * [POST](/docs/api-reference/browser-computer-controls/move-the-mouse-cursor-to-the-specified-coordinates-on-the-browser-instance) [Move the mouse cursor to the specified coordinates on the browser instance](/docs/api-reference/browser-computer-controls/move-the-mouse-cursor-to-the-specified-coordinates-on-the-browser-instance) * [POST](/docs/api-reference/browser-computer-controls/capture-a-screenshot-of-the-browser-instance) [Capture a screenshot of the browser instance](/docs/api-reference/browser-computer-controls/capture-a-screenshot-of-the-browser-instance) * [POST](/docs/api-reference/browser-computer-controls/type-text-on-the-browser-instance) [Type text on the browser instance](/docs/api-reference/browser-computer-controls/type-text-on-the-browser-instance) * [POST](/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) [Press one or more keys on the host computer](/docs/api-reference/browser-computer-controls/press-one-or-more-keys-on-the-host-computer) * [POST](/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) [Scroll the mouse wheel at a position on the host computer](/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) * [POST](/docs/api-reference/browser-computer-controls/drag-the-mouse-along-a-path) [Drag the mouse along a path](/docs/api-reference/browser-computer-controls/drag-the-mouse-along-a-path) * [POST](/docs/api-reference/browser-computer-controls/set-cursor-visibility) [Set cursor visibility](/docs/api-reference/browser-computer-controls/set-cursor-visibility) * [POST](/docs/api-reference/browser-computer-controls/read-text-from-the-clipboard-on-the-browser-instance) [Read text from the clipboard on the browser instance](/docs/api-reference/browser-computer-controls/read-text-from-the-clipboard-on-the-browser-instance) * [POST](/docs/api-reference/browser-computer-controls/write-text-to-the-clipboard-on-the-browser-instance) [Write text to the clipboard on the browser instance](/docs/api-reference/browser-computer-controls/write-text-to-the-clipboard-on-the-browser-instance) ##### Apps * [GET](/docs/api-reference/apps/list-apps) [List apps](/docs/api-reference/apps/list-apps) ##### Deployments * [GET](/docs/api-reference/deployments/list-deployments) [List deployments](/docs/api-reference/deployments/list-deployments) * [POST](/docs/api-reference/deployments/create-a-deployment) [Create a deployment](/docs/api-reference/deployments/create-a-deployment) * [GET](/docs/api-reference/deployments/get-deployment-details) [Get deployment details](/docs/api-reference/deployments/get-deployment-details) * [DEL](/docs/api-reference/deployments/delete-a-deployment) [Delete a deployment](/docs/api-reference/deployments/delete-a-deployment) * [GET](/docs/api-reference/deployments/stream-deployment-events-via-sse) [Stream deployment events via SSE](/docs/api-reference/deployments/stream-deployment-events-via-sse) ##### Browser Filesystem * [GET](/docs/api-reference/browser-filesystem/read-file-contents) [Read file contents](/docs/api-reference/browser-filesystem/read-file-contents) * [PUT](/docs/api-reference/browser-filesystem/write-or-create-a-file) [Write or create a file](/docs/api-reference/browser-filesystem/write-or-create-a-file) * [GET](/docs/api-reference/browser-filesystem/list-files-in-a-directory) [List files in a directory](/docs/api-reference/browser-filesystem/list-files-in-a-directory) * [PUT](/docs/api-reference/browser-filesystem/create-a-new-directory) [Create a new directory](/docs/api-reference/browser-filesystem/create-a-new-directory) * [PUT](/docs/api-reference/browser-filesystem/delete-a-file) [Delete a file](/docs/api-reference/browser-filesystem/delete-a-file) * [PUT](/docs/api-reference/browser-filesystem/delete-a-directory) [Delete a directory](/docs/api-reference/browser-filesystem/delete-a-directory) * [PUT](/docs/api-reference/browser-filesystem/set-file-or-directory-permissionsownership) [Set file or directory permissions/ownership](/docs/api-reference/browser-filesystem/set-file-or-directory-permissionsownership) * [GET](/docs/api-reference/browser-filesystem/get-information-about-a-file-or-directory) [Get information about a file or directory](/docs/api-reference/browser-filesystem/get-information-about-a-file-or-directory) * [PUT](/docs/api-reference/browser-filesystem/move-or-rename-a-file-or-directory) [Move or rename a file or directory](/docs/api-reference/browser-filesystem/move-or-rename-a-file-or-directory) * [POST](/docs/api-reference/browser-filesystem/watch-a-directory-for-changes) [Watch a directory for changes](/docs/api-reference/browser-filesystem/watch-a-directory-for-changes) * [GET](/docs/api-reference/browser-filesystem/stream-filesystem-events-for-a-watch) [Stream filesystem events for a watch](/docs/api-reference/browser-filesystem/stream-filesystem-events-for-a-watch) * [DEL](/docs/api-reference/browser-filesystem/stop-watching-a-directory) [Stop watching a directory](/docs/api-reference/browser-filesystem/stop-watching-a-directory) * [GET](/docs/api-reference/browser-filesystem/download-a-directory-as-a-zip-archive) [Download a directory as a ZIP archive](/docs/api-reference/browser-filesystem/download-a-directory-as-a-zip-archive) * [POST](/docs/api-reference/browser-filesystem/upload-one-or-more-files) [Upload one or more files](/docs/api-reference/browser-filesystem/upload-one-or-more-files) * [POST](/docs/api-reference/browser-filesystem/upload-a-zip-archive-and-extract-it) [Upload a zip archive and extract it](/docs/api-reference/browser-filesystem/upload-a-zip-archive-and-extract-it) ##### Browser Processes * [POST](/docs/api-reference/browser-processes/execute-a-command-synchronously) [Execute a command synchronously](/docs/api-reference/browser-processes/execute-a-command-synchronously) * [POST](/docs/api-reference/browser-processes/execute-a-command-asynchronously) [Execute a command asynchronously](/docs/api-reference/browser-processes/execute-a-command-asynchronously) * [GET](/docs/api-reference/browser-processes/get-process-status) [Get process status](/docs/api-reference/browser-processes/get-process-status) * [GET](/docs/api-reference/browser-processes/stream-process-stdout-via-sse) [Stream process stdout via SSE](/docs/api-reference/browser-processes/stream-process-stdout-via-sse) * [POST](/docs/api-reference/browser-processes/write-to-process-stdin) [Write to process stdin](/docs/api-reference/browser-processes/write-to-process-stdin) * [POST](/docs/api-reference/browser-processes/send-signal-to-process) [Send signal to process](/docs/api-reference/browser-processes/send-signal-to-process) * [POST](/docs/api-reference/browser-processes/resize-a-pty-backed-process-terminal) [Resize a PTY-backed process terminal](/docs/api-reference/browser-processes/resize-a-pty-backed-process-terminal) ##### Browser Playwright * [POST](/docs/api-reference/browser-playwright/execute-playwrighttypescript-code-against-the-browser) [Execute Playwright/TypeScript code against the browser](/docs/api-reference/browser-playwright/execute-playwrighttypescript-code-against-the-browser) ##### Browser Logs * [GET](/docs/api-reference/browser-logs/stream-log-files-on-the-browser-instance-via-sse) [Stream log files on the browser instance via SSE](/docs/api-reference/browser-logs/stream-log-files-on-the-browser-instance-via-sse) ##### Browser Pools * [GET](/docs/api-reference/browser-pools/list-browser-pools) [List browser pools](/docs/api-reference/browser-pools/list-browser-pools) * [POST](/docs/api-reference/browser-pools/create-a-browser-pool) [Create a browser pool](/docs/api-reference/browser-pools/create-a-browser-pool) * [GET](/docs/api-reference/browser-pools/get-browser-pool-details) [Get browser pool details](/docs/api-reference/browser-pools/get-browser-pool-details) * [DEL](/docs/api-reference/browser-pools/delete-a-browser-pool) [Delete a browser pool](/docs/api-reference/browser-pools/delete-a-browser-pool) * [PATCH](/docs/api-reference/browser-pools/update-a-browser-pool) [Update a browser pool](/docs/api-reference/browser-pools/update-a-browser-pool) * [POST](/docs/api-reference/browser-pools/acquire-a-browser-from-the-pool) [Acquire a browser from the pool](/docs/api-reference/browser-pools/acquire-a-browser-from-the-pool) * [POST](/docs/api-reference/browser-pools/release-a-browser-back-to-the-pool) [Release a browser back to the pool](/docs/api-reference/browser-pools/release-a-browser-back-to-the-pool) * [POST](/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) [Flush all idle browsers in the pool](/docs/api-reference/browser-pools/flush-all-idle-browsers-in-the-pool) ##### Profiles * [GET](/docs/api-reference/profiles/list-profiles) [List profiles](/docs/api-reference/profiles/list-profiles) * [POST](/docs/api-reference/profiles/create-a-new-profile) [Create a new profile](/docs/api-reference/profiles/create-a-new-profile) * [GET](/docs/api-reference/profiles/get-profile-by-id-or-name) [Get profile by ID or name](/docs/api-reference/profiles/get-profile-by-id-or-name) * [DEL](/docs/api-reference/profiles/delete-profile-by-id-or-name) [Delete profile by ID or name](/docs/api-reference/profiles/delete-profile-by-id-or-name) * [GET](/docs/api-reference/profiles/download-profile-archive) [Download profile archive](/docs/api-reference/profiles/download-profile-archive) ##### Managed Auth * [GET](/docs/api-reference/managed-auth/list-auth-connections) [List auth connections](/docs/api-reference/managed-auth/list-auth-connections) * [POST](/docs/api-reference/managed-auth/create-auth-connection) [Create auth connection](/docs/api-reference/managed-auth/create-auth-connection) * [GET](/docs/api-reference/managed-auth/get-auth-connection) [Get auth connection](/docs/api-reference/managed-auth/get-auth-connection) * [DEL](/docs/api-reference/managed-auth/delete-auth-connection) [Delete auth connection](/docs/api-reference/managed-auth/delete-auth-connection) * [POST](/docs/api-reference/managed-auth/start-login-flow) [Start login flow](/docs/api-reference/managed-auth/start-login-flow) * [POST](/docs/api-reference/managed-auth/submit-field-values) [Submit field values](/docs/api-reference/managed-auth/submit-field-values) * [GET](/docs/api-reference/managed-auth/stream-login-flow-events-via-sse) [Stream login flow events via SSE](/docs/api-reference/managed-auth/stream-login-flow-events-via-sse) ##### Extensions * [GET](/docs/api-reference/extensions/list-browser-extensions) [List browser extensions](/docs/api-reference/extensions/list-browser-extensions) * [POST](/docs/api-reference/extensions/upload-a-browser-extension) [Upload a browser extension](/docs/api-reference/extensions/upload-a-browser-extension) * [GET](/docs/api-reference/extensions/download-extension-archive) [Download extension archive](/docs/api-reference/extensions/download-extension-archive) * [DEL](/docs/api-reference/extensions/delete-extension-by-id-or-name) [Delete extension by ID or name](/docs/api-reference/extensions/delete-extension-by-id-or-name) * [GET](/docs/api-reference/extensions/download-unpacked-extension-from-chrome-web-store) [Download unpacked extension from Chrome Web Store](/docs/api-reference/extensions/download-unpacked-extension-from-chrome-web-store) JavaScript Copy Ask AI ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const replays = await client.browsers.replays.list('id'); console.log(replays); ``` Copy Ask AI ``` [ { "replay_id": "", "started_at": "2023-11-07T05:31:56Z", "finished_at": "2023-11-07T05:31:56Z", "replay_view_url": "https://api.onkernel.com/browser/replays?jwt=eyJ0eXAi...&replay_id=7e2c1a9f-1234-4cde-9abc-ffeedd001122" } ] ``` GET Copy Ask AI ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const replays = await client.browsers.replays.list('id'); console.log(replays); ``` Copy Ask AI ``` [ { "replay_id": "", "started_at": "2023-11-07T05:31:56Z", "finished_at": "2023-11-07T05:31:56Z", "replay_view_url": "https://api.onkernel.com/browser/replays?jwt=eyJ0eXAi...&replay_id=7e2c1a9f-1234-4cde-9abc-ffeedd001122" } ] ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Response List of replays retrieved successfully. [​](#response-items-replay-id) replay\_id string required Unique identifier for the replay recording. [​](#response-items-started-at-one-of-0) started\_at string\ | null Timestamp when replay started [​](#response-items-finished-at-one-of-0) finished\_at string\ | null Timestamp when replay finished [​](#response-items-replay-view-url) replay\_view\_url string URL for viewing the replay recording. Example: `"https://api.onkernel.com/browser/replays?jwt=eyJ0eXAi...&replay_id=7e2c1a9f-1234-4cde-9abc-ffeedd001122"` [Get the current mouse cursor position on the browser instance](/docs/api-reference/browsers/get-the-current-mouse-cursor-position-on-the-browser-instance) [Previous](/docs/api-reference/browsers/get-the-current-mouse-cursor-position-on-the-browser-instance) [Start a browser session replay recording](/docs/api-reference/browser-replays/start-a-browser-session-replay-recording) [Next](/docs/api-reference/browser-replays/start-a-browser-session-replay-recording) ⌘I Assistant Responses are generated using AI and may contain mistakes. ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/drag-the-mouse-along-a-path ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.dragMouse('id', { path: [ [0, 0], [0, 0], ], }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` drag\_mouse JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.dragMouse('id', { path: [ [0, 0], [0, 0], ], }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body application/json [​](#body-path) path integer\[]\[] required Ordered list of \[x, y] coordinate pairs to move through while dragging. Must contain at least 2 points. Minimum array length: `2` Required array length: `2` element s [​](#body-button) button enum\ Mouse button to drag with Available options : `left`, `middle`, `right` [​](#body-delay) delay integer default:0 Delay in milliseconds between button down and starting to move along the path. Required range : `x >= 0` [​](#body-steps-per-segment) steps\_per\_segment integer default:10 Number of relative move steps per segment in the path. Minimum 1. Required range : `x >= 1` [​](#body-step-delay-ms) step\_delay\_ms integer default:50 Delay in milliseconds between relative steps while dragging (not the initial delay). Required range : `x >= 0` [​](#body-hold-keys) hold\_keys string\[] Modifier keys to hold during the drag [​](#body-smooth) smooth boolean default:true Use human-like Bezier curves between path waypoints instead of linear interpolation. When true, steps\_per\_segment and step\_delay\_ms are ignored. [​](#body-duration-ms) duration\_ms integer Target total duration in milliseconds for the entire drag movement when smooth=true. Omit for automatic timing based on total path length. Required range : `50 <= x <= 10000` #### Response Drag performed [Scroll the mouse wheel at a position on the host computer](https://www.kernel.sh/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) [Previous](https://www.kernel.sh/docs/api-reference/browser-computer-controls/scroll-the-mouse-wheel-at-a-position-on-the-host-computer) [Set cursor visibility](https://www.kernel.sh/docs/api-reference/browser-computer-controls/set-cursor-visibility) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/set-cursor-visibility) Ctrl+I ---- url: https://www.kernel.sh/docs/proxies/custom ---- Custom proxies allow you to use your own proxy servers with Kernel browsers. This is useful when you have existing proxy infrastructure or specific proxy requirements not covered by Kernel’s managed options. ## Configuration Specify the host, port, and optional authentication credentials for your proxy server: ## Configuration Parameters ## Bypass hosts Configure specific hostnames to bypass your custom proxy: ``` import Kernel from '@onkernel/sdk'; const kernel = new Kernel(); const proxy = await kernel.proxies.create({ type: 'custom', name: 'custom-with-bypass', protocol: 'https', config: { host: 'proxy.example.com', port: 443, username: 'user123', password: 'secure_password', }, bypass_hosts: [ 'localhost', 'internal.service.local', '*.trusted-domain.com', ], }); ``` This is useful for accessing internal services or metadata endpoints without routing through your proxy. See the [overview](https://www.kernel.sh/docs/proxies/overview#bypass-hosts) for full bypass host rules. ---- url: https://www.kernel.sh/docs/integrations/computer-use/anthropic ---- [Computer Use](https://docs.claude.com/en/docs/agents-and-tools/tool-use/computer-use-tool) is Anthropic’s groundbreaking capability that enables Claude to interact with computers the way humans do by looking at screens, moving cursors, clicking buttons, and typing text. This powerful feature allows AI agents to control web browsers, navigate interfaces, and perform complex tasks across applications. By integrating Computer Use with Kernel, you can run these AI-powered browser automations on cloud-hosted infrastructure, eliminating the need for local browser management and enabling scalable, reliable AI agents. ## [​](#quick-setup-with-computer-use)Quick setup with Computer Use Get started with Computer Use and Kernel using our pre-configured app template: ``` kernel create --name my-computer-use-app --template computer-use ``` Choose `TypeScript` or `Python` as the programming language. Then follow the [Quickstart guide](https://www.kernel.sh/docs/quickstart) to deploy and run your Computer Use automation on Kernel’s infrastructure. ## [​](#benefits-of-using-kernel-with-computer-use)Benefits of using Kernel with Computer Use * **No local browser management**: Run Computer Use automations without installing or maintaining browsers locally * **Scalability**: Launch multiple browser sessions in parallel for concurrent AI agents * **Stealth mode**: Built-in anti-detection features for reliable web interactions * **Session state**: Maintain browser state across runs via [Profiles](https://www.kernel.sh/docs/auth/profiles) * **Live view**: Debug your Computer Use agents with real-time browser viewing * **Cloud infrastructure**: Run computationally intensive AI agents without local resource constraints ## [​](#next-steps)Next steps * Check out [live view](https://www.kernel.sh/docs/browsers/live-view) for debugging your Computer Use automations * Learn about [stealth mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) for avoiding detection * Learn how to properly [terminate browser sessions](https://www.kernel.sh/docs/browsers/termination) * Learn how to [deploy](https://www.kernel.sh/docs/apps/deploy) your Computer Use app to Kernel ---- url: https://www.kernel.sh/docs/reference/cli/apps ---- ## `kernel deploy ` Deploy an app to Kernel from the current directory. The entrypoint file and dependency manifest must live in the project root. | Flag | Description | | -------------------------- | ------------------------------------------------------------------ | | `--version ` | Use a specific version label (default: latest). | | `--force` | Overwrite an existing version with the same label. | | `--env `, `-e` | Set environment variables (repeatable). | | `--env-file ` | Load environment variables from a file (repeatable). | | `--output json`, `-o json` | Output JSONL (one JSON object per line for each deployment event). | ## `kernel deploy logs ` Stream build and runtime logs for a deployment. | Flag | Description | | -------------------------- | ---------------------------------------------------------------------------------------------------------- | | `--follow`, `-f` | Continue streaming logs in real time. | | `--since `, `-s` | Fetch logs starting from a relative duration (e.g. `5m`, `1h`, `1h30m`) or timestamp (`2006-01-02T15:04`). | | `--with-timestamps`, `-t` | Prefix each line with an RFC3339 timestamp. | ## `kernel deploy history [app_name]` Show deployment history for all apps or a specific app. | Flag | Description | | -------------------------- | ------------------------------------------------------------------ | | `--limit ` | Maximum number of deployments to return (default: 100, `0` = all). | | `--output json`, `-o json` | Output raw JSON array. | ## `kernel invoke ` Invoke an app action. By default the CLI returns immediately after the invocation is queued. | Flag | Description | | --------------------------- | ------------------------------------------------------------------ | | `--version `, `-v` | Target a specific app version (default: latest). | | `--payload `, `-p` | Provide a JSON payload (stringified, max 64 KB). | | `--sync`, `-s` | Wait for completion (timeout after 60 s). | | `--output json`, `-o json` | Output JSONL (one JSON object per line for each invocation event). | ## `kernel app list` List deployed app versions. | Flag | Description | | -------------------------- | ------------------------ | | `--name ` | Filter by app name. | | `--version ` | Filter by version label. | | `--output json`, `-o json` | Output raw JSON array. | ## `kernel app history ` Show deployment history for a specific app. | Flag | Description | | -------------------------- | ------------------------------------------------------------------ | | `--limit ` | Maximum number of deployments to return (default: 100, `0` = all). | | `--output json`, `-o json` | Output raw JSON array. | ## `kernel logs ` Tail app logs. | Flag | Description | | -------------------------- | ------------------------------------------------------------------------------- | | `--version ` | Select an app version (default: latest). | | `--follow`, `-f` | Stream logs continuously. | | `--since `, `-s` | Fetch logs from a duration or timestamp (same formats as `kernel deploy logs`). | | `--with-timestamps` | Include timestamps in each line. | ---- url: https://www.kernel.sh/docs/api-reference/deployments/stream-deployment-events-via-sse ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.deployments.follow('id'); console.log(response); ``` ``` { "event": "", "timestamp": "2023-11-07T05:31:56Z", "message": "" } ``` GET / deployments / {id} / events JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const response = await client.deployments.follow('id'); console.log(response); ``` ``` { "event": "", "timestamp": "2023-11-07T05:31:56Z", "message": "" } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required The deployment ID to follow. #### Query Parameters [​](#parameter-since) since string Show logs since the given time (RFC timestamps or durations like 5m). Example: `"2025-06-20T12:00:00Z"` #### Response SSE stream of deployment state updates and logs. * Option 1 * Option 2 * Option 3 * Option 4 * Option 5 Union type representing any deployment event. [Delete a deployment](https://www.kernel.sh/docs/api-reference/deployments/delete-a-deployment) [Previous](https://www.kernel.sh/docs/api-reference/deployments/delete-a-deployment) [Read file contents](https://www.kernel.sh/docs/api-reference/browser-filesystem/read-file-contents) [Next](https://www.kernel.sh/docs/api-reference/browser-filesystem/read-file-contents) Ctrl+I ---- url: https://www.kernel.sh/docs/api-reference/browser-computer-controls/simulate-a-mouse-click-action-on-the-browser-instance ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.clickMouse('id', { x: 0, y: 0 }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` click\_mouse JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); await client.browsers.computer.clickMouse('id', { x: 0, y: 0 }); ``` ``` { "code": "bad_request", "message": "Missing required field: app_name", "details": [ { "code": "invalid_input", "message": "Provided version string is not semver compliant" } ], "inner_error": { "code": "invalid_input", "message": "Provided version string is not semver compliant" } } ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Path Parameters [​](#parameter-id) id string required Browser session ID #### Body application/json [​](#body-x) x integer required X coordinate of the click position [​](#body-y) y integer required Y coordinate of the click position [​](#body-button) button enum\ Mouse button to interact with Available options : `left`, `right`, `middle`, `back`, `forward` [​](#body-click-type) click\_type enum\ Type of click action Available options : `down`, `up`, `click` [​](#body-hold-keys) hold\_keys string\[] Modifier keys to hold during the click [​](#body-num-clicks) num\_clicks integer default:1 Number of times to repeat the click #### Response Mouse action performed [Stop a browser session replay recording](https://www.kernel.sh/docs/api-reference/browser-replays/stop-a-browser-session-replay-recording) [Previous](https://www.kernel.sh/docs/api-reference/browser-replays/stop-a-browser-session-replay-recording) [Move the mouse cursor to the specified coordinates on the browser instance](https://www.kernel.sh/docs/api-reference/browser-computer-controls/move-the-mouse-cursor-to-the-specified-coordinates-on-the-browser-instance) [Next](https://www.kernel.sh/docs/api-reference/browser-computer-controls/move-the-mouse-cursor-to-the-specified-coordinates-on-the-browser-instance) Ctrl+I ---- url: https://www.kernel.sh/docs/integrations/computer-use/openagi ---- The [OpenAGI](https://lux.agiopen.org/) Lux Model is a computer-use model that enables AI agents to interact with computers the way humans do. Lux operates in a continuous action-observation loop: it receives a task, analyzes a screenshot of the current screen state, generates the next UI interaction (click, type, etc.), and repeats until the goal is achieved. By integrating OpenAGI with Kernel, you can run these AI-powered browser automations on cloud-hosted infrastructure, eliminating the need for local browser management and enabling scalable, reliable computer-using agents. ## [​](#getting-started)Getting started To get started with OpenAGI Lux and Kernel: 1. Get your `OAGI_API_KEY` on the [OpenAGI Developer Platform](https://developer.agiopen.org/) 2. Get your `KERNEL_API_KEY` from the [Kernel Dashboard](https://dashboard.onkernel.com/) For more information about Lux’s capabilities, visit the [OpenAGI Lux Documentation](https://lux.agiopen.org/). ## [​](#quick-setup-with-computer-use)Quick setup with Computer Use The fastest way to get started is using the Kernel CLI’s built-in OpenAGI template: ``` kernel create --template openagi-computer-use --language python cd kernel deploy main.py --env-file .env ``` This creates a pre-configured OpenAGI app with both `AsyncDefaultAgent` and `TaskerAgent` implementations ready to deploy. ## [​](#benefits-of-using-kernel-with-openagi)Benefits of using Kernel with OpenAGI * **No local browser management**: Run OpenAGI automations without installing or maintaining browsers locally * **Scalability**: Launch multiple browser sessions in parallel for concurrent AI agents * **Stealth mode**: Built-in anti-detection features for reliable web interactions * **Session state**: Maintain browser state across runs via [Profiles](https://www.kernel.sh/docs/auth/profiles) * **Live view**: Debug your OpenAGI agents with real-time browser viewing * **Cloud infrastructure**: Run computationally intensive AI agents without local resource constraints ## [​](#next-steps)Next steps * Check out [live view](https://www.kernel.sh/docs/browsers/live-view) for debugging your OpenAGI automations * Learn about [stealth mode](https://www.kernel.sh/docs/browsers/bot-detection/stealth) for avoiding detection * Learn how to properly [terminate browser sessions](https://www.kernel.sh/docs/browsers/termination) * Learn how to [deploy](https://www.kernel.sh/docs/apps/deploy) your OpenAGI app to Kernel ---- url: https://www.kernel.sh/docs/api-reference/extensions/list-browser-extensions ---- JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const extensions = await client.extensions.list(); console.log(extensions); ``` ``` [ { "id": "", "created_at": "2023-11-07T05:31:56Z", "size_bytes": 123, "name": "", "last_used_at": "2023-11-07T05:31:56Z" } ] ``` GET / extensions JavaScript ``` import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const extensions = await client.extensions.list(); console.log(extensions); ``` ``` [ { "id": "", "created_at": "2023-11-07T05:31:56Z", "size_bytes": 123, "name": "", "last_used_at": "2023-11-07T05:31:56Z" } ] ``` #### Authorizations [​](#authorization-authorization) Authorization string header required Bearer authentication header of the form `Bearer `, where `` is your auth token. #### Response List of extensions [​](#response-items-id) id string required Unique identifier for the extension [​](#response-items-created-at) created\_at string\ required Timestamp when the extension was created [​](#response-items-size-bytes) size\_bytes integer required Size of the extension archive in bytes [​](#response-items-name-one-of-0) name string | null Optional, easier-to-reference name for the extension. Must be unique within the organization. [​](#response-items-last-used-at-one-of-0) last\_used\_at string\ | null Timestamp when the extension was last used [Stream login flow events via SSE](https://www.kernel.sh/docs/api-reference/managed-auth/stream-login-flow-events-via-sse) [Previous](https://www.kernel.sh/docs/api-reference/managed-auth/stream-login-flow-events-via-sse) [Upload a browser extension](https://www.kernel.sh/docs/api-reference/extensions/upload-a-browser-extension) [Next](https://www.kernel.sh/docs/api-reference/extensions/upload-a-browser-extension) Ctrl+I ---- url: https://www.kernel.sh/docs/reference/cli/create ---- ## `kernel create` Create a new Kernel application from a template. The CLI provides an interactive prompt to guide you through selecting a language and template, or you can specify all options via flags. | Flag | Description | | ----------------------------- | ------------------------------------------------------------- | | `--name `, `-n` | Name of the application directory to create. | | `--language `, `-l` | Programming language: `typescript` (`ts`) or `python` (`py`). | | `--template