Deploy Wayground AI for Your School or District

This guide is for the Chrome and Google Workspace administrators who roll Wayground AI out to teachers. It covers force-installing the extension, allowing the right network domains, whitelisting the sign-in client for districts with restricted OAuth, and the privacy and compliance details your district needs on file.

Teachers don't need any of this to get started on a personal device; they can install it themselves (see Getting Started with the Wayground AI Chrome Extension). This guide is about deploying it at scale and making sure it works on managed devices.

At a glance

Who it's for, and the student block

Wayground AI is a teacher tool. When you deploy it, scope the install to your teacher organizational unit (OU). If a student account opens the extension, it's automatically blocked with a "For Teachers Only" message. Scoping to the teacher OU keeps it off student devices entirely and avoids confusion.

Force-install the extension

To push Wayground AI to managed devices via the Google Admin Console:

1. Sign in to the Google Admin Console (admin.google.com).

2. Go to Devices → Chrome → Apps & extensions.

3. Select your teacher OU.

4. Click Add → Add from Chrome Web Store.

5. Enter the extension ID: jnegnfbcjklhkmoihoakeijbealomipg.

6. Set the installation policy to Force install.

Teachers in that OU will get the extension automatically. Updates roll out silently through Chrome; there's no manual update step for you or for teachers.

Whitelist the OAuth client (restricted-OAuth districts)

If your district restricts third-party API access in Google Workspace, teachers won't be able to sign in until you trust Wayground's OAuth client.

1. In the Google Admin Console, go to Security → API controls → Manage third-party app access.

2. Add Wayground's OAuth client as trusted, using the client ID: 58172892053-faol054co4k3tsmtbtuk41v4si41slq0.apps.googleusercontent.com

Allow the right network domains

Make sure these domains are reachable over HTTPS (port 443) so the extension's features work:

If any of these is blocked, the matching feature will fail. For example, blocking *.pangram.com disables integrity checks; blocking *.youtube.com breaks YouTube-based resources.

What the extension can access, and why

When teachers use Wayground AI, it requests Google permissions scoped to what each feature needs. It reads content only when a teacher takes an explicit action: opening the panel and choosing to create, grade, or give feedback.

Google access (OAuth scopes):

There are no Gmail, Calendar, or Contacts scopes.

Chrome permissions the extension declares (for transparency when reviewing the listing):

• identity: sign-in

• side panel: its entire UI

• scripting and host access: to read page content on teacher action and show the "Create activity" button

• tabs / activeTab: to detect the page type and read the active tab's content

• storage: tokens, preferences, session state

• offscreen and alarms: for screen recording and background tasks

• web navigation and context menus: to re-show the button on in-page navigation and offer "Create activity from selection"

• downloads: to save integrity and class report PDFs

Privacy and compliance

The following reflects Wayground's school/district deployment documentation. Share it with your privacy team, and request the DPA for your records.

• FERPA compliant: Yes

• COPPA compliant: Yes

• Student data used to train AI: No; vendors are contractually prohibited

• Data storage location: United States (AWS)

• Student submission content retention: deleted within 72 hours of processing

• Data sold or shared: No

• Browsing history collected: No

• Data collected from student accounts: No

• Integrity provider (Pangram): does not train on user content, does not sell data, and is engaged only when a teacher opens an integrity check. Policy: pangram.com/data-privacy

• Privacy policy: wayground.com/privacy

• Data Processing Agreement (DPA): available on request

A simple rollout checklist

☐ Confirm devices run Google Chrome on a supported OS.

☐ Force-install the extension to your teacher OU (ID jnegnfbcjklhkmoihoakeijbealomipg).

☐ If you restrict OAuth, whitelist the client ID.

☐ Allow the network domains over HTTPS/443.

☐ Share the privacy/compliance summary with your privacy team and request the DPA.

☐ Point teachers to Getting Started with the Wayground AI Chrome Extension.

Troubleshooting deployment

Teachers can't sign in / the extension won't load on managed devices.

Most often the OAuth client isn't whitelisted. Trust the client ID under Security → API controls.

A specific feature doesn't work for everyone.

Check the network allowlist; a blocked domain disables the matching feature (e.g., Pangram → integrity checks; YouTube → Interactive Video).

Students see the extension.

Re-scope the install to the teacher OU. (Students who open it are blocked regardless, but scoping prevents it from appearing.)

For teacher-facing issues, see Troubleshooting the Wayground AI Chrome Extension.

Need help?

Email support@wayground.com for deployment support, the DPA, or compliance questions.