If you downloaded Cluely on a work device and are now seeing "Unable to connect to Internet", your computer's firewalls are blocking Cluely.
You have two options here: 1) get your IT team to allow Cluely (guides for them below) or 2) move Cluely from your system /Applications folder to your home directory's ~/Application folder.
Moving from System to Local Directory
Here’s a quick fix if you want to manage the app yourself:
1. Quit Cluely (or the app you’re having trouble with).
2. Open Finder, go to your Applications folder.
3. Copy the app (like Cluely) to your home Applications folder:
- Open Finder, click “Go” in the menu, choose “Home,” then open the “Applications” folder inside.
- Drag the app from the main Applications folder into this personal one.
- Or, if you’re comfortable with Terminal, run:
killall Slack && rsync -av --delete /Applications/Slack.app/ ~/Applications/Cluely/ && open ~/Applications/Cluely
4. Now open the app from your home Applications folder.
This gives you full control over updates without admin approval.
IT Access
This guide provides IT administrators with the necessary steps to ensure Cluely’s automatic updates work properly on managed work computers. Cluely uses secure, signed updates to deliver new features and security patches to ensure optimal performance and security.
Common Issues
Update Helper: Admin Password
Seeing a request to enter MacOS password to approve an update? This is a sign you have a corporate managed device and an IT Admin did not approve or install Cluely. The root of the problem is that these apps were installed system-wide (and thus triggering the work level approval), instead of local user storage.
**Local Applications Fix: **
The immediate workaround is to copy Cluely to a place where your current user has write access:killall Slack && rsync -av --delete /Applications/Slack.app/ ~/Applications/Slack.app/ && open ~/Applications/Slack.app(if you prefer the Finder, drag and drop instead).
Now when the Cluely application’s built-in update mechanism tries to write to its files, it can. No more annoying pop-up windows!Delete the Cluely.dmg and Have an IT Admin Install Cluely Instead
Network Requirements
Required Domain Whitelisting
To allow Cluely auto-updates, whitelist the following domains in your firewall, proxy, and network security settings:Core Cluely Services:
platform.cluely.comservice.transcribe.cluely.comapp.cluely.comdesktop.cluely.comdesktop.app.cluely.comflags.cluely.comimg.cluely.com
Update-Specific Endpoints:
updates.cluely.com(primary update server)downloads.cluely.com(update package downloads)api.cluely.com(update check API)
Network Protocol Requirements
Ensure the following protocols are allowed:
HTTPS (443) - For secure update downloads and API communication
WebSocket Secure (WSS) - For real-time update notifications
HTTP/2 - For efficient update package delivery
Corporate Network Considerations
If your organization uses:
Corporate Proxy: Configure proxy settings to allow Cluely update traffic
SSL Inspection: Add Cluely domains to SSL inspection bypass list
Content Filtering: Whitelist Cluely domains to prevent update blocking
Code Signing Certificate Management
Cluely signs all update packages with digital certificates to ensure authenticity and integrity. You must recognize and trust these certificates on managed devices.
macOS
Windows
1. Retrieve Cluely’s Code-Signing Certificate
Download the latest Cluely application from and extract the certificate information:cluely.com/downloadsCopyAsk AI
# Navigate to the downloaded Cluely.app cd /Applications/Cluely.app # Display code-signing information codesign -dv --verbose=4 /Applications/Cluely.app # Get certificate details codesign -d --extract-certificates /Applications/Cluely.app
Look for the Authority field in the output, which shows the certificate’s Common Name (CN).
2. Configure Application Whitelisting
For Google Santa:CopyAsk AI
# Whitelist by certificate SHA-256 hash sudo santactl rule --whitelist --certificate --sha256 <SHA-256_HASH> # Whitelist by team identifier sudo santactl rule --whitelist --teamid <TEAM_ID>
For Jamf Pro:
Navigate to Configuration Profiles
Create new profile for Application & Custom Settings
Add Cluely’s team identifier to allowed applications
Deploy to managed devices
For Microsoft Intune:
Go to Device Configuration > macOS > Configuration Profiles
Create new profile with “Application & Custom Settings”
Add Cluely’s bundle identifier and team ID
Assign to device groups
3. Gatekeeper Configuration
Ensure Gatekeeper allows Cluely updates:CopyAsk AI
# Check current Gatekeeper status spctl --status # Allow Cluely specifically (if needed) sudo spctl --add /Applications/Cluely.app
4. Notarization Trust
Cluely updates are notarized by Apple. Ensure your devices trust notarized applications:CopyAsk AI
# Verify notarization spctl --assess --verbose /Applications/Cluely.app
Update Mechanism Configuration
Automatic Update Settings
Cluely checks for updates automatically. Ensure these settings are configured:macOS:
System Preferences > Software Update (ensure automatic updates are enabled)
Allow Cluely to run background processes for update checks
Windows:
Windows Update settings should allow automatic updates
Ensure Windows Defender doesn’t block Cluely update processes
Update Frequency
Cluely typically checks for updates:
On application startup
Every 24 hours when running
When manually triggered by user
Monitoring and Troubleshooting
Update Status Monitoring
Monitor update success through:macOS:
Copy
Ask AI
# Check Cluely version /Applications/Cluely.app/Contents/MacOS/Cluely --version # View update logs log show --predicate 'process == "Cluely"' --last 1h
Windows:
Copy
Ask AI
# Check Cluely version Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" | Where-Object {$_.DisplayName -like "*Cluely*"} # View Windows Event Logs Get-WinEvent -FilterHashtable @{LogName='Application'; ID=1000} | Where-Object {$_.Message -like "*Cluely*"}Common Issues and Solutions
Updates Blocked by Antivirus:
Add Cluely update directories to antivirus exclusions
Whitelist Cluely processes in real-time protection
Network Connectivity Issues:
Verify all required domains are whitelisted
Test connectivity to update servers
Check proxy configuration
Certificate Trust Issues:
Re-import Cluely’s certificate
Verify certificate hasn’t expired
Check certificate chain validation
Security Considerations
Certificate Validation
Regularly verify Cluely’s certificates haven’t been revoked
Monitor for certificate expiration dates
Subscribe to Cluely security notifications
Update Integrity
All updates are cryptographically signed
Verify update packages before deployment
Monitor for any security advisories from Cluely
Network Security
Use HTTPS for all update communications
Implement proper firewall rules
Monitor update traffic for anomalies
Best Practices
Test Updates: Deploy updates to a test group before organization-wide rollout
Monitor Performance: Track update success rates and user experience
Document Changes: Keep records of certificate updates and policy changes
Regular Reviews: Periodically review and update whitelist and certificate configurations
User Communication: Inform users about update schedules and expected behavior
Support and Resources
For additional support with Cluely auto-updates on managed devices:
Technical Support: Contact Cluely support with your organization’s details
Certificate Updates: Monitor for certificate changescluely.com/downloads
Security Advisories: Subscribe to Cluely security notifications
Documentation: Refer to Cluely’s enterprise documentation for additional configuration options
Compliance and Audit
Maintain compliance with your organization’s security policies by:
Documenting all certificate installations
Recording network whitelist configurations
Auditing update success rates
Maintaining logs of update activities
Following your organization’s change management procedures