Define a list of sites, based on URL patterns, that can't ask the user to grant them access to a USB device. If you configure this policy, Microsoft Edge will send a report to the M365 Admin Center Site Lists app when a navigation appears stuck redirecting back and forth between the Microsoft Edge and Internet Explorer engines several times. On Windows 7, windows 8, and macOS this policy controls sending info about websites visited. If this policy is enabled, the network service process will run sandboxed. You can also set this policy as a recommendation. More info about Internet Explorer and Microsoft Edge, Export or Import Default Application Associations, Set Microsoft Edge as default browser (Windows 7 and macOS). The value specified in this policy isn't a hard boundary but rather a suggestion to the caching system; any value below a few megabytes is too small and will be rounded up to a reasonable minimum. For example, increasing CPU load. For more information, see the AllowSmartScreen browser policy. It causes PAC files to be fetched and executed by Windows code, including PAC files set via the ProxyPacUrl policy. On devices with no battery, the default is for efficiency mode to never become active. Only turn off the policy if there are compatibility issues with third-party software that must run inside Microsoft Edge's renderer processes. Enable this policy to send reporting of usage and crash-related data to Microsoft. If you enable this setting, external extensions are blocked from being installed. WebSQL in third-party contexts (for example, cross-site iframes) is off by default as of Microsoft Edge version 97 and was fully removed in version 101. Allows you to create a list of protocols, and for each protocol an associated list of allowed origin patterns. If you don't configure this policy, Microsoft Edge will default to the user's preference. Restricts background graphics printing mode. Note that filters provided by the web server still apply. The file type extension entered must be in lower-cased ASCII. However, the reports will not be stored in the Site Lists app. EnableInterceptionChecksEnableInfobar (3) = Allow DNS interception checks and did-you-mean "http://intranetsite/" infobars. The folder should contain the following files: If you disable this policy, these files will be downloaded to be viewed. If set to 'ForceDisabled', the User-Agent string will not freeze the Cookies created by websites that match a URL pattern you define are deleted when the session ends (when the window closes). Following each major version update, Microsoft Edge will create a snapshot of parts of the user's browsing data to use in case of a later emergency that requires a temporary version rollback. This doesn't include all clipboard operations on origins that match the patterns. This policy re-enables the API until version 115. If ECH is enabled, Microsoft Edge might or might not use ECH depending on server support, the availability of the HTTPS DNS record, or the rollout status. If you enable or don't configure this policy, web-based applications that use the SpeechSynthesis API can use Online Text to Speech voice fonts. Individual sites may be blocked from participating in efficiency mode by configuring the policy SleepingTabsBlockedForUrls. If you set this policy to 'Default', only sites configured to open in Internet Explorer mode will open in that mode. Click Yes. This policy may be used to temporarily retain compatibility with an outdated server. If you configure this policy and the NewTabPageLocation policy, NewTabPageLocation has precedence. Note that this option disables some settings that rely on sessions or that perform actions on exit (such as Clear browsing data on exit or session-only cookies). Connection errors might occur more often. This policy is obsolete because dedicated web platform policies are now used to manage individual web platform feature deprecations. If you don't configure this policy, the user will be able to change this setting. The information bar contains a button that allows the user to quit waiting for the Enterprise Mode Site List download to complete. If you enable or don't configure this policy, the button will show up on the native PDF viewer in Microsoft Edge. The frequency for authentication prompt will be set to 'Always' by default. This policy is not considered if a site matches a URL pattern in the SameOriginTabCaptureAllowedByOrigins policy. For later versions of Windows, you have to deploy a "default application associations" file that makes Microsoft Edge the handler for the https and http protocols (and, optionally, the ftp protocol and file formats such as .html, .htm, .pdf, .svg, .webp). Use the links in the table to get more details about specific policies. Note that other restrictions may still apply. If you enable or don't configure this policy, the user can use spellcheck. If you configure this policy, the browser will block completing shutdown while it processes any outstanding keepalive requests (see https://fetch.spec.whatwg.org/#request-keepalive-flag) up to the maximum period of time specified by this policy. You can ask users in your Organization to go to Settings > Profile > Password and turn on the feature. If you disable this policy or don't configure it, the U2F Security Key API is disabled by default and can only be used by sites that register for and use the U2FSecurityKeyAPI origin trial which ended after Microsoft Edge version 103. Set 'BlockAllDownloads' to block all downloads. If you disable this policy, the ProcessExtensionPointDisablePolicy is not applied to block legacy extension points in the browser process. Note that while the preceding example shows the suppression of file type extension-based download warnings for "swf" files for all domains, applying suppression of such warnings for all domains for any dangerous file type extension is not recommended due to security concerns. You can review the intent behind the Web Platform feature changes at https://bit.ly/blinkintents. Specifies the name of the default search provider. If you dont configure this policy a desktop shortcut to Microsoft Edge will be created during installation. If you enable or don't configure this policy, users can play the surf game. Select one of the following options from the Open in list: IE11. The value of the policy is the name of the profile (case sensitive) and can be configured with string that is the name of a specific profile. If you set this policy to 'Force', users must sign into a profile to use the browser. Lets you allow users to access the Collections feature, where they can collect, organize, share, and export content more efficiently and with Office integration. If you don't configure this policy, DefaultAutomaticDownloadsSetting applies for all sites, if it's set. Microsoft This policy allowed re-enabling of cross-origin WebAssembly module sharing. If you set this policy to 'OverridesDisabled', users can't override state of feature flags using command line arguments or edge://flags page. If you enable this policy, the built-in DNS client is used, if it's available. 2 Open File Explorer (Win+E). If you disable this policy, search engine settings aren't imported at first run, and users can't import them manually. This policy is intended to give enterprises depending on the legacy behavior a chance to update their login procedures and will be removed in the future. The global default will also be used for cookies on domains not covered by the patterns you specify. If you don't configure this policy, nothing will happen to existing Microsoft Edge desktop shortcuts. If you enable this policy, suggestions from local providers are used. EnableSearchInSidebar (0) = Enable search in sidebar, DisableSearchInSidebarForKidsMode (1) = Disable search in sidebar for Kids Mode, DisableSearchInSidebar (2) = Disable search in sidebar. When enabled, Allow extensions from other stores will be turned on. If you set this policy to True, Microsoft Edge always checks whether it's the default browser on startup and, if possible, automatically registers itself. Edge For Edge browser, Basic authentication cannot be carried out directly as there are some issues with Microsoft Edge Windows Integrated Authentication (as per Microsoft community ). Note that if the InternetExplorerIntegrationReloadInIEModeAllowed policy is enabled, it takes precedence and these options will not be visible under "More tools". Specify the character encodings supported by the search provider. If the SpellcheckEnabled policy is set to disabled, this policy will have no effect. Control the presentation of full-tab promotional or educational content. For Chrome on Windows enterprise policies can manually be set in this registry folder: For the new Chromium-based Edge where is the registry folder? If you enable or don't configure this policy, users can open files using the DirectInvoke protocol. A URL pattern has to be formatted according to https://go.microsoft.com/fwlink/?linkid=2095322. This policy has no effect if the EfficiencyModeEnabled policy is disabled. It won't work in Microsoft Edge version 92. If you enable or don't configure this policy, the tab layout will still be at the top, but a user has the option to turn on vertical tabs on the side. Configures the application locale in Microsoft Edge and prevents users from changing the locale. If you enable or don't configure this policy, Windows Credential UI will be used. Signing into the browser doesn't mean that sync is turned on by default; the user must separately opt-in to use this feature. If you enable this policy or don't configure it, users can control AutoFill for payment instruments. https://www.w3.org/TR/screen-capture/#feature-policy-integration If you set this policy to 'Disabled' or don't set it, Microsoft Edge will not automatically sign in users that are on domain joined machines with Active Directory accounts. If you enable or don't configure this policy, there is no change on the Microsoft Edge new tab page and App Launcher is there for users.