Microsoft Edge
713 Group Policy settings under Microsoft Edge. Browse the sub-folders and settings below.
Sub-folders
- Application Guard settings (5)
- Cast (3)
- Certificate management settings (6)
- Content settings (75)
- Cryptography compliance policies (2)
- Default search provider (9)
- Edge Website Typo Protection settings (3)
- Edge Workspaces settings (2)
- Extensions (13)
- HTTP authentication (9)
- Identity and sign-in (16)
- Idle Browser Actions (2)
- Immersive Reader settings (2)
- Kiosk Mode settings (3)
- Manageability (7)
- Native Messaging (3)
- Network settings (17)
- Password manager and protection (13)
- PDF Reader (2)
- Performance (8)
- Permit or deny screen capture (4)
- Printing (18)
- Private Network Request Settings (3)
- Proxy server (5)
- Related Website Sets Settings (2)
- Scareware Blocker settings (4)
- Sleeping tabs settings (4)
- SmartScreen settings (9)
- Startup, home page and new tab page (21)
- WebRtc settings (3)
Settings
- Ads setting for sites with intrusive ads
- Allow access to a list of URLs in InPrivate mode.
- Allow access to sensors on specific sites
- Allow access to the Enterprise Mode Site List Manager tool
- Allow certificates signed using SHA-1 when issued by local trust anchors (obsolete)
- Allow clipboard use on specific sites
- Allow default search provider context menu search access
- Allow DNS queries for more DNS record types
- Allow download restrictions
- Allow feature recommendations and browser assistance notifications from Microsoft Edge
- Allow features to download assets from the Asset Delivery Service
- Allow file or directory picker APIs to be called without prior user gesture
- Allow file selection dialogs
- Allow freezing of background tabs (obsolete)
- Allow full screen mode
- Allow Google Cast to connect to Cast devices on all IP addresses
- Allow HTTPS-Only Mode to be enabled
- Allow import of data from other browsers on each Microsoft Edge launch
- Allow importing of autofill form data
- Allow importing of browser settings
- Allow importing of browsing history
- Allow importing of Cookies
- Allow importing of extensions
- Allow importing of favorites
- Allow importing of home page settings
- Allow importing of open tabs
- Allow importing of payment info
- Allow importing of saved passwords
- Allow importing of search engine settings
- Allow importing of shortcuts
- Allow importing of startup page settings
- Allow Internet Explorer mode testing (obsolete)
- Allow launching of local files in Internet Explorer mode
- Allow legacy TLS/DTLS downgrade in WebRTC (obsolete)
- Allow local MHTML files to open automatically in Internet Explorer mode
- Allow managed extensions to use the Enterprise Hardware Platform API
- Allow media autoplay for websites
- Allow media autoplay on specific sites
- Allow Microsoft Edge to block navigations to external protocols in a sandboxed iframe
- Allow or block audio capture
- Allow or block video capture
- Allow or deny screen capture
- Allow pages to send synchronous XHR requests during page dismissal (obsolete)
- Allow pages to use the built-in AI APIs.
- Allow pages with Cache-Control: no-store header to enter back/forward cache
- Allow personalization of ads, Microsoft Edge, search, news and other Microsoft services by sending browsing history, favorites and collections, usage and other browsing data to Microsoft
- Allow Pin to taskbar wizard
- Allow queries to a Browser Network Time service
- Allow QUIC protocol
- Allow remote debugging
- Allow Save page as in Internet Explorer mode
- Allow screen capture without prior user gesture
- Allow ServiceWorker to control srcdoc iframes
- Allow ServiceWorker to dispatch navigation requests without waiting for its startup
- Allow sharing tenant-approved browsing history with Microsoft 365 Copilot Search
- Allow single sign-on for Microsoft personal sites using this profile
- Allow sites configured for Internet Explorer mode to open in Microsoft Edge
- Allow software WebGL fallback using SwiftShader
- Allow specific apps to be opened in Microsoft Edge sidebar
- Allow SpeculationRules prefetch for ServiceWorker-controlled URLs
- Allow suggestions from local providers
- Allow surf game
- Allow the audio process to run with priority above normal on Windows
- Allow the audio sandbox to run
- Allow the Search bar at Windows startup
- Allow the Search bar at Windows startup (obsolete)
- Allow the Serial API on specific sites
- Allow unconfigured sites to be reloaded in Internet Explorer mode
- Allow user feedback
- Allow users to access the games menu (deprecated)
- Allow users to access the Microsoft Office menu (deprecated)
- Allow users to access the Outlook menu (obsolete)
- Allow users to bypass Enhanced Security Mode
- Allow users to configure Family safety and Kids Mode
- Allow users to configure Site safety services (obsolete)
- Allow users to open files using the ClickOnce protocol
- Allow users to open files using the DirectInvoke protocol
- Allow users to proceed from the HTTPS warning page
- Allow users to proceed from the HTTPS warning page for specific origins
- Allow using the deprecated U2F Security Key API (obsolete)
- Allow Web Authentication requests on sites with broken TLS certificates.
- Allow WebDriver to Override Incompatible Policies (obsolete)
- Allow websites to query for available payment methods
- Allowed Origins for Proxied WebAuthn Requests from Remote Desktop Applications.
- Allows a page to show popups during its unloading (obsolete)
- Allows enabling the feature NewBaseUrlInheritanceBehavior (obsolete)
- Allows enabling throttling of non-visible, cross-origin iframes (obsolete)
- Allows system notifications
- Allows the AppCache feature to be re-enabled, even if it's turned off by default (obsolete)
- Allows users to edit favorites
- Allows users to translate videos to different languages.
- Allows web pages to use identifiers for the purpose of protected content playback
- Always open PDF files externally
- Always use the OS capture engine to avoid issues with capturing Internet Explorer mode tabs
- Ask where to save downloaded files
- AutoLaunch Protocols Component Enabled
- Automatically import another browser's data and settings at first run
- Automatically open Copilot side pane with contextual insights for links opened from Outlook
- Automatically open downloaded MHT or MHTML files from the web in Internet Explorer mode
- Block access to a list of URLs
- Block access to a list of URLs in InPrivate mode.
- Block access to a specified list of services and export targets in Collections
- Block access to sensors on specific sites
- Block all ads on Bing search results
- Block clipboard use on specific sites
- Block smart actions for a list of services
- Block the Serial API on specific sites
- Block third party cookies
- Block tracking of users' web-browsing activity
- Browser sign-in settings
- Browsing Data Lifetime Settings
- Browsing with Copilot Allowed URLs
- Browsing with Copilot Blocked URLs
- CECPQ2 post-quantum key-agreement enabled for TLS (obsolete)
- Check RSA key usage for server certificates issued by local trust anchors (obsolete)
- Clear browsing data when Microsoft Edge closes
- Clear cached images and files when Microsoft Edge closes
- Clear history for IE and IE mode every time you exit
- Configuration policy for bulk data entry for Microsoft Edge for Business Data Loss Prevention Connectors
- Configuration policy for files attached for Microsoft Edge for Business Data Loss Prevention Connectors
- Configuration policy for Microsoft Edge for Business Reporting Connectors
- Configuration policy for print for Microsoft Edge for Business Data Loss Prevention Connectors
- Configure address bar editing
- Configure Automatic HTTPS (obsolete)
- Configure automatic sign in with an Active Directory domain account when there is no Azure AD domain account
- Configure browser process code integrity guard setting
- Configure Do Not Track
- Configure enhanced hang detection for Internet Explorer mode
- Configure favorites
- Configure how frequently the Enterprise Mode Site List is refreshed
- Configure if the ads transparency feature is enabled
- Configure InPrivate mode availability
- Configure Internet Explorer integration
- Configure list of force-installed Web Apps
- Configure Online Text To Speech
- Configure Related Matches in Find on Page (obsolete)
- Configure reporting of IE Mode user list entries to the M365 Admin Center Site Lists app
- Configure reporting of potentially misconfigured neutral site URLs to the M365 Admin Center Site Lists app
- Configure ShadowStack crash rollback behavior (obsolete)
- Configure Speech Recognition
- Configure the default paste format of URLs copied from Microsoft Edge, and determine if additional formats will be available to users
- Configure the Enterprise Mode Cloud Site List
- Configure the Enterprise Mode Site List
- Configure the list of commands for which to disable keyboard shortcuts
- Configure the list of domains for which enhance security mode will always be enforced
- Configure the list of domains for which enhance security mode will not be enforced
- Configure the list of names that will bypass the HSTS policy check
- Configure the list of sites for which Microsoft Edge will attempt to establish a Token Binding with (obsolete)
- Configure the list of types that are excluded from synchronization
- Configure the list of types that are included for synchronization
- Configure the pixel adjustment between window.open heights sourced from IE mode pages vs. Edge mode pages
- Configure the pixel adjustment between window.open widths sourced from IE mode pages vs. Edge mode pages
- Configure the Share experience
- Configure the View in File Explorer feature for SharePoint pages in Microsoft Edge
- Configure tracking prevention exceptions for specific sites
- Configure users ability to override feature flags
- Configure Web Content Filtering
- Configure whether a user always has a default profile automatically signed in with their work or school account
- Configure whether form data and HTTP headers will be sent when entering or exiting Internet Explorer mode
- Configure whether Microsoft Edge should automatically select a certificate when there are multiple certificate matches for a site configured with "AutoSelectCertificateForUrls" (deprecated)
- Configures availability of a vertical layout for tabs on the side of the browser
- Continue running background apps after Microsoft Edge closes
- Control access to AI-enhanced search in History
- Control access to Microsoft 365 Copilot writing assistance in Microsoft Edge for Business
- Control communication with the Experimentation and Configuration Service
- Control Copilot access to Microsoft Edge page content and browsing history for Entra account user profiles when using Copilot in the Microsoft Edge sidepane
- Control Copilot access to page context for Microsoft Entra ID profiles
- Control Copilot with Commercial Data Protection access to page context for Microsoft Entra ID profiles (obsolete)
- Control Javascript setTimeout() function minimum timeout (obsolete)
- Control the availability of the XSLT feature
- Control the behavior for the cancel dialog produced by the beforeunload event (obsolete)
- Control the IntensiveWakeUpThrottling feature
- Control the mode of DNS-over-HTTPS
- Control the new behavior for event dispatching on disabled form controls (obsolete)
- Control the User-Agent Client Hints GREASE Update feature (obsolete)
- Control use of the Headless Mode
- Control use of the Serial API
- Control where developer tools can be used
- Control where security restrictions on insecure origins apply
- Control whether an informational webpage for Edge for Business is shown in the new tab after major browser updates
- Control whether Microsoft 365 Copilot Chat shows in the Microsoft Edge for Business toolbar
- Control whether storage quota APIs will return static values
- Control whether TLS 1.3 Early Data is enabled in Microsoft Edge
- Control which apps are forced to be shown in Microsoft Edge sidebar
- Control which apps cannot be opened in Microsoft Edge sidebar
- Controls the availability of browsing with Copilot in Microsoft Edge.
- Controls the display of the profile button label for the work or school profile
- Controls whether the deprecated :--foo syntax for CSS custom state is enabled (obsolete)
- Controls whether the new HTML parser behavior for the <select> element is enabled (obsolete)
- Controls whether unload event handlers can be disabled.
- CORS non-wildcard request header support enabled
- Default clipboard site permission
- Default sensors setting
- Define a list of allowed URLs
- Define a list of protocols that can launch an external application from listed origins without prompting the user
- Define a list of protocols that can not be silently blocked by anti-flood protection
- Define an ordered list of preferred languages that websites should display in if the site supports the language
- Define domains allowed to access Google Workspace
- Delete old browser data on migration
- Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store (obsolete)
- Determines whether the Microsoft Root Store and built-in certificate verifier will be used to verify server certificates (obsolete)
- Disable Certificate Transparency enforcement for a list of legacy certificate authorities (obsolete)
- Disable Certificate Transparency enforcement for a list of subjectPublicKeyInfo hashes
- Disable Certificate Transparency enforcement for specific URLs
- Disable download file type extension-based warnings for specified file types on domains
- Disable download file type extension-based warnings for specified file types on domains (obsolete)
- Disable saving browser history
- Disable support for 3D graphics APIs
- Disable synchronization of data using Microsoft sync services
- Disable taking screenshots
- Discover feature In Microsoft Edge (obsolete)
- Display zoom in IE Mode tabs with DPI Scale included like it is in Internet Explorer
- DNS interception checks enabled
- Do not set window.opener for links targeting _blank (obsolete)
- Double Click feature in Microsoft Edge enabled (only available in China)
- Dynamic Code Settings
- Edge 3P SERP Telemetry Enabled
- Edge Wallet E-Tree Enabled (deprecated)
- Enable 3DES cipher suites in TLS (obsolete)
- Enable a TLS 1.3 security feature for local trust anchors (obsolete)
- Enable adaptive buffering for Web Audio
- Enable additional search box in browser
- Enable Ambient Authentication for InPrivate and Guest profiles
- Enable Application Bound Encryption
- Enable AutoFill for addresses
- Enable AutoFill for payment instruments
- Enable automatic HTTPS upgrades
- Enable browser legacy extension point blocking
- Enable component updates in Microsoft Edge
- Enable Copilot address bar suggestions
- Enable CryptoWallet feature (obsolete)
- Enable deleting browser and download history
- Enable deprecated/removed Mutation Events (obsolete)
- Enable Discover access to page contents for AAD profiles (obsolete)
- Enable Domain Actions Download from Microsoft (obsolete)
- Enable Drop feature in Microsoft Edge
- Enable ending processes in the Browser task manager
- Enable favorites bar
- Enable Follow service in Microsoft Edge (obsolete)
- Enable full-tab promotional content (deprecated)
- Enable Gamer Mode (obsolete)
- Enable globally scoped HTTP auth cache
- Enable guest mode
- Enable insecure download warnings
- Enable keyboard focusable scrollers (obsolete)
- Enable Microsoft Bing trending suggestions in the address bar
- Enable Microsoft Search in Bing suggestions in the address bar (obsolete)
- Enable Native Window Occlusion (deprecated)
- Enable network prediction
- Enable online OCSP/CRL checks
- Enable opaque origins for data URLs in Web Workers
- Enable open in sidebar
- Enable or disable freezing the User-Agent string at major version 99 (obsolete)
- Enable or disable the User-Agent Reduction (obsolete)
- Enable Picture in Picture overlay feature on supported webpages in Microsoft Edge
- Enable post-quantum key agreement for TLS (obsolete)
- Enable Proactive Authentication (obsolete)
- Enable profile creation from the Identity flyout menu or the Settings page
- Enable QR Code Generator
- Enable Read Aloud feature in Microsoft Edge
- Enable renderer code integrity (obsolete)
- Enable renderer in app container
- Enable resolution of navigation errors using a web service
- Enable scrolling to text specified in URL fragments
- Enable search suggestions
- Enable security warnings for command-line flags
- Enable sidebar customize
- Enable Signed HTTP Exchange (SXG) support
- Enable Silent Printing
- Enable site isolation for every site
- Enable site isolation for specific origins
- Enable specific spellcheck languages
- Enable spellcheck
- Enable split screen feature in Microsoft Edge
- Enable Standardized Browser Zoom Behavior
- Enable stricter treatment for mixed content (obsolete)
- Enable support for Windows OS routing table rules when making peer to peer connections via WebRTC
- Enable tab organization suggestions
- Enable tab preview on hover
- Enable the Collections feature
- Enable the Copilot new tab page
- Enable the extended lifetime option for SharedWorkers
- Enable the network service sandbox
- Enable the Screenshot (previously named Web Capture) feature in Microsoft Edge
- Enable the Search bar
- Enable the Search bar (deprecated)
- Enable the User-Agent Client Hints feature (obsolete)
- Enable Translate
- Enable travel assistance (obsolete)
- Enable upload files from mobile in Microsoft Edge desktop
- Enable usage and crash-related data reporting (obsolete)
- Enable use of ephemeral profiles
- Enable User Web App Install From Browser
- Enable using roaming copies for Microsoft Edge profile data
- Enable Wallet Checkout feature
- Enable warnings for insecure forms (deprecated)
- Enable Window Occlusion
- Enable Windows to search local Microsoft Edge browsing data
- Enable Work Search suggestions in the address bar
- Enables background updates to the list of available templates for Collections and other features that use templates (deprecated)
- Enables DALL-E themes generation
- Enables default browser settings campaigns
- Enables Microsoft Edge mini menu
- Enforce Bing SafeSearch
- Enforce Edge guest mode
- Enforce Google SafeSearch
- Enhance images enabled (obsolete)
- Enhance the security state in Microsoft Edge
- Enhanced Security Mode configuration for Intranet zone sites
- Explicitly allowed network ports
- Extend Adobe Flash content setting to all content (obsolete)
- Fetch keepalive duration on shutdown
- Force direct intranet site navigation instead of searching on single word entries in the Address Bar
- Force disable spellcheck languages
- Force foreground priority for all tabs
- Force foreground priority for specific URLs
- Force minimum YouTube Restricted Mode
- Force networking code to run in the browser process (obsolete)
- Force synchronization of browser data and do not show the sync consent prompt
- Force WebSQL in non-secure contexts to be enabled (obsolete)
- Force WebSQL in third-party contexts to be re-enabled (obsolete)
- Force WebSQL to be enabled (obsolete)
- Force Windows executable Native Messaging hosts to launch directly
- Forces Microsoft Edge to use its built-in WNS push client to connect to the Windows Push Notification Service.
- Get user confirmation before closing a browser window with multiple tabs
- Hide restore pages dialog after browser crash
- Hide the First-run experience and splash screen
- Hide the one-time redirection dialog and the banner on Microsoft Edge
- HTTP Allowlist
- In-app support Enabled
- Intranet Redirection Behavior
- JavaScript setTimeout will not be clamped until a higher nesting threshold is set (deprecated)
- Keep the active Microsoft Edge window with an Internet Explorer mode tab always in the foreground.
- Let screen reader users get image descriptions from Microsoft
- Let users snip a Math problem and get the solution with a step-by-step explanation in Microsoft Edge (obsolete)
- Limits the number of user data snapshots retained for use in case of emergency rollback
- List of file types that should be automatically opened on download
- List of URL patterns for which developer tools are allowed to be opened
- List of URL patterns for which developer tools are blocked
- Live captions allowed
- Machine learning powered autofill suggestions
- Make SharedWorker blob URL behavior aligned with the specification
- Manage exposure of local IP addressess by WebRTC
- Manage opt-out user experience for Enhanced Security Mode (ESM) in Microsoft Edge (obsolete)
- Manage QuickView Office files capability in Microsoft Edge
- Manage Search Engines
- Manage the indicator UI of the Enhanced Security Mode (ESM) feature in Microsoft Edge
- Maximum number of concurrent connections to the proxy server for non-WebSocket requests
- Maximum number of concurrent connections to the proxy server for WebSocket requests
- Microsoft Edge built-in PDF reader powered by Adobe Acrobat enabled
- Microsoft Edge Insider Promotion Enabled
- Minimum TLS version enabled (obsolete)
- Mouse Gesture Enabled
- Notify a user that a browser restart is recommended or required for pending updates
- Open local files in Internet Explorer mode file extension allow list
- Origin-keyed agent clustering enabled by default
- Override for the CPU performance tier
- Personalize my top sites in Customize Sidebar enabled by default
- Prevent install of the BHO to redirect incompatible sites from Internet Explorer to Microsoft Edge
- Prompt the user to select a certificate when multiple certificates match
- Re-enable deprecated web platform features for a limited time (obsolete)
- Re-enable the Event.path API until Microsoft Edge version 115 (obsolete)
- Re-enable Web Components v0 API until M84 (obsolete)
- Redirect incompatible sites from Internet Explorer to Microsoft Edge
- Relaunch browser quickly when the current version is outdated
- Require that the Enterprise Mode Site List is available before tab navigation
- Restore PDF view
- Restrict Background Fetch API when called from a Service Worker
- Restrict CPU core sharing for renderer process
- Restrict the range of local UDP ports used by WebRTC
- Restrict which accounts can be used to sign in to Microsoft Edge
- Save and fill memberships
- Save cookies when Microsoft Edge closes
- Search Filters Enabled
- Search for image enabled
- Search in Sidebar enabled
- Secure mode and Certificate-based Digital Signature validation in native PDF reader
- Send all intranet sites to Internet Explorer
- Send required and optional diagnostic data about browser usage
- Send site information to improve Microsoft services (obsolete)
- Set a timeout for delay of tab navigation for the Enterprise Mode Site List
- Set application locale
- Set disk cache directory
- Set disk cache size, in bytes
- Set download directory
- Set limit on megabytes of memory a single Microsoft Edge instance can use
- Set Microsoft Edge as default browser
- Set the default "share additional operating system region" setting
- Set the roaming profile directory
- Set the time interval for relaunch
- Set the time period for update notifications
- Set the user data directory
- Set WPAD optimization
- Sets managed configuration values for websites to specific origins
- Settings for GenAI local foundational model
- Shopping in Microsoft Edge Enabled
- Show an "Always open" checkbox in external protocol dialog
- Show context menu to open a file:// link in Internet Explorer mode
- Show Downloads button on the toolbar
- Show Hubs Sidebar
- Show links shared from Microsoft 365 apps in History
- Show Microsoft Office shortcut in favorites bar (deprecated)
- Show Microsoft Rewards experiences
- Show the Reload in Internet Explorer mode button in the toolbar
- Show thumbnail images for browsing history
- Shows button on native PDF viewer in Microsoft Edge that allows users to sign up for Adobe Acrobat subscription
- Single sign-on for work or school sites using this profile enabled
- Sites that can access audio capture devices without requesting permission
- Sites that can access video capture devices without requesting permission
- Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context
- Specifies whether the display-capture permissions-policy is checked or skipped (obsolete)
- Specifies whether WebAssembly modules can be sent cross-origin (obsolete)
- Specify custom help link
- Specify how "in-page" navigations to unconfigured sites behave when started from Internet Explorer mode pages
- Specify if online OCSP/CRL checks are required for local trust anchors
- Specify the number of days that a site remains on the local IE mode site list
- Specify the TLS cipher suites to disable
- Specify URI template of desired DNS-over-HTTPS resolver
- Spell checking provided by Microsoft Editor
- Standalone Sidebar Enabled
- Suggest similar pages when a webpage can't be found
- Super Drag Drop Enabled
- Suppress the unsupported OS warning
- Synonyms are provided when using Microsoft Editor spell checker
- Text prediction enabled by default
- TLS Encrypted ClientHello Enabled
- URL reporting in Edge diagnostic data enabled
- URLs where AutoOpenFileTypes can apply
- Use a default referrer policy of no-referrer-when-downgrade (obsolete)
- Use built-in DNS client
- Use graphics acceleration when available
- Use out-of-process iframe PDF Viewer
- Use Windows proxy resolver
- Visual search enabled
- Wait for Internet Explorer mode tabs to completely unload before ending the browser session
- Wallet Donation Enabled (deprecated)
- Web App management settings
- Web Select Enabled (obsolete)
- Websites or domains that don't need permission to use direct Security Key attestation
- XFA support in native PDF reader enabled