Applications
      Back to home
      1. Help Center
      2. Applications

      How to Use Intune to Block Edge Extensions

      Overview

      This knowledge base will show you how to block Edge extensions, as well as restrict users from installing Microsoft Edge extensions via Intune, or only allow users to install specific edge extensions.

      Steps

      1. Before we begin, log in to the Microsoft Intune portal.
      2. Navigate to Devices > By platform: Windows > Configuration Profiles.
      3. Select Create > New Policy


      4. On the Create a Profile window, click the drop-down menu and select Platform as Windows 10 and later. Then, choose Settings catalog as the Profile type. Then, click Create.


      5. On the Basics tab, you should specify the name of the profile i.e: Block Edge Extensions, and you can add a profile description if you like. Then, click Next.


      6. In the Configuration Settings section, located under the Settings Catalog, click on the "Add Settings" button.


      7. In the Settings picker window, type "extensions" in the search box and click on Search. From the search results, select Microsoft Edge\Extensions. Then, select the option to control which extensions cannot be installed.


      8. Click the radio button to enable the "Control which extensions cannot be installed" setting. Then click Next.
        Note: Once this setting is enabled, it will list specific extensions that users cannot install in Microsoft Edge. Any extensions on this list that were previously installed will be disabled, and the user won’t be able to enable them again. If you remove an item from the list of blocked extensions, that extension will automatically be re-enabled wherever it was previously installed.

        You can use “*” to block all extensions that are not explicitly listed in the allow list. If you don’t configure this policy, users can install any extension in Microsoft Edge. 


      9. Click 'Next' to skip the scope tags.


      10. In the Assignments tab, specify the groups you want to target with this policy, and then click Next.


      11. Review all the settings defined to 'Block Edge Extensions' in the 'Review + Create' section, then select Create.


      12. After creating a device configuration policy in Intune, a notification will appear stating "Policy created" This confirms that the policy to block Edge extensions has been deployed.