Edit

Share via


AllowCrossOriginAuthPrompt

Allow cross-origin HTTP Authentication prompts

Supported versions

  • On Windows and macOS since 77 or later

Description

Controls whether third-party images on a page can show an authentication prompt.

Typically, this is disabled as a phishing defense. If you don't configure this policy, it's disabled and third-party images can't show an authentication prompt.

Supported features

  • Can be mandatory: Yes
  • Can be recommended: No
  • Dynamic Policy Refresh: Yes
  • Per Profile: No
  • Applies to a profile that is signed in with a Microsoft account: Yes

Data type

  • Boolean

Windows information and settings

Group Policy (ADMX) info

  • GP unique name: AllowCrossOriginAuthPrompt
  • GP name: Allow cross-origin HTTP Authentication prompts
  • GP path (Mandatory): Administrative Templates/Microsoft Edge/HTTP authentication
  • GP path (Recommended): N/A
  • GP ADMX file name: MSEdge.admx

Example value

Disabled

Registry settings

  • Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
  • Path (Recommended): N/A
  • Value name: AllowCrossOriginAuthPrompt
  • Value type: REG_DWORD

Example registry value

0x00000000

Mac information and settings

  • Preference Key name: AllowCrossOriginAuthPrompt
  • Example value:
<false/>

See also