Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Configure the list of sites for which Microsoft Edge will attempt to establish a Token Binding with (obsolete)
OBSOLETE: This policy is obsolete and doesn't work after Microsoft Edge version 129.
Supported versions
- On Windows since 83, until 129
Description
This policy is obsolete because Token Binding is no longer supported, starting with Microsoft Edge 130.
Configure the list of URL patterns for sites that the browser will attempt to perform the Token Binding protocol with. For the domains on this list, the browser will send the Token Binding ClientHello in the TLS handshake (See https://tools.ietf.org/html/rfc8472). If the server responds with a valid ServerHello response, the browser will create and send Token Binding messages on subsequent https requests. See https://tools.ietf.org/html/rfc8471 for more info.
If this list is empty, Token Binding will be disabled.
This policy is only available on Windows 10 devices with Virtual Secure Mode capability.
Starting in Microsoft Edge 86, this policy no longer supports dynamic refresh.
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: No - Requires browser restart
- Per Profile: No
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- List of strings
Windows information and settings
Group Policy (ADMX) info
- GP unique name: AllowTokenBindingForUrls
- GP name: Configure the list of sites for which Microsoft Edge will attempt to establish a Token Binding with (obsolete)
- GP path (Mandatory): Administrative Templates/Microsoft Edge
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
mydomain.com
[*.]mydomain2.com
[*.].mydomain2.com
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\AllowTokenBindingForUrls
- Path (Recommended): N/A
- Value name: 1, 2, 3, ...
- Value type: List of REG_SZ
Example registry value
SOFTWARE\Policies\Microsoft\Edge\AllowTokenBindingForUrls\1 =
mydomain.com
SOFTWARE\Policies\Microsoft\Edge\AllowTokenBindingForUrls\2 =
[*.]mydomain2.com
SOFTWARE\Policies\Microsoft\Edge\AllowTokenBindingForUrls\3 =
[*.].mydomain2.com