Edit

Share via


AuthServerAllowlist

Configure list of allowed authentication servers

Supported versions

  • On Windows and macOS since 77 or later

Description

Specifies which servers to enable for integrated authentication. Integrated authentication is only enabled when Microsoft Edge receives an authentication challenge from a proxy or from a server in this list.

Separate multiple server names with commas. Wildcards (*) are allowed.

If you don't configure this policy, Microsoft Edge tries to detect if a server is on the intranet - only then will it respond to IWA requests. If the server is on the internet, IWA requests from it are ignored by Microsoft Edge.

Supported features

  • Can be mandatory: Yes
  • Can be recommended: No
  • Dynamic Policy Refresh: No - Requires browser restart
  • Per Profile: No
  • Applies to a profile that is signed in with a Microsoft account: Yes

Data type

  • String

Windows information and settings

Group Policy (ADMX) info

  • GP unique name: AuthServerAllowlist
  • GP name: Configure list of allowed authentication servers
  • GP path (Mandatory): Administrative Templates/Microsoft Edge/HTTP authentication
  • GP path (Recommended): N/A
  • GP ADMX file name: MSEdge.admx

Example value

*contoso.com,contoso.com

Registry settings

  • Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
  • Path (Recommended): N/A
  • Value name: AuthServerAllowlist
  • Value type: REG_SZ

Example registry value

*contoso.com,contoso.com

Mac information and settings

  • Preference Key name: AuthServerAllowlist
  • Example value:
<string>*contoso.com,contoso.com</string>

See also