Edit

Share via


AutoLaunchProtocolsFromOrigins

Define a list of protocols that can launch an external application from listed origins without prompting the user

Supported versions

  • On Windows and macOS since 85 or later

Description

Allows you to set a list of protocols, and for each protocol an associated list of allowed origin patterns, that can launch an external application without prompting the user. The trailing separator should not be included when listing the protocol and the protocol should be all lower case. For example, list "skype" instead of "skype:", "skype://" or "Skype".

If you configure this policy, a protocol will only be permitted to launch an external application without prompting by policy if:

  • the protocol is listed

  • the origin of the site trying to launch the protocol matches one of the origin patterns in that protocol's allowed_origins list.

If either condition is false, the external protocol launch prompt will not be omitted by policy.

If you don't configure this policy, no protocols can launch without a prompt. Users can opt out of prompts on a per-protocol/per-site basis unless the ExternalProtocolDialogShowAlwaysOpenCheckbox policy is set to Disabled. This policy has no impact on per-protocol/per-site prompt exemptions set by users.

The origin matching patterns use a similar format to those for the URLBlocklist policy, which are documented at https://go.microsoft.com/fwlink/?linkid=2095322.

However, origin matching patterns for this policy cannot contain "/path" or "@query" elements. Any pattern that does contain a "/path" or "@query" element will be ignored.

This policy does not work as expected with file://* wildcards.

Supported features

  • Can be mandatory: Yes
  • Can be recommended: No
  • Dynamic Policy Refresh: Yes
  • Per Profile: Yes
  • Applies to a profile that is signed in with a Microsoft account: Yes

Data type

  • Dictionary

Windows information and settings

Group Policy (ADMX) info

  • GP unique name: AutoLaunchProtocolsFromOrigins
  • GP name: Define a list of protocols that can launch an external application from listed origins without prompting the user
  • GP path (Mandatory): Administrative Templates/Microsoft Edge
  • GP path (Recommended): N/A
  • GP ADMX file name: MSEdge.admx

Example value

[{"allowed_origins": ["example.com", "http://www.example.com:8080"], "protocol": "spotify"}, {"allowed_origins": ["https://example.com", "https://.mail.example.com"], "protocol": "msteams"}, {"allowed_origins": ["*"], "protocol": "msoutlook"}]

Registry settings

  • Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
  • Path (Recommended): N/A
  • Value name: AutoLaunchProtocolsFromOrigins
  • Value type: REG_SZ

Example registry value

[{"allowed_origins": ["example.com", "http://www.example.com:8080"], "protocol": "spotify"}, {"allowed_origins": ["https://example.com", "https://.mail.example.com"], "protocol": "msteams"}, {"allowed_origins": ["*"], "protocol": "msoutlook"}]

Expanded example registry value

[
  {
    "allowed_origins": [
      "example.com",
      "http://www.example.com:8080"
    ],
    "protocol": "spotify"
  },
  {
    "allowed_origins": [
      "https://example.com",
      "https://.mail.example.com"
    ],
    "protocol": "msteams"
  },
  {
    "allowed_origins": [
      "*"
    ],
    "protocol": "msoutlook"
  }
]

Mac information and settings

  • Preference Key name: AutoLaunchProtocolsFromOrigins
  • Example value:
<key>AutoLaunchProtocolsFromOrigins</key>
<array>
  <dict>
    <key>allowed_origins</key>
    <array>
      <string>example.com</string>
      <string>http://www.example.com:8080</string>
    </array>
    <key>protocol</key>
    <string>spotify</string>
  </dict>
  <dict>
    <key>allowed_origins</key>
    <array>
      <string>https://example.com</string>
      <string>https://.mail.example.com</string>
    </array>
    <key>protocol</key>
    <string>msteams</string>
  </dict>
  <dict>
    <key>allowed_origins</key>
    <array>
      <string>*</string>
    </array>
    <key>protocol</key>
    <string>msoutlook</string>
  </dict>
</array>

See also