GloballyScopeHTTPAuthCacheEnabled

Article
2025-05-09

Enable globally scoped HTTP auth cache

Supported versions

On Windows and macOS since 81 or later

Description

This policy configures a single global per profile cache with HTTP server authentication credentials.

If you disable or don't set this policy, the browser will use the default behavior of cross-site auth, which as of version 80, will be to scope HTTP server authentication credentials by top-level site. So, if two sites use resources from the same authenticating ___domain, credentials will need to be provided independently in the context of both sites. Cached proxy credentials will be reused across sites.

If you enable this policy HTTP auth credentials entered in the context of one site will automatically be used in the context of another site.

Enabling this policy leaves sites open to some types of cross-site attacks, and allows users to be tracked across sites even without cookies by adding entries to the HTTP auth cache using credentials embedded in URLs.

This policy is intended to give enterprises depending on the legacy behavior a chance to update their login procedures and will be removed in the future.

Supported features

Can be mandatory: Yes
Can be recommended: No
Dynamic Policy Refresh: Yes
Per Profile: Yes
Applies to a profile that is signed in with a Microsoft account: No

Data type

Boolean

Windows information and settings

Group Policy (ADMX) info

GP unique name: GloballyScopeHTTPAuthCacheEnabled
GP name: Enable globally scoped HTTP auth cache
GP path (Mandatory): Administrative Templates/Microsoft Edge
GP path (Recommended): N/A
GP ADMX file name: MSEdge.admx

Example value

Disabled

Registry settings

Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
Path (Recommended): N/A
Value name: GloballyScopeHTTPAuthCacheEnabled
Value type: REG_DWORD

Example registry value

0x00000000

Mac information and settings

Preference Key name: GloballyScopeHTTPAuthCacheEnabled
Example value:

<false/>

Share via