Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings
Supported versions
- On Windows and macOS since 77 or later
Description
Configure the list of Microsoft Defender SmartScreen trusted domains. This means: Microsoft Defender SmartScreen won't check for potentially malicious resources like phishing software and other malware if the source URLs match these domains. The Microsoft Defender SmartScreen download protection service won't check downloads hosted on these domains.
If you enable this policy, Microsoft Defender SmartScreen trusts these domains. If you disable or don't set this policy, default Microsoft Defender SmartScreen protection is applied to all resources.
This policy is available only on Windows instances that are joined to a Microsoft Active Directory ___domain, Windows 10/11 Pro or Enterprise instances that enrolled for device management, or macOS instances that are that are managed via MDM or joined to a ___domain via MCX. Note: If your organization has enabled Microsoft Defender for Endpoint, this policy and any allow list created with it will be ignored. You must configure your allow and block lists in Microsoft 365 Defender portal using Indicators (Settings > Endpoints > Indicators).
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: Yes
- Per Profile: Yes
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- List of strings
Windows information and settings
Group Policy (ADMX) info
- GP unique name: SmartScreenAllowListDomains
- GP name: Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings
- GP path (Mandatory): Administrative Templates/Microsoft Edge/SmartScreen settings
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
mydomain.com
myuniversity.edu
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains
- Path (Recommended): N/A
- Value name: 1, 2, 3, ...
- Value type: List of REG_SZ
Example registry value
SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 =
mydomain.com
SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 =
myuniversity.edu
Mac information and settings
- Preference Key name: SmartScreenAllowListDomains
- Example value:
<array>
<string>mydomain.com</string>
<string>myuniversity.edu</string>
</array>