Bock Edge extensions but allow specific

By default, I always block Edge extensions. Sometimes users really need some extensions to make their work easier or safer. Today I got a call from a user who was unable to install Bitwarden Password Manager Extension in Edge. In this case it’s a good thing cause this user is aware of password protection. I decided to allow this specific extension and I’ll show you how it’s done.

Create configuration profile

  • Browse to Microsoft Endpoint Manager
  • Navigate to Devices > Windows > Configuration profiles > Create profile.
  • Select Windows 10 and later as platform
  • Select Settings catalog as profile type.

Give your configuration profile a name and description (optional)

  1. Click Add settings
  2. Click Microsoft Edge
  3. Click Extensions
  4. Select Allow specific extensions to be installed

Here comes the magic!

  1. Set allow specific extensions to be installed to Enabled
  2. Fill in the Extension ID

Scroll down to see how you can find the Extension ID!

Click Add groups, and select a device group where this setting should be deployed to.

Finaly, click “Create“. You are done! Give the endpoint some time to update the policy, restart the browser or device and install your allowed Edge extension. All other extensions are still un-allowed and would result in the known error Your admin has blocked

Where is the extension ID!?

Navigate to the Extension store and find your desired extension. First time I lost my mind. I was scrolling down the extension page, defaults, description without finding a extension ID. Then I would open a new Edge tab to google for the extension ID, but then I my eye sees the URL! The Extension ID is shown in the URL!

  • Copy the ID part behind the /
  • Paste the ID in the Configuration Policy created above

Leave a Reply

Your email address will not be published.

19 + 11 =