GPO for "Allow extensions from other store"

ashishpoddar
Microsoft
Apr 13, 2021
We have hosted this documentation here https://docs.microsoft.com/en-us/deployedge/microsoft-edge-manage-extensions-webstore check it out and let us know your feedback.
ashishpoddar
Microsoft
Mar 01, 2020
smokie128 We are yet to update our documentation for the same. However the Chromium guidelines apply. Here are some high level pointers.

Create crx file of extension and host it to shared directory (manifest.json file of extension should not contain "key" attribute and should have update_url attribute pointing to correct place). The shared location should not require any authentication else force install will fail.

Creates updates.xml file with crx file hosted url, version and extension id. (Check this link for details: (https://developer.chrome.com/apps/autoupdate)

Set up extensionInstallsources policy to whitelist hosted url. (https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#extensions)

Set up extenionInstallForcelist policy to forceinstall extension. (https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#extensions)

Let me know if this works.
- smokie128
  Copper Contributor
  Aug 12, 2020
  ashishpoddar
  I was able to get everything working as intended in this way.
  Anyone else doing this should be aware that this changes the extension ID's, which can lead to problems with extensions that use Native Messaging (e.g. KeePassXC-Browser) - in this case you'd have to add the correct extension ID into the Native Messaging JSON file as an allowed source.
  - ashishpoddar
    Microsoft
    Aug 12, 2020
    smokie128 Glad to know.
    
    I didnt understand what you mean by "Anyone else doing this should be aware that this changes the extension ID's"

Forum Discussion

GPO for "Allow extensions from other store"

Resources