caption: Extension management settings
desc: |-
Setting the policy controls extension management settings for <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>, including any controlled by existing extension-related policies. The policy supersedes any legacy policies that might be set.
This policy maps an extension ID or an update URL to its specific setting only. A default configuration can be set for the special ID <ph name="DEFAULT_SCOPE">"*"</ph>, which applies to all extensions without a custom configuration in this policy. With an update URL, configuration applies to extensions with the exact update URL stated in the extension manifest ( http://support.google.com/chrome/a?p=Configure_ExtensionSettings_policy ). If the 'override_update_url' flag is set to true, the extension is installed and updated using the "update" URL specified in the <ph name="EXTENSION_INSTALL_FORCELIST_POLICY_NAME">ExtensionInstallForcelist</ph> policy or in 'update_url' field in this policy. The flag 'override_update_url' is ignored if the 'update_url' is a Chrome Web Store url.
On <ph name="MS_WIN_NAME">Microsoft® Windows®</ph> instances, apps and extensions from outside the Chrome Web Store can only be forced installed if the instance is joined to a <ph name="MS_AD_NAME">Microsoft® Active Directory®</ph> domain, joined to <ph name="MS_AAD_NAME">Microsoft® Azure® Active Directory®</ph> or enrolled in <ph name="CHROME_BROWSER_CLOUD_MANAGEMENT_NAME">Chrome Browser Cloud Management</ph>.
On <ph name="MAC_OS_NAME">macOS</ph> instances, apps and extensions from outside the Chrome Web Store can only be force installed if the instance is managed via MDM, joined to a domain via MCX or enrolled in <ph name="CHROME_BROWSER_CLOUD_MANAGEMENT_NAME">Chrome Browser Cloud Management</ph>.
example_value:
'*':
allowed_types:
- hosted_app
blocked_install_message: Custom error message.
blocked_permissions:
- downloads
- bookmarks
install_sources:
- https://company-intranet/chromeapps
installation_mode: blocked
runtime_allowed_hosts:
- '*://good.example.com'
runtime_blocked_hosts:
- '*://*.example.com'
abcdefghijklmnopabcdefghijklmnop:
blocked_permissions:
- history
installation_mode: allowed
minimum_version_required: 1.0.1
toolbar_pin: force_pinned
file_url_navigation_allowed: true
bcdefghijklmnopabcdefghijklmnopa:
allowed_permissions:
- downloads
installation_mode: force_installed
runtime_allowed_hosts:
- '*://good.example.com'
runtime_blocked_hosts:
- '*://*.example.com'
update_url: https://example.com/update_url
cdefghijklmnopabcdefghijklmnopab:
blocked_install_message: Custom error message.
installation_mode: blocked
defghijklmnopabcdefghijklmnopabc,efghijklmnopabcdefghijklmnopabcd:
blocked_install_message: Custom error message.
installation_mode: blocked
fghijklmnopabcdefghijklmnopabcde:
blocked_install_message: Custom removal message.
installation_mode: removed
ghijklmnopabcdefghijklmnopabcdef:
installation_mode: force_installed
override_update_url: true
update_url: https://example.com/update_url
update_url:https://www.example.com/update.xml:
allowed_permissions:
- downloads
blocked_permissions:
- wallpaper
installation_mode: allowed
features:
dynamic_refresh: true
per_profile: true
future_on:
- fuchsia
owners:
- [email protected]
- file://extensions/OWNERS
schema:
patternProperties:
^[a-p]{32}(?:,[a-p]{32})*,?$:
properties:
allowed_permissions:
$ref: ListOfPermissions
blocked_install_message:
description: text that will be displayed to the user in the chrome webstore
if installation is blocked.
type: string
blocked_permissions:
$ref: ListOfPermissions
file_url_navigation_allowed:
type: boolean
installation_mode:
enum:
- blocked
- allowed
- force_installed
- normal_installed
- removed
type: string
minimum_version_required:
pattern: ^[0-9]+([.][0-9]+)*$
type: string
override_update_url:
type: boolean
runtime_allowed_hosts:
$ref: ListOfUrlPatterns
runtime_blocked_hosts:
$ref: ListOfUrlPatterns
toolbar_pin:
enum:
- force_pinned
- default_unpinned
type: string
update_url:
type: string
type: object
'^update_url:':
properties:
allowed_permissions:
$ref: ListOfPermissions
blocked_permissions:
$ref: ListOfPermissions
installation_mode:
enum:
- blocked
- allowed
- removed
type: string
type: object
properties:
'*':
properties:
allowed_types:
$ref: ExtensionAllowedTypes
blocked_install_message:
type: string
blocked_permissions:
$ref: ListOfPermissions
install_sources:
$ref: ExtensionInstallSources
installation_mode:
enum:
- blocked
- allowed
- removed
type: string
runtime_allowed_hosts:
$ref: ListOfUrlPatterns
runtime_blocked_hosts:
$ref: ListOfUrlPatterns
type: object
type: object
supported_on:
- chrome.*:62-
- chrome_os:62-
tags: []
type: dict
url_schema: https://www.chromium.org/administrators/policy-list-3/extension-settings-full