arc_support: Corporate keys can be used by Android applications that are installed
and listed in this policy.
caption: Key Permissions
desc: |-
Setting the policy grants access to corporate keys to extensions or Android applications. Keys are designated for corporate usage only if they're generated using the chrome.enterprise.platformKeys API on a managed account. Users can't grant or withdraw access to corporate keys to or from extensions or Android applications.
By default, an extension or an Android applications can't use a key designated for corporate usage, which is equivalent to setting allowCorporateKeyUsage to False for it. Only if allowCorporateKeyUsage is set to True for an extension or an Android application can it use any platform key marked for corporate usage to sign arbitrary data. Only grant this permission if the extension or the Android application is trusted to secure access to the key against attackers.
example_value:
com.example.app:
allowCorporateKeyUsage: true
com.example.app2:
allowCorporateKeyUsage: false
extension1:
allowCorporateKeyUsage: true
extension2:
allowCorporateKeyUsage: false
features:
dynamic_refresh: true
per_profile: true
owners:
- [email protected]
schema:
additionalProperties:
properties:
allowCorporateKeyUsage:
description: If set to true, this extension can use all keys that are designated
for corporate usage to sign arbitrary data. If set to false, it cannot access
any such keys and the user cannot grant such permission either. As an exception,
an extension can access such a key exactly once if the same extension generated
that key.
type: boolean
type: object
type: object
supported_on:
- chrome_os:45-
tags: []
type: dict
Codebase Browser
chromium