Browser Policy SSO - Installation on Microsoft Edge

The Browser Policy Single Sign On (SSO) allows the Browser Extension to identify the user without having to go through SSO via SAML altogether. 

To smoothly roll out Userlane, ensure the Browser is configured to install the Userlane Extension using the options provided by the respective browser.

This article focusses on its implementation on Edge.

Installation on Edge

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallForcelist]

"1"="joephgegnilhnnnocnkigpmmamgghage"

Note: The Registry Key ("1") might need to be modified (counted up to the ones already existing) if multiple Browser Extensions (other than Userlane) are installed.

Configuring


Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\joephgegnilhnnnocnkigpmmamgghage\policy]
;fill statically with companyId received from Customer Success Manager
"companyId"="123"
;fill statically with companyIntegrity found in same place
"companyIntegrity"="xyz"
;the authToken is not needed for regular SAML SSO
"authToken"="abc"
;optional, defaults to "eu", can be either "eu" or "us"
"region"="eu"
;optional, fill dynamically with ID of user (email or text id)
"userId"="1234"


Example: Setting userId dynamically with PowerShell and Windows Username

Consider this example, which creates the userId config in the registry dynamically. We’re using a PowerShell script, and load the user id simply from the username of the current user on the Windows system ($env:UserName). Of course, this can be replaced with any other value that is deemed appropriate.


# Set userId Browser Policy for Userlane Extension
$RegistryPath = 'HKCU:\SOFTWARE\Policies\Microsoft\Edge\3rdparty\extensions\joephgegnilhnnnocnkigpmmamgghage\policy'
$Name         = 'userId'
$Value        = $env:UserName
# Create the key if it does not exist
If (-NOT (Test-Path $RegistryPath)) {
  New-Item -Path $RegistryPath -Force | Out-Null
}  
New-ItemProperty -Path $RegistryPath -Name $Name -Value $Value -PropertyType String -Force

Validating Browser Policies

In Edge, you can use the following links:

  • edge://policy - to confirm that the ExtensionInstallForcelist value is present.

  • extension://joephgegnilhnnnocnkigpmmamgghage/options/index.html?stay#/nativeconfig - to confirm that the companyId, companyIntegrity, authToken, region, and/or userId values are present.
User Icon

Thank you! Your comment has been submitted for approval.