Policy
Set authorized domains for HTTPS authentication in MSIX streaming install
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows11
This policy setting determines whether an EntraID OAuth token will be included in HTTPS communications to a specified fully qualified domain name for performing an MSIX streaming installation. If you enable this policy setting, HTTPS communications to the predefined fully qualified domains will incorporate the user's EntraID OAuth token when performing a streaming MSIX install. The value provided is a regular expression (ECMA Script) that will be used to match against the uppercased, fully qualified domain of the URL. If you disable or do not configure this policy setting, the user's EntraID OAuth token will only be shared with the default configured domains.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Expression ID ConfigureMSIXAuthenticationAuthorizedDomains | text | HKLM\Software\Policies\Microsoft\Windows\Appx\MSIXAuthenticationAuthorizedDomains Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.
- ComputerAllow a Windows app to share application data between usersAt least Windows Server 2016, Windows 10
- ComputerAllow all trusted apps to installAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllow deployment operations in special profilesAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllowed package family names for non-admin user installAt least Windows 11 Version 22H2
- ComputerAllows development of packaged Microsoft Store apps and installing them from an integrated development environment (IDE)At least Windows Server 2012, Windows 8 or Windows RT
- ComputerArchive infrequently used appsAt least Windows Server 2016, Windows 10
- ComputerDisable installing Windows apps on non-system volumesAt least Windows 8.1 Update 2
- ComputerNot allow per-user unsigned packages to install by default (requires explicitly allow per install)Windows 10 22H2
- ComputerNot allow sideloaded apps to auto-update in the backgroundAt least Windows Server 2016, Windows 10 Version 2106
- ComputerNot allow sideloaded apps to auto-update in the background on a metered networkAt least Windows Server 2016, Windows 10 Version 2106
- ComputerPrevent non-admin users from installing packaged Windows appsAt least Windows Server 2016, Windows 10
- ComputerPrevent users' app data from being stored on non-system volumesAt least Windows 8.1 Update 2