Block Cookies in Microsoft Edge Using Intune

In this post, you’ll learn how to block third party cookies in Microsoft Edge using Intune. Cookies are small files that websites put on your PC to store info about your preferences. It can improve your browsing experience by allowing sites to remember your preferences or by letting you avoid signing in each time you visit certain sites.

However, some cookies may put your privacy at risk by tracking sites you visit. Third-party cookies allow advertisers to track a person’s browsing history across the web on any site that contains their ads.

All cookies are allowed by default in every web browser, and You can adjust the setting to allow or block cookies for all sites and set exceptions for specific sites.

Third-party cookies belong to domains different from the one shown in the address bar. These cookies typically appear when web pages feature content, such as banner advertisements, from external websites.

Patch My PC
[sibwp_form id=2]

This opens up the potential for tracking the user’s browsing history and is often used by advertisers to serve relevant advertisements to each user.

Block Cookies in Microsoft Edge Using Intune

Let’s follow the steps below to Block third-party cookies to prevent third-party websites from saving and reading cookie data.

  • Sign in to Microsoft Endpoint Manager Admin Center https://endpoint.microsoft.com/
  • Select Devices > Windows > Configuration profiles > Create profile.
Create Profile - Intune Configuration Profiles
Create Profile – Intune Configuration Profiles

In Create Profile, Select Platform, Windows 10, and later and Profile, Select Profile Type as Settings catalog. Click on Create button.

Select Platform, Profile Type
Select Platform, Profile Type

On the Basics tab, enter a descriptive name, such as Block third-party cookies in Microsoft Edge or Block Edge third-party cookies. Optionally, enter a Description for the policy, then select Next.

Adaptiva
Create Profile – Block third party cookies in Microsoft Edge
Create Profile – Block third party cookies in Microsoft Edge

In Configuration settings, click Add settings to browse or search the catalog for the settings you want to configure.

In Configuration Settings - Add Settings
In Configuration Settings – Add Settings

On the Settings Picker window, use the search box and type block third-party cookies, and click Search. Now select Microsoft Edge. This will display all the available settings related to third-party cookies for Microsoft Edge.

Note – If you want to allow or block cookies for specific sites. You can add the settings from Microsoft Edge > Content settings – Allow cookies on specific sites: Define a list of sites, based on URL patterns, that are allowed to set cookies.

Select Microsoft Edge > Block Third Party Cookies
Select Microsoft Edge > Block Third Party Cookies

The setting is shown and configured with a default value Disabled. Set Block third party cookies to Enabled and Click Next.

Block third party cookies – Enabled Block web page elements that aren’t from the domain that’s in the address bar from setting cookies.

If you enable this policy, web page elements that are not from the domain that is in the address bar can’t set cookies. If you disable this policy, web page elements from domains other than in the address bar can set cookies.

Block third party cookies - Enabled
Block third party cookies – Enabled

Under Assignments, In Included groups, click Add groups and then choose Select groups to include one or more groups to which you want to deploy the Edge block third party cookies settings. Click Next to continue.

Group Assignments – Block Third Party Cookies in Microsoft Edge
Group Assignments – Block Third Party Cookies in Microsoft Edge

In Scope tags, you can assign a tag to filter the profile to specific IT groups. Add scope tags (if required) and click Next.
In Review + create, review your settings. When you select Create, your changes are saved, and the profile is assigned.

Review Policy for Edge
Review Policy for Edge

A notification will appear automatically in the top right-hand corner with a message. The Policy “Block Third Party Cookies in Microsoft Edge” created successfully. The policy is also shown in the Configuration profiles list.

Your groups will receive your profile settings when the devices check in with the Intune service the policy applies to the devices.

Intune Reporting – Block Cookies in Microsoft Edge

You can check Intune settings catalog profile report from Intune Portal, which provides an overall view of device configuration policies deployment status.

To monitor the policy assignment, from the list of Configuration Profiles, select the policy, and here you can check the device and user check-in status. If you click View Report, additional details are displayed.

Additionally, you can quickly check the update as devices/users check in status reports.

Intune Reporting - Block Cookies in Microsoft Edge
Intune Reporting – Block Cookies in Microsoft Edge

Intune MDM Event Log

Event logs are the extended type of Intune Logs in Windows. The Intune event ID 814 indicates that a string policy is applied on Windows 11 or 10 devices. You can also see the exact value of the policy being applied on those devices.

MDM PolicyManager: Set policy string, Policy: (BlockThirdPartyCookies), Area: (microsoft_edge~Policy~microsoft_edge), EnrollmentID requesting merge: (78BF73E9-4EBB-4575-9EF5-21B30DB3FD4E), Current User: (Device), String: (), Enrollment Type: (0x6), Scope: (0x0).

Intune MDM Event Log 814 - Block ThirdParty Cookies in Microsoft Edge
Intune MDM Event Log 814 – Block ThirdParty Cookies in Microsoft Edge

Validate Registry

You can use REGEDIT.exe on a target computer to view the registry settings that store group policy settings. These settings are located at the registry path

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge Value Name: BlockThirdPartyCookies

Registry - Block ThirdParty Cookies in Microsoft Edge
Registry – Block ThirdParty Cookies in Microsoft Edge

End User Experience – Block Cookies in Microsoft Edge

Open Microsoft Edge, Go to Settings and more  > Settings. In the Settings tab, select “Cookies and site permissions” on the left sidebar.

On the right panel, click on “Manage and delete cookies and site data.” Here you can see “Block third-party cookies” is turned off.

End User Experience - Block Cookies in Microsoft Edge
End User Experience – Block Cookies in Microsoft Edge

Author

7 thoughts on “Block Cookies in Microsoft Edge Using Intune”

  1. Any idea how to allow 3rd party cookies on select approved sites when doing this?

    In the Edge / Chrome GUI, there is a check box for this when allowing cookies on a site. There does not seem to be such an option in GPO or Intune as far as I can tell.

    Reply
  2. It seems as though the allow cookies on specific sites doesn’t include third-party cookies.

    Well from my experience and what I’ve seen online, unless another setting is conflicting.

    Reply
  3. I just removed all policies excluding blocking third party cookies and allow cookies on specific sites.

    The allow cookies on specific sites does not enable third party cookies on that site.

    So where as this policy is great, it’s just missing the final piece to the puzzle to make it fully usable

    Reply
  4. To enable third party cookies on a site, enter the site “owning” the cookieyou want to allow in the “allow cookies on specific sites” list. – Should work.

    Reply
  5. Regarding third party cookies, documentation for what he has said is here.

    https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#example-value-8:~:text=To%20allow%20third,value%20does%20not

    Essentially you can pick which third party site you want to allow on the top level-site. Eg, the below would allow Google cookies whilst browsing reddit.com.

    “https://ww.Google.com,https://www.Reddit.com

    Alternatively, just pop a wildcard to allow all third-party cookies on reddit.com

    “*,https://www.Reddit.com

    I’m sure this is a change as I never used to do this and it stopped working at my old company.

    Reply
  6. # I tried BlockThirdPartyCookies works like charm but it does not seems to be working in combination with CookiesAllowedForUrls (Allow cookies on specific sites)

    # I see respective registries printed on the end point while all registries being blocked * and I see Allow cookies on specific sites being listed at ComputerHKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftEdgeCookiesAllowedForUrls

    # Still Cookies are getting blocked for all sites as well as for URLS in CookiesAllowedForUrls

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.