Hi, Let learn use of the Take Control of Your Browser Security Manage Web Bluetooth in Edge Browser with Intune Policy. Organizations deploy various types of policies to manage and secure user environments effectively. One such policy is applied to the Microsoft Edge browser, allowing administrators to manage how websites interact with Bluetooth devices.
This specific policy falls under the Content Settings category within Edge’s policy. Nowadays, many websites use Bluetooth to connect with nearby devices like headphones, printers. While this can be helpful and useful, it also brings some privacy and safety risks.
To manage this, users or organizations can control if websites are allowed to use Bluetooth through a setting called the Web Bluetooth API policy. This can be changed using browser settings or tools like Microsoft Intune. This policy is very helpful for organizations that want to keep their data and devices safe.
By controlling how websites use Bluetooth, companies can stop employees from accidentally connecting to unknown or unsafe devices. This also make a secure environment in organization. So, let’s look how this policy deployed in Intune.
Table of Contents
What is the Web Bluetooth API?
The Web Bluetooth API is a tool that websites use (with JavaScript) to connect to nearby Bluetooth devices. It can be useful, but if someone misuses it, it could be unsafe and lead to security problems.
Take Control of Your Browser Security Manage Web Bluetooth in Edge Browser with Intune Policy
We’ve discussed many details about controlling the use of the Web Bluetooth API policy. Now, let’s look at how to deploy this policy using Microsoft Intune. First, sign in to your Microsoft Intune account. Then, go to the Devices section and click on Configuration profiles. After that, click the + Create button to start setting up a new policy. You will now see a window called Create Profile. Here, you need to do the following:
- Choose “Windows 10 and later” as the platform.
- Select “Settings catalog” as the profile type.
- Once these are selected, click on the Create button to continue setting up the policy.
| What Are the Policy Options? |
|---|
| Blocks all websites from using Bluetooth. |
| Let’s websites ask the user before connecting to a Bluetooth device. |
| Not configured |
- Enable Fast First Sign In Policy under Authentication in Intune Settings Catalog
- How to Configure Check for Signatures before Running Scan Policy using Intune
- 3 Ways To Configure Microsoft Defender Antivirus Policies For Windows 11 Using Group Policy Intune Policy
Fill the Basic Details
The Basics section is the first step in creating the policy. Here, you need to add some basic details such as the Name, Description, and Platform. The Name field is very important because it helps you quickly identify the policy later from a long list of other policies. You should give it a clear and meaningful name. You can also fill in the Description field to explain the purpose of the policy.
This is helpful for anyone who may manage or review the policy later. The Platform section is already filled in as “Windows 10 and later,” so you don’t need to change anything there. Once you’re done, click Next to move to the next step.
Know about the Configuration Settings
Now you are on the Configuration settings tab, and this is one of the most important steps and should not be skipped. This section is where you define the actual settings for the policy you want to deploy. On this page, look for the “Add settings” hyperlink and click on it.
After clicking, a list of setting categories will appear. Scroll through and select Microsoft Edge from the list. Once selected, expand the Microsoft Edge category, and you will see multiple sub-categories. Look for and click on Content Settings.
- Inside this section, you will find various policies.
- From the list, select the policy called “Control use of the Web Bluetooth API”.
- This is the setting you need to manage how websites use Bluetooth through the Edge browser.
You can Disable the Policy
After selecting the configuration settings, you can now close the Settings picker window. Once it is closed, you will see the selected policy listed on the Configuration settings page. By default, the policy is set to Disabled. If you want to proceed with the current settings or make changes later, simply click Next to continue with the policy creation process.
Enable Policy
If you want to enable this policy, you can easily do that when you move the Pane left to the right, the policy will be enabled and it visible as blue color now. When you enable the policy, it allows 3 policy settings such as (1) Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API. and (2) Allow sites to ask the user to grant access to a nearby Bluetooth device.
What is the Importance of Scope Tags
After completing the Configuration settings tab, you will move on to the Scope tags section. Scope tags are used to assign policies to specific admin groups for better management and filtering. If needed, you can add a scope tag here. However, for this policy, I chose to skip this section.
How to Add Groups
Next, you’ll reach the Assignments section, which is a very important step. This is where you decide which user or device groups should receive the policy. In this case, I selected the specific group I wanted to apply the policy to. After selecting the group, click Next to continue.
The Final Tab- Review+ Create
The final section is the Review + Create tab. In this section, you can see a summary of all the details you have added to the policy. It gives you a complete overview of the configuration, so it’s often called the Summary tab.
If everything looks correct, you can go ahead and click on Create to finish the process. If you notice any mistakes or want to make changes, you can go back to the previous sections and edit them. Once you click Create, you’ll receive a notification confirming that the policy has been successfully created.
Devica and user Check in Status
To view a policy’s status in the Intune portal, go to Devices > Configuration, then select the policy by its name. Check the status to ensure it shows Succeeded 1, indicating successful deployment. To speed up the process, you can perform a manual sync from the Company Portal. If the status does not update immediately, allow a few minutes for the sync to complete before checking again.
How to know Client- Side verification
You can verify the confirmation in the Event Viewer by looking for Event ID 813 or 814. To access this, open Event Viewer and navigate to Applications and Services Logs > Microsoft > Windows >Device Management Enterprise Diagnostic Provider > Admin.
- You can see a list of policy-related events now.
- I found the policy details in the Event ID 814.
Remove the Control use of the Web Bluetooth API Policy Group
If you want to remove a group from a policy, you can do it easily. First, go to the Monitoring status page by navigating through Devices > Configuration. Search for the policy name and click on it. This will take you to the monitoring status of that policy.
Scroll down the page until you see the Assignments section. There, you will find an Edit option. Click on Edit, and you’ll be taken back to the Assignments section. From here, you can remove the group you no longer want the policy to apply to. You can also refer to the screenshot below for better understanding.
For detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
Delete the Policy
To delete a policy in Microsoft Intune, first sign in to the Microsoft Intune Admin Center. Navigate to Devices and then select Configuration profiles. Locate and select the specific policy you want to remove. Once you’re on the policy details page, click the 3 -dot menu (⋯) in the top right corner and choose Delete from the available options.
- A screenshot is provided below to assist you with the process.
For detailed information, you can refer to our previous post – How to Delete Allow Clipboard History Policy in Intune Step by Step Guide.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.