Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Enable origin-keyed process isolation for improved security
Supported versions
- On Windows and macOS since 141 or later
Description
This policy enables origin-keyed process isolation for most pages, which improves security by separating content from different origins into distinct processes. This may increase the number of processes created. Users can override this setting by using command-line flags or edge://flags to turn the feature on or off.
If you enable this policy, most origins will be isolated, even from other origins within the same site. For related configuration, see the IsolateOrigins and SitePerProcess policies.
If you disable this policy, origins will not be isolated from the rest of their site unless the origin explicitly requests isolation.
If you don’t configure this policy, the browser will decide which origins to isolate and when. By default, this feature is disabled. The default state may change in the future.
Supported features
- Can be mandatory: No
- Can be recommended: Yes
- Dynamic Policy Refresh: No - Requires browser restart
- Per Profile: No
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- Boolean
Windows information and settings
Group Policy (ADMX) info
- GP unique name: OriginKeyedProcessesEnabled
- GP name: Enable origin-keyed process isolation for improved security
- GP path (Mandatory): N/A
- GP path (Recommended): Administrative Templates/Microsoft Edge - Default Settings (users can override)
- GP ADMX file name: MSEdge.admx
Example value
Enabled
Registry settings
- Path (Mandatory): N/A
- Path (Recommended): SOFTWARE\Policies\Microsoft\Edge\Recommended
- Value name: OriginKeyedProcessesEnabled
- Value type: REG_DWORD
Example registry value
0x00000001
Mac information and settings
- Preference Key name: OriginKeyedProcessesEnabled
- Example value:
<true/>