Services
Summary
Microsoft Purview Endpoint Data Loss Prevention will now support app or app group restrictions in the Microsoft Edge browser. This feature, rolling out from April to July 2025, allows admins to block apps or app groups in Edge and show policy violation details. Admins should update policies and notify users.
Details
Updated April 25, 2025: We have updated the timeline below. Thank you for your patience.
Before this rollout, Microsoft Purview | Endpoint Data Loss Prevention admins cannot restrict Microsoft Edge browser access to sensitive files through Restricted apps and app groups. After this rollout, admins can configure apps or app groups to be blocked in Edge, including a message showing policy violation details.
When this will happen:
Public Preview: We began rolling out early April) and expect to complete by early April 2025.
General Availability (Worldwide): We began rolling out early July 2025 (previously early April and expect to complete by late July 2025 (previously early April).
How this will affect your organization:
Purview admins should be aware that these groups are now enforceable in Edge and that non-Edge supported browsers will suggest opening the link in Edge if blocked.
Purview admins can configure groups in Purview at Data Loss Prevention > Endpoint DLP settings > Restricted apps and app groups that are extensible to the Edge browser.
Users will see a DLP notice when an app or app group attempts to open a protected file.
This change will be available by default for admins to configure.
What you need to do to prepare:
Identify policies that could be impacted, modify, and help test the new protected Edge experience.
This rollout will happen automatically by the specified dates with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation.
Learn more: The Edge support for apps and app groups (preview) section of Configure endpoint DLP settings | Microsoft Learn