Block access to consumer accounts

The AllowedDomainsForApps policy prevents users from signing into Google services using any accounts other than the accounts you provided them with. Reasons for blocking access are to prevent users on your corporate network using their personal Gmail accounts, or accessing a managed Google account from another domain.

Users might see the following message when you block access to consumer accounts: "This account is not allowed to sign in within this network".


This article applies to Microsoft Edge Stable version 104 or later.

What does this policy do?

This policy causes the X-GoogApps-Allowed-Domains: header to be appended to all HTTP and HTTPS requests to all domains. This header is followed by a comma-separated list with the allowed domain names.

Example: X-GoogApps-Allowed-Domains:,


Microsoft Edge, which is built on Chromium, is inheriting this upstream policy from the Chromium open source project.

Configure policy settings

To learn how to configure Microsoft Edge policy settings in Intune, see Configure Microsoft Edge policy settings with Microsoft Intune.

Content license


Portions of this page are modifications based on work created and shared by and used according to terms described in the Creative Commons Attribution 4.0 International License. The original page can be found here.

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.