Group Policy Follow
Note: Policy management is generally intended for IT/Network admins who use on-site tools to set browser policies on corporate-managed computers.
You can use Windows Group Policy (or your preferred configuration tool) in conjunction with Brave’s Policy templates to easily install, update and enforce both Device-level and/or OS-level policies.
Windows
For Windows users, there are ADM and ADMX policy templates. You will need to verify which type of template you can use on your network. These templates show which registry keys can be set to configure Brave and what values are accepted. Once set, Brave will use these values to determine how to behave.
Download Brave policy templates:
Brave’s policy templates are supplied in the file policy_templates.zip. The .adm and .admx templates lie in windows\adm\ and windows\admx\ in that archive, respectively. You can for example use them by opening Windows Local Group Policy Editor, right-clicking on “Computer Configuration\Administrative Templates”, clicking “Add/Remove Templates” and “Add”, and then selecting windows\adm\en-US\brave.adm from the Zip file. Once you have done this, Administrative Templates\Classic Administrative Templates (ADM) should show a new folder called “Brave”:
Navigate through this folder to see Brave’s various settings.
The Zip file also contains an example file, windows\examples\brave.reg, for changing settings via the Windows registry.
macOS
If you are on macOS, policy for Brave is stored in
~/Library/Preferences/com.brave.browser.plist/
You can make edits to this file by editing the file itself (note that this will require using software that allows you to edit these files, such as Xcode). You may also make edits to the .plist
file from the macOS Terminal using the following command:
defaults write com.brave.Browser -[policy name] [value]
For example, if you want to disable Private browsing windows in Brave, you would run the following command:
defaults write com.brave.Browser IncognitoModeAvailability -integer 1
If the value has an array - like our new BraveShieldsDisabledForUrls value, it will be in the format shown below.
defaults write com.brave.Browser BraveShieldsEnabledForUrls -array "https://twitter.com" "https://www.example.com"
The bundle identifier for Release channel is com.brave.browser. If you’re using Beta or Nightly, this will be different (com.brave.Browser.beta or com.brave.Browser.nightly respectively).
Linux
Linux policy for Brave is stored under
/etc/brave/policies/managed/
Note that this directory may not exist after installing Brave. However, you can create this directory using:
mkdir -p /etc/brave/policies/managed/
Once this directory is created, you can drop a file in JSON format into that directory which has the group policies in name/key format, which the browser will then read automatically. The format for policies in the JSON file will be:
{
"[policy name]": [value]
}
For example, if you want to disable Private browsing windows in Brave, you could have the following in a JSON file called “GroupPolicy.json”:
{
"IncognitoModeAvailability": 1
}
If the value has an array - like our new BraveShieldsDisabledForUrls value, it will be in the format shown below. In this example, we have edited our “GroupPolicy.json” file to disable Private window functionality, and disable Brave Shields for a specific list of sites (this is the “array”)
{
"IncognitoModeAvailability": 1,
"BraveShieldsDisabledForUrls": [
"https://twitter.com",
"https://www.example.com"
]
}
Available group policy settings
All of the policies offered by Chromium are available in Brave. To view the exact names and documentation for them, you can visit brave://policy/
and then check the box Show policies with no value set
.
This will show all of the items AND have a link to documentation that you can click. Alternatively, you can review policies offered in Chromium by visiting their Enterprise Policy List and Management documentation. Additionally, the brave://policy
page is a great place to see what policies are in effect, so you know that they are being enforced.
Brave Specific Policy Settings
Some policy settings are not yet implemented in the templates. You will need to set these via the registry:
DWORD | Accepted Values | Effect |
TorDisabled | 0 (default), 1 |
0 = Tor enabled 1 = Tor disabled |
IPFSEnabled | 0, 1 (default) |
0 = Disabled 1 = Enabled |
BraveRewardsDisabled | 0 (default), 1 |
0 = Enabled 1 = Disabled |
BraveWalletDisabled | 0 (default), 1 |
0 = Enabled 1 = Disabled |
BraveShieldsDisabledForUrls | Array of URLs as a string |
Array of websites (each as a string) for which you want to enable Brave shields. Once enabled, the user can’t override and disable. Wildcards are not supported. The way the array is represented is dependent on the platform you're using [see examples above] |
BraveShieldsEnabledForUrls | Array of URLs as a string |
Array of websites (each as a string) for which you want to enable Brave shields. Once enabled, the user can’t override and disable. Wildcards are not supported. The way the array is represented is dependent on the platform you're using [see examples above] |
BraveVPNDisabled | 0 (default), 1 |
0 = Enabled 1 = Disabled |
BraveAIChatEnabled | 0(default, 1 |
0 = Disabled 1 = Enabled |
Similarly, we unfortunately do not yet have templates for Brave’s update settings. However, you can customize them similarly to Chrome. Please see Chrome’s documentation. There, you need to edit any .reg, .adm and .admx files with a text editor to replace Software\Policies\Google\Chrome by Software\Policies\BraveSoftware\Brave.