Microsoft Edge – Sidebar

A while back I created a post where we had a look at how to create a white list to allow Microsoft Edge extensions. As most extensions involve some kind of risk it is important to take control to make sure we help our users work as safe as possible.

In this post we are going to dig into how the new sidebar works and how to use Intune to manage it.

In my opinion the sidebar adds a completely new experience to Edge and I find myself using it more and more.

So, what is the new sidebar then?

Starting with version 104.0.1293.63 Edge includes a sidebar, which provides easy access to Outlook, M365 and other extensions to make it easier for us to multitask. As admins we have some cool ways to configure and customize the sidebar by using Intune (it is possible to use GPOs, should we need to).

To me, the main idea of the sidebar is about not having to navigate between different tabs, or even apps on your computer to stay as productive as possible.

Personally I like to open the Intune portal in a tab and have the Azure portal on the sidebar. This allows to me stay in one tab and not waste time jumping between tabs etc… I really like that the sidebar stays the same and doesn’t change, should I need to jump between tabs.

What if we decide not to customize the sidebar?

Remember the extensions/addons to Google Chrome, allowing users to sync company passwords to unmanaged devices etc etc…? Well, this could happen with Microsoft Edge as well, if we are not careful.. To me, Microsoft Edge is considered a managed browser and we should do what we can to help our users work as safe and productive as possible.
Creating a block list to block all extensions is my recommendation, because, we can always allow the extensions we need (white list).
By doing so, we help our users work safer and any necessary extensions will be allowed in a controlled way, makes sense – right?

Let’s rock enroll!

Let’s have a look at the experience when the sidebar is unmanaged.

We can hide/show the sidebar by:

  1. Open: Microsoft Edge
  2. Click: the elipsis (three dots) up to the right, next to your profile
  3. Click: Hide or Show the sidebar


    Here it is shown:

At first glance I do not like the sidebar at all. To me the look and feel is too much “home computer”-like and I immediately get the feeling that it requires some tweaking.

Customize the sidebar: Extension_ID

OK, so now that we know what the out of the box experience is like, let’s have a look at our customization options.

We will start off by looking at the sidebar internals JSON file which includes a manifest for all sidebar apps, including the Extension_ID parameter for each app. We need the Extension_ID to specify the extensions we want to add to our white list.

❗Please note that sidebar Extension_ID and Edge addon Extension_ID is not the same thing.
Outlook will actually have one sidebar extension_id and one (completely different) addon extension_id, same goes for the other apps. Edge addons are usually found in the ribbon.
💡To complicate it further both the sidebar and addon extensions are configured by the same policy.

Outlook sidebar extension_idkfihiegbjaloebkmglnjnljoljgkkchm
Outlook addon extension_idkkpalkknhlklpbflpcpkepmmbnmfailf
Sidebar and addons do not share same extension_id
  1. Open: Microsoft Edge
  2. Navigate to: edge://sidebar-internals
  3. Click: Export to JSON
  4. Optional: Open the JSON file in VS Code (or editor of your choice). I like to do that for read-ability
  5. OK, so now (in the JSON file) we want to search for Extension_ID to find the ID of the extensions we want to approve. I have created a list with the existing Extension_IDs (as per 2023-02-14).

    For your convenience! 🙂
Searchjbleckejnaboogigodiafflhkajdmpcl
Discovernkbndigcebkoaejohleckhekfmcecfja
Shoppingehlmnljdoejdahfjdfobmpfancoibmig
Toolboxcjneempfhkonkkbcmnfdibgobmhbagaj
Gamesgbmoeijgfngecijpcnbooedokgafmmji
Microsoft 365gecfnmoodchdkebjjffmdcmeghkflpib
Outlookkfihiegbjaloebkmglnjnljoljgkkchm
Deezergekagaaiohabmaknhkbaofhhedhelemf
Apple Musickjncpkplfnolibapodobnnjfgmjmiaba
Spotifybhmhibnbialendcafinliemndanacfaj
Amazon Musickmojgmpmopiiagdfbilgognmlegkonbk
Yandex Musiceijpepilkjkofamihbmjcnihgpbebafj
Facebook Messengerkhffkadolmfbdgahbabbhipadklfmhgf
Instagramceaifoolopnigfpidlheoagpheiplgii
WhatsApphloomjjkinpbjldhobfkfdamkmikjmdo
Gmailolmhchkiafniffcaiciiomfdplnmklak
Youtubehmlhageoffiiefnmojcgoagebofoifpl
All available Extensions_IDs as per 2023-02-14

Update 2023-05-11: To enable search, both “Search” and “Discover” extension IDs must be allowed. I recommend to have these IDs on the force install list.
⭐ Thank you Craig Orth for getting this to my attention!

Customize the sidebar: Intune configuration profile

OK, so now we know about the extension_id, but how do we use them?

In this next part we will have a look at how to use Intune to customize the Edge sidebar with a configuration profile.

I will allow the following: Outlook, Spotify and Microsoft 365 and block everything else.

  1. Open: https://endpoint.microsoft.com
  2. Click: Devices -> Configuration Profiles
  3. Click: +Create profile
  4. Platform: Windows 10 and later
  5. Profile type: Settings catalog
  6. Click: Create
  7. Name: W10/11 – Microsoft Edge – Sidebar and extensions (or a name of your choice)
  8. Click: Next
  9. Click: +Add settings
  10. Optional: Find: Microsoft Edge -> Click: Show hubs sidebar to add that setting
    This one will make sure that the sidebar is always enabled. ❗Users will be unable to hide it.
  11. Change to: Enabled
  12. Click: Extensions
  13. Click: Control which extensions cannot be installed, to add the setting
    • Click: Enable
      • Add: (*) to block all extensions
  14. Click: Control which extensions are installed silently, to add the setting
    • Click: Enabled
      • Add: The extension_ids of the extensions you want to install silently
  15. Click: Allow specific extensions to be installed, to add the setting
    • Click: Enabled
      • Add: The extension_ids of the extensions you want to allow (white list)
  16. 📷Printscreen as reference, I put Outlook, Spotify and Microsoft 365 on the white- and silently install list.
    Note that you can put an extension_id on the white list without having it silently installed. This will allow the user to add it manually, should he/she want to.
  17. Click: Next, twice
  18. Assign: as per your preference

Customize the sidebar: End result (extensions)

OK, so now we have:

  • Blocked all extensions
  • Created a white list
  • Silently installed Outlook, Spotify and Microsoft 365

Let’s have a look at the end result:

✅That looks just as the way we wanted it, right?

Customize the sidebar: Add a site

OK, so now that we know how to manage extensions, what about sites?

Personally, I enjoy adding sites to the sidebar. I use the Intune portal in a tab and the Azure portal on the sidebar (as I mentioned earlier).
Let’s have a look at how to do that, just to get the idea of what it can be used for.

  1. Open: https://portal.azure.com
  2. On the sidebar: Click: +
  3. Click: +Add current page
  4. Now close the Azure portal tab in Edge
  5. Open: https://endpoint.microsoft.com
  6. On the sidebar: Click the Azure portal icon and watch the magic happen. This is totally useful!!! Number one (1) is my Intune portal and number two (2) is my Azure portal, they are basically merged together 😍
    Notice that the sidebar will remain even when I change tabs
  7. A minor gottcha: it is not possible to add edge:// sites to the sidebar. It will be greyed out.
    💡We might see this if we click the settings button ⚙️and then on Customize sidebar.

Customize the sidebar: Pop the hood

Let’s pop the hood and see what happens to the local device when the policy hits.
📝This is useful when we need to troubleshoot. If you have worked with Edge addons and extensions you will notice that these are the same keys being used 💡

  1. Open: Regedit
  2. Navigate: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge
  3. Notice that we have three new keys:
    • ExtensionInstallAllowList
      • Our white list. This is where we will find all approved extensions
    • ExtensionInstallBlockList
      • Our block list. Will be an asterix (*) when we block all extensions
    • ExtensionInstallForceList
      • Our silently install list

That’s it for this one! I hope that you will enjoy the sidebar just as much as I do!

6 thoughts on “Microsoft Edge – Sidebar

  1. Thanks for the detailed blog on Sidebar.
    I reached here while searching last two days for a peculiar issue. Hope you can help me. I’ve already searched many hours over the internet and Microsoft documentation.

    Had I reached your blog earlier, I would have saved many hours of reading in different places as you have given all of that together with nice screenshots all in one page. Thanks again.

    There is an app E-Tree in sidebar that gives water points. It’s not a productive app but fun and engaging. Two days back after windows update it disappeared from sidebar.
    I tried uninstalling the update. then I tried resetting edge. I even tried repair and uninstall (through cmd) but could not get E-Tree back.
    On my laptop which has same windows 10 version with same updates and has same edge version is showing E-Tree happily. I’m logged in both devices with same Microsoft account.

    Then I tried to delve deeper and found about sidebar-internals and extension_id.
    Funnily this app is there in sidebar-internals but no extension_id – because it’s not loaded. It is visible in augmented tab of sidebar-internals.
    On laptop its loaded and has proper extension_id.

    What do you propose as the next possible step to try for hopefully resolving this?

    1. Hi, thanks for reaching out!

      – Are you using Intune or GPO to manage either of the devices?
      – Compare the regkeys found here: Regedit -> Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge do you find anything that stands out?

      //Nicklas

    1. Hi Craig,

      Thank you for getting this to my attention! I have updated the post now.

      Best regards

      //Nicklas

  2. Great write up! Just wondering if there is a way to deploy websites to Intune device? Or even deploy the sidebar JSON, just an option we are trying to explore and would be super handy!

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.