Default browser settings for Secure Browser (WorkPlace Persona policy)

Use the Browser Defaults settings to customize the behavior of Secure Browser on devices.

The following table describes the settings that you can configure for Secure Browser:

Policy setting	Description	Supported devices
Configure browser defaults	Apply WorkPlace Passcode and security settings: The user must enter a passcode on the browser to access secure content. Home page: The default home page for the browser that is defined by the organization. Bookmarks: The bookmark names or URLs that are saved for the browser. Use the following format: Bookmark name: `folder 1/bookmark 2` Bookmark URL: `www.mydomain.com`	iOS, Android, Windows Phone, Windows 10+
Advanced settings	Enable kiosk mode: Certain functions of the browser such as entering URLs and managing bookmarks are disabled. Launch sites in full screen mode: If this setting is enabled, the user cannot enter URLs or manage Android settings in the browser. (iOS, Android)	iOS, Android, Windows Phone App 1.70 to 2.1
	Revert to Home page on inactivity Allowed idle time (in minutes): If an app is inactive for a specific amount of time, the user is redirected to the home page of the browser. The default value is 15 minutes. Clear history: If this setting is enabled, cookies, credentials cache, or browsing history is automatically cleared when the user is redirected to the home page of the browser. This setting is supported for iOS 2.4+ or Android 6.10+.	iOS, Android
	Allow caching: The browser caches web content.	iOS 2.2+, Android 5.75+
	Accept cookies: The browser accepts cookies from sites that the user visits.	iOS, Android
	Enable file downloads: The user can download files from the browser.	Android, Windows Phone, Windows 10+
	Allow all 3rd party cookies: The browser accept cookies from third-party sites.	Android 5.25+
	Enforce SafeSearch in Google: The Google Chrome browser uses SafeSearch mode to filter explicit search results.	Android
	Override user agent: The browser's user agent string that identifies specific browser versions is overwritten by Secure Browser. Android user agent string: The default Android user agent string for the browser. This setting supports the following placeholders: `%deviceid%`, `%user%`, `%domain%`, `%emails%`, `%upn%`, or `%standard%`. This setting is supported for Android Browser 1.40+. iOS user agent string: The default iOS user agent for the browser. This setting supports the following placeholders: `%deviceid%`, `%user%`, `%domain%`, `%emails%`, `%upn%`, or `%standard%`. This setting is supported for iOS Browser 1.70.	iOS, Android
	Allow custom protocol: The browser can launch apps that handle specific protocols. The following custom protocols are always supported by the Secure Browser: `market`, `geo`, `tel`, `mailto`, `ibmscp`, `stmeetings`, `sametime`, or `ibmverse`. Allowed custom protocols: The custom protocols that are allowed in Secure Browser. This setting requires MaaS360 Secure Browser 1.30.	Android Browser 1.30+
	Custom headers for HTTP requests: The administrator can define custom headers for access control. Enable this setting if you are using a reverse proxy in front of the mail server. Encrypt header values: Header values are encrypted on HTTP requests to secure data. The header value is appended with a `##` separator followed by the device timestamp in the GMT format. This value is encrypted with the specified encryption key value. You must provide a HTTP header field name, value (`%deviceid%`, `%username%`, `%domain%`, `%email%`, or `%upn%`), and whether the site must use the MaaS360 enterprise gateway.	iOS, Android
	Disable remember form data: The autofill feature is disabled in the browser.	Android 6.10+
	Enable certificate-based authentication for web pages: The browser requires the user to authenticate with an identity certificate to access websites. Identity certificate for browser authentication: The identity certificate that is used for browser authentication. MaaS360 caches the identity certificate and presents this certificate to the website. This setting is supported fro iOS 2.6+ or Android 6.40+.	Android
Application timers	Data collection frequency: This timer is used by the agent to collect browser data locally on the device. The default value is 12 hours.	iOS, Android, Windows Phone App 3.0+
	Visited site upload frequency: This timer is used by the agent to track data uploads from websites. The default value is 12 hours.	iOS, Android, Windows Phone App 3.0+
	Data group frequency: This timer is used by the agent to collect data about URLs or domains that are visited frequently by the device. The default value is 12 hours.	iOS, Android
	Heartbeat frequency: This timer is used by the agent to periodically check in with the MaaS360 Portal for policy updates. The default value is 12 hours.	iOS, Android