+Policies can be specified using the Group Policy templates on Windows (https://github.com/mozilla/policy-templates/tree/master/windows), configuration profiles on macOS (https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`. On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
+
+| Policy Name | Description
+| --- | --- |
+| **[`AppAutoUpdate`](#appautoupdate)** | Enable or disable automatic application update.
+| **[`AppUpdateURL`](#appupdateurl)** | Change the URL for application update.
+| **[`Authentication`](#authentication)** | Configure sites that support integrated authentication.
+| **[`BlockAboutAddons`](#blockaboutaddons)** | Block access to the Add-ons Manager (about:addons).
+| **[`BlockAboutConfig`](#blockaboutconfig)** | Block access to about:config.
+| **[`BlockAboutProfiles`](#blockaboutprofiles)** | Block access to About Profiles (about:profiles).
+| **[`BlockAboutSupport`](#blockaboutsupport)** | Block access to Troubleshooting Information (about:support).
+| **[`Bookmarks`](#bookmarks)** | Add bookmarks in either the bookmarks toolbar or menu.
+| **[`CaptivePortal`](#captiveportal)** | Enable or disable the detection of captive portals.
+| **[`Certificates`](#certificates)** |
+| **[`Certificates -> ImportEnterpriseRoots`](#certificates--importenterpriseroots)** | Trust certificates that have been added to the operating system certificate store by a user or administrator.
+| **[`Certificates -> Install`](#certificates--install)** | Install certificates into the Firefox certificate store.
+| **[`Cookies`](#cookies)** | Configure cookie preferences.
+| **[`DisableSetDesktopBackground`](#disablesetdesktopbackground)** | Remove the "Set As Desktop Background..." menuitem when right clicking on an image.
+| **[`DisableMasterPasswordCreation`](#disablemasterpasswordcreation)** | Remove the master password functionality.
+| **[`DisableAppUpdate`](#disableappupdate)** | Turn off application updates.
+| **[`DisableBuiltinPDFViewer`](#disablebuiltinpdfviewer)** | Disable the built in PDF viewer.
+| **[`DisableDefaultBrowserAgent`](#disabledefaultbrowseragent)** | Prevent the default browser agent from taking any actions (Windows only).
+| **[`DisableDeveloperTools`](#disabledevelopertools)** | Remove access to all developer tools.
+| **[`DisableFeedbackCommands`](#disablefeedbackcommands)** | Disable the menus for reporting sites.
+| **[`DisableFirefoxScreenshots`](#disablefirefoxscreenshots)** | Remove access to Firefox Screenshots.
+| **[`DisableFirefoxAccounts`](#disablefirefoxaccounts)** | Disable Firefox Accounts integration (Sync).
+| **[`DisableFirefoxStudies`](#disablefirefoxstudies)** | Disable Firefox studies (Shield).
+| **[`DisableForgetButton`](#disableforgetbutton)** | Disable the "Forget" button.
+| **[`DisableFormHistory`](#disableformhistory)** | Turn off saving information on web forms and the search bar.
+| **[`DisablePocket`](#disablepocket)** | Remove Pocket in the Firefox UI.
+| **[`DisablePrivateBrowsing`](#disableprivatebrowsing)** | Remove access to private browsing.
+| **[`DisablePasswordReveal`](#disablepasswordreveal)** | Do not allow passwords to be revealed in saved logins.
+| **[`DisableProfileImport`](#disableprofileimport)** | Disables the "Import data from another browser" option in the bookmarks window.
+| **[`DisableProfileRefresh`](#disableprofilerefresh)** | Disable the Refresh Firefox button on about:support and support.mozilla.org
+| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode within the browser.
+| **[`DisableSecurityBypass`](#disablesecuritybypass)** | Prevent the user from bypassing security in certain cases.
+| **[`DisableSystemAddonUpdate`](#disablesystemaddonupdate)** | Prevent system add-ons from being installed or update.
+| **[`DisableTelemetry`](#disabletelemetry)** | DisableTelemetry
+| **[`DisplayBookmarksToolbar`](#displaybookmarkstoolbar)** | Set the initial state of the bookmarks toolbar.
+| **[`DisplayMenuBar (Deprecated)`](#displaymenubar-deprecated)** | Set the initial state of the menubar.
+| **[`DisplayMenuBar`](#displaymenubar)** | Set the state of the menubar.
+| **[`DNSOverHTTPS`](#dnsoverhttps)** | Configure DNS over HTTPS.
+| **[`DontCheckDefaultBrowser`](#dontcheckdefaultbrowser)** | Don't check if Firefox is the default browser at startup.
+| **[`DefaultDownloadDirectory`](#defaultdownloaddirectory)** | Set the default download directory.
+| **[`DownloadDirectory`](#downloaddirectory)** | Set and lock the download directory.
+| **[`EnableTrackingProtection`](#enabletrackingprotection)** | Configure tracking protection.
+| **[`EnterprisePoliciesEnabled`](#enterprisepoliciesenabled)** | Enable policy support on macOS.
+| **[`Extensions`](#extensions)** | Control the installation, uninstallation and locking of extensions.
+| **[`ExtensionSettings`](#extensionsettings)** | Manage all aspects of extensions.
+| **[`ExtensionUpdate`](#extensionupdate)** | Control extension updates.
+| **[`FlashPlugin`](#flashplugin)** | Configure the default Flash plugin policy as well as origins for which Flash is allowed.
+| **[`FirefoxHome`](#firefoxhome)** | Customize the Firefox Home page.
+| **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
+| **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
+| **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
+| **[`LegacyProfiles`](#legacyprofiles)** | Disable the feature enforcing a separate profile for each installation.
+| **[`LocalFileLinks`](#localfilelinks)** | Enable linking to local files by origin.
+| **[`NetworkPrediction`](#networkprediction)** | Enable or disable network prediction (DNS prefetching).
+| **[`NewTabPage`](#newtabpage)** | Enable or disable the New Tab page.
+| **[`NoDefaultBookmarks`](#nodefaultbookmarks)** | Disable the creation of default bookmarks.
+| **[`OfferToSaveLogins`](#offertosavelogins)** | Control whether or not Firefox offers to save passwords.
+| **[`OfferToSaveLoginsDefault`](#offertosaveloginsdefault)** | Set the default value for whether or not Firefox offers to save passwords.
+| **[`OverrideFirstRunPage`](#overridefirstrunpage)** | Override the first run page.
+| **[`OverridePostUpdatePage`](#overridepostupdatepage)** | Override the upgrade page.
+| **[`PasswordManagerEnabled`](#passwordmanagerenabled)** | Remove (some) access to the password manager.
+| **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
+| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
+| **[`Preferences`](#preferences)** | Set and lock some preferences.
+| **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading.
+| **[`Proxy`](#proxy)** | Configure proxy settings.
+| **[`RequestedLocales`](#requestedlocales)** | Set the the list of requested locales for the application in order of preference.
+| **[`SanitizeOnShutdown` (All)](#sanitizeonshutdown-all)** | Clear all data on shutdown.
+| **[`SanitizeOnShutdown` (Selective)](#sanitizeonshutdown-selective)** | Clear data on shutdown.
+| **[`SearchBar`](#searchbar)** | Set whether or not search bar is displayed.
+| **[`SearchEngines`](#searchengines-this-policy-is-only-available-on-the-esr)** |
+| **[`SearchEngines -> Default`](#searchengines--default)** | Set the default search engine.
+| **[`SearchEngines -> PreventInstalls`](#searchengines--preventinstalls)** | Prevent installing search engines from webpages.
+| **[`SearchEngines -> Remove`](#searchengines--remove)** | Hide built-in search engines.
+| **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines.
+| **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules.
+| **[`SearchSuggestEnabled`](#searchsuggestenabled)** | Enable search suggestions.
+| **[`SSLVersionMax`](#sslversionmax)** | Set and lock the maximum version of TLS.
+| **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
+| **[`SupportMenu`](#supportmenu)** | Add a menuitem to the help menu for specifying support information.
+| **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user.
+| **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
+
+### AppAutoUpdate
+
+Enable or disable **automatic** application update.
+
+If set to true, application updates are installed without user approval.
+
+If set to false, application updates are downloaded but the user can choose when to install the update.
+
+If you have disabled updates via DisableAppUpdate, this policy has no effect.
+
+**Compatibility:** Firefox 75, Firefox ESR 68.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** app.update.auto
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\AppAutoUpdate = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppAutoUpdate
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>AppAutoUpdate</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "AppAutoUpdate": true | false
+ }
+}
+```
+### AppUpdateURL
+
+Change the URL for application update.
+
+**Compatibility:** Firefox 62, Firefox ESR 60.2\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `app.update.url`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\AppUpdateURL = "https://yoursite.com"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AppUpdateURL
+```
+Value (string):
+```
+<enabled/>
+<data id="AppUpdateURL" value="https://yoursite.com"/>
+```
+#### macOS
+```
+<dict>
+ <key>AppUpdateURL</key>
+ <string>https://yoursite.com</string>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "AppUpdateURL": "https://yoursite.com"
+ }
+}
+```
+### Authentication
+
+Configure sites that support integrated authentication.
+
+See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication for more information.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (AllowNonFQDN added in 62/60.2, AllowProxies added in 70/68.2, Locked added in 71/68.3)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.negotiate-auth.trusted-uris`,`network.negotiate-auth.delegation-uris`,`network.automatic-ntlm-auth.trusted-uris`,`network.automatic-ntlm-auth.allow-non-fqdn`,`network.negotiate-auth.allow-non-fqdn`,`network.automatic-ntlm-auth.allow-proxies`,`network.negotiate-auth.allow-proxies`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Authentication\SPNEGO\1 = "mydomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\SPNEGO\2 = "https://myotherdomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\Delegated\1 = "mydomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\Delegated\2 = "https://myotherdomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\NTLM\1 = "mydomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\NTLM\2 = "https://myotherdomain.com"
+Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\SPNEGO = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\NTLM = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\SPNEGO = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\NTLM = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_SPNEGO
+```
+Value (string):
+```
+<enabled/>
+
+<data id="Authentication" value="1mydomain2https://myotherdomain.com"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_Delegated
+```
+Value (string):
+```
+<enabled/>
+
+<data id="Authentication" value="1mydomain2https://myotherdomain.com"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_NTLM
+```
+Value (string):
+```
+<enabled/>
+
+<data id="Authentication" value="1mydomain2https://myotherdomain.com"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Authentication/Authentication_AllowNonFQDN
+```
+Value (string):
+```
+<enabled/>
+
+<data id="Authentication_AllowNonFQDN_NTLM" value="true | false"/>
+<data id="Authentication_AllowNonFQDN_SPNEGO" value="true | false"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageStartPage
+```
+Value (string):
+```
+<enabled/>
+
+<data id="StartPage" value="none | homepage | previous-session"/>
+```
+#### macOS
+```
+<dict>
+ <key>Authentication</key>
+ <dict>
+ <key>SPNEGO</key>
+ <array>
+ <string>mydomain.com</string>
+ <string>https://myotherdomain.com</string>
+ </array>
+ <key>Delegated</key>
+ <array>
+ <string>mydomain.com</string>
+ <string>https://myotherdomain.com</string>
+ </array>
+ <key>NTLM</key>
+ <array>
+ <string>mydomain.com</string>
+ <string>https://myotherdomain.com</string>
+ </array>
+ <key>AllowNonFQDN</key>
+ <dict>
+ <key>SPNEGO</key>
+ <true/> | <false/>
+ <key>NTLM</key>
+ <true/> | <false/>
+ </dict>
+ <key>AllowProxies</key>
+ <dict>
+ <key>SPNEGO</key>
+ <true/> | <false/>
+ <key>NTLM</key>
+ <true/> | <false/>
+ </dict>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Authentication": {
+ "SPNEGO": ["mydomain.com", "https://myotherdomain.com"],
+ "Delegated": ["mydomain.com", "https://myotherdomain.com"],
+ "NTLM": ["mydomain.com", "https://myotherdomain.com"],
+ "AllowNonFQDN": {
+ "SPNEGO": true | false,
+ "NTLM": true | false
+ },
+ "AllowProxies": {
+ "SPNEGO": true | false,
+ "NTLM": true | false
+ },
+ "Locked": true | false
+ }
+ }
+}
+```
+### BlockAboutAddons
+
+Block access to the Add-ons Manager (about:addons).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableAddonsManager`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\BlockAboutAddons = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutAddons
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>BlockAboutAddons</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "BlockAboutAddons": true | false
+ }
+}
+```
+### BlockAboutConfig
+
+Block access to about:config.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableAboutConfig`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\BlockAboutConfig = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutConfig
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>BlockAboutConfig</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "BlockAboutConfig": true | false
+ }
+}
+```
+### BlockAboutProfiles
+
+Block access to About Profiles (about:profiles).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableAboutProfiles`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\BlockAboutProfiles = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutProfiles
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>BlockAboutProfiles</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "BlockAboutProfiles": true | false
+ }
+}
+```
+### BlockAboutSupport
+
+Block access to Troubleshooting Information (about:support).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableAboutSupport`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\BlockAboutSupport = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BlockAboutSupport
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>BlockAboutSupport</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "BlockAboutSupport": true | false
+ }
+}
+```
+### Bookmarks
+
+Add bookmarks in either the bookmarks toolbar or menu. Only `Title` and `URL` are required. If `Placement` is not specified, the bookmark will be placed on the toolbar. If `Folder` is specified, it is automatically created and bookmarks with the same folder name are grouped together.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `bookmarks.toolbar`,`bookmarks.menu`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Bookmarks\1\Title = "Example"
+Software\Policies\Mozilla\Firefox\Bookmarks\1\URL = "https://example.com"
+Software\Policies\Mozilla\Firefox\Bookmarks\1\Favicon = "https://example.com/favicon.ico"
+Software\Policies\Mozilla\Firefox\Bookmarks\1\Placement = "toolbar" | "menu"
+Software\Policies\Mozilla\Firefox\Bookmarks\1\Folder = "FolderName"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Bookmarks/Bookmark01
+```
+Value (string):
+```
+<enabled/>
+<data id="BookmarkTitle" value="Example"/>
+<data id="BookmarkURL" value="https://example.com"/>
+<data id="BookmarkFavicon" value="https://example.com/favicon.ico"/>
+<data id="BookmarkPlacement" value="toolbar | menu"/>
+<data id="BookmarkFolder" value="FolderName"/>
+```
+#### macOS
+```
+<dict>
+ <key>Bookmarks</key>
+ <array>
+ <dict>
+ <key>Title</key>
+ <string>Example</string>
+ <key>URL</key>
+ <string>https://example.com</string>
+ <key>Favicon</key>
+ <string>https://example.com/favicon.ico</string>
+ <key>Placement</key>
+ <string>toolbar | menu</string>
+ <key>Folder</key>
+ <string>FolderName</string>
+ </dict>
+ </array>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Bookmarks": [
+ {
+ "Title": "Example",
+ "URL": "https://example.com",
+ "Favicon": "https://example.com/favicon.ico",
+ "Placement": "toolbar" | "menu",
+ "Folder": "FolderName"
+ }
+ ]
+ }
+}
+```
+### CaptivePortal
+Enable or disable the detection of captive portals.
+
+**Compatibility:** Firefox 67, Firefox ESR 60.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.captive-portal-service.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\CaptivePortal = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/CaptivePortal
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>CaptivePortal</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "CaptivePortal": true | false
+ }
+}
+```
+### Certificates
+
+### Certificates | ImportEnterpriseRoots
+
+Trust certificates that have been added to the operating system certificate store by a user or administrator.
+
+See https://support.mozilla.org/kb/setting-certificate-authorities-firefox for more detail.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (macOS support in Firefox 63, Firefox ESR 68)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `security.enterprise_roots.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Certificates\ImportEnterpriseRoots = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Certificates/Certificates_ImportEnterpriseRoots
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>Certificates</key>
+ <dict>
+ <key>ImportEnterpriseRoots</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Certificates": {
+ "ImportEnterpriseRoots": true | false
+ }
+ }
+}
+```
+### Certificates | Install
+
+Install certificates into the Firefox certificate store. If only a filename is specified, Firefox searches for the file in the following locations:
+
+- Windows
+ - %USERPROFILE%\AppData\Local\Mozilla\Certificates
+ - %USERPROFILE%\AppData\Roaming\Mozilla\Certificates
+- macOS
+ - /Library/Application Support/Mozilla/Certificates
+ - ~/Library/Application Support/Mozilla/Certificates
+- Linux
+ - /usr/lib/mozilla/certificates
+ - /usr/lib64/mozilla/certificates
+ - ~/.mozilla/certificates
+
+Starting with Firefox 65, Firefox 60.5 ESR, a fully qualified path can be used, including UNC paths. You should use the native path style for your operating system. We do not support using %USERPROFILE% or other environment variables on Windows.
+
+If you are specifying the path in the policies.json file on Windows, you need to escape your backslashes (`\\`) which means that for UNC paths, you need to escape both (`\\\\`). If you use group policy, you only need one backslash.
+
+Certificates are installed using the trust string `CT,CT,`.
+
+Binary (DER) and ASCII (PEM) certificates are both supported.
+
+**Compatibility:** Firefox 64, Firefox ESR 64\
+**CCK2 Equivalent:** `certs.ca`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Certificates\Install\1 = "cert1.der"
+Software\Policies\Mozilla\Firefox\Certificates\Install\2 = "C:\Users\username\cert2.pem"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Certificates/Certificates_Install
+```
+Value (string):
+```
+<enabled/>
+<data id="Certificates_Install" value="1cert1.der2C:\Users\username\cert2.pem"/>
+```
+#### macOS
+```
+<dict>
+ <key>Certificates</key>
+ <dict>
+ <key>Install</key>
+ <array>
+ <string>cert1.der</string>
+ <string>/Users/username/cert2.pem</string>
+ </array>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Certificates": {
+ "Install": ["cert1.der", "/home/username/cert2.pem"]
+ }
+ }
+}
+```
+### Cookies
+Configure cookie preferences.
+
+`Allow` is a list of origins (not domains) where cookies are always allowed. You must include http or https.
+
+`Block` is a list of origins (not domains) where cookies are always blocked. You must include http or https.
+
+`Default` determines whether cookies are accepted at all.
+
+`AcceptThirdParty` determines how third-party cookies are handled.
+
+`ExpireAtSessionEnd` determines when cookies expire.
+
+`RejectTracker` only rejects cookies for trackers.
+
+`Locked` prevents the user from changing cookie preferences.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (RejectTracker was added in Firefox 63)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.cookie.cookieBehavior`,`network.cookie.lifetimePolicy`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Cookies\Allow\1 = "https://example.com"
+Software\Policies\Mozilla\Firefox\Cookies\Block\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Cookies\Default = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" | "from-visited"
+Software\Policies\Mozilla\Firefox\Cookies\ExpireAtSessionEnd = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Cookies\RejectTracker = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Cookies\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Cookies_Allow" value="1https://example.com"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Block
+```
+Value (string):
+```
+<enabled/>
+<data id="Cookies_Block" value="1https://example.org"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Default
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_AcceptThirdParty
+```
+Value (string):
+```
+<enabled/>
+<data id="Cookies_AcceptThirdParty" value="always | never | from-visited"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_ExpireAtSessionEnd
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_RejectTracker
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>Cookies</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>http://example.com</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>http://example.org</string>
+ </array>
+ <key>Default</key>
+ <true/> | <false/>
+ <key>AcceptThirdParty</key>
+ <string>always | never | from-visited</string>
+ <key>ExpireAtSessionEnd</key>
+ <true/> | <false/>
+ <key>RejectTracker</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Cookies": {
+ "Allow": ["http://example.org/"],
+ "Block": ["http://example.edu/"],
+ "Default": true | false,
+ "AcceptThirdParty": "always" | "never" | "from-visited",
+ "ExpireAtSessionEnd": true | false,
+ "RejectTracker": true | false,
+ "Locked": true | false
+ }
+ }
+}
+```
+### DisableSetDesktopBackground
+Remove the "Set As Desktop Background..." menuitem when right clicking on an image.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `removeSetDesktopBackground`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableSetDesktopBackground = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSetDesktopBackground
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableSetDesktopBackground</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableSetDesktopBackground": true | false
+ }
+}
+```
+### DisableMasterPasswordCreation
+Remove the master password functionality.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `noMasterPassword`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableMasterPasswordCreation = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableMasterPasswordCreation
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableMasterPasswordCreation</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableMasterPasswordCreation": true | false
+ }
+}
+```
+### DisableAppUpdate
+Turn off application updates.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableFirefoxUpdates`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableAppUpdate = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableAppUpdate
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableAppUpdate</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableAppUpdate": true | false
+ }
+}
+```
+### DisableBuiltinPDFViewer
+Disable the built in PDF viewer. PDF files are downloaded and sent externally.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disablePDFjs`\
+**Preferences Affected:** `pdfjs.disabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableBuiltinPDFViewer = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableBuiltinPDFViewer
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableBuiltinPDFViewer</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableBuiltinPDFViewer": true | false
+ }
+}
+```
+### DisableDefaultBrowserAgent
+Prevent the default browser agent from taking any actions. Only applicable to Windows; other platforms don’t have the agent.
+
+**Compatibility:** Firefox 75, Firefox ESR 68.7 (Windows only)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableDefaultBrowserAgent = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableDefaultBrowserAgent
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableDefaultBrowserAgent": true | false
+ }
+}
+```
+### DisableDeveloperTools
+Remove access to all developer tools.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `removeDeveloperTools`\
+**Preferences Affected:** `devtools.policy.disabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableDeveloperTools = 0x1 | 0x0`
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableDeveloperTools
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableDeveloperTools</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableDeveloperTools": true | false
+ }
+}
+```
+### DisableFeedbackCommands
+Disable the menus for reporting sites (Submit Feedback, Report Deceptive Site).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableFeedbackCommands = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFeedbackCommands
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableFeedbackCommands</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableFeedbackCommands": true | false
+ }
+}
+```
+### DisableFirefoxScreenshots
+Remove access to Firefox Screenshots.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `extensions.screenshots.disabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableFirefoxScreenshots = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxScreenshots
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableFirefoxScreenshots</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableFirefoxScreenshots": true | false
+ }
+}
+```
+### DisableFirefoxAccounts
+Disable Firefox Accounts integration (Sync).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableSync`\
+**Preferences Affected:** `identity.fxaccounts.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableFirefoxAccounts = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxAccounts
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableFirefoxAccounts</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableFirefoxAccounts": true | false
+ }
+}
+```
+### DisableFirefoxStudies
+Disable Firefox studies (Shield).
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableFirefoxStudies = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxStudies
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableFirefoxStudies</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableFirefoxStudies": true | false
+ }
+}
+```
+### DisableForgetButton
+Disable the "Forget" button.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableForget`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableForgetButton = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableForgetButton
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableForgetButton</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableForgetButton": true | false
+ }
+}
+```
+### DisableFormHistory
+Turn off saving information on web forms and the search bar.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableFormFill`\
+**Preferences Affected:** ` browser.formfill.enable`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableFormHistory = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFormHistory
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableFormHistory</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableFormHistory": true | false
+ }
+}
+```
+### DisablePasswordReveal
+Do not allow passwords to be shown in saved logins
+
+**Compatibility:** Firefox 71, Firefox ESR 68.3\
+**CCK2 Equivalent:** N/A
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisablePasswordReveal = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePasswordReveal
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisablePasswordReveal</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisablePasswordReveal": true | false
+ }
+}
+```
+### DisablePocket
+Remove Pocket in the Firefox UI. It does not remove it from the new tab page.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disablePocket`\
+**Preferences Affected:** `extensions.pocket.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisablePocket = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePocket
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisablePocket</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisablePocket": true | false
+ }
+}
+```
+### DisablePrivateBrowsing
+Remove access to private browsing.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disablePrivateBrowsing`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisablePrivateBrowsing = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisablePrivateBrowsing
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisablePrivateBrowsing</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisablePrivateBrowsing": true | false
+ }
+}
+```
+### DisableProfileImport
+Disables the "Import data from another browser" option in the bookmarks window.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableProfileImport = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableProfileImport
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableProfileImport</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableProfileImport": true | false
+ }
+}
+```
+### DisableProfileRefresh
+Disable the Refresh Firefox button on about:support and support.mozilla.org, as well as the prompt that displays offering to refresh Firefox when you haven't used it in a while.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableResetFirefox`\
+**Preferences Affected:** `browser.disableResetPrompt`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableProfileRefresh = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableProfileRefresh
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableProfileRefresh</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableProfileRefresh": true | false
+ }
+}
+```
+### DisableSafeMode
+Disable safe mode within the browser.
+
+On Windows, this disables safe mode via the command line as well.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (Windows, macOS)\
+**CCK2 Equivalent:** `disableSafeMode`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableSafeMode = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSafeMode
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableSafeMode</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableSafeMode": true | false
+ }
+}
+```
+### DisableSecurityBypass
+Prevent the user from bypassing security in certain cases.
+
+`InvalidCertificate` prevents adding an exception when an invalid certificate is shown.
+
+`SafeBrowsing` prevents selecting "ignore the risk" and visiting a harmful site anyway.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `security.certerror.hideAddException`,`browser.safebrowsing.allowOverride`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableSecurityBypass\InvalidCertificate = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\DisableSecurityBypass\SafeBrowsing = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/P_DisableSecurityBypass_InvalidCertificate
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/P_DisableSecurityBypass_SafeBrowsing
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+
+#### macOS
+```
+<dict>
+ <key>DisableSecurityBypass</key>
+ <dict>
+ <key>InvalidCertificate</key>
+ <true/> | <false/>
+ <key><SafeBrowsing/key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableSecurityBypass": {
+ "InvalidCertificate": true false,
+ "SafeBrowsing": true false
+ }
+ }
+}
+```
+### DisableSystemAddonUpdate
+Prevent system add-ons from being installed or update.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableSystemAddonUpdate = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableSystemAddonUpdate
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableSystemAddonUpdate</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableSystemAddonUpdate": true | false
+ }
+}
+```
+### DisableTelemetry
+Prevent the upload of telemetry data.
+
+Mozilla recommends that you do not disable telemetry. Information collected through telemetry helps us build a better product for businesses like yours.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `disableTelemetry`\
+**Preferences Affected:** `datareporting.healthreport.uploadEnabled,datareporting.policy.dataSubmissionEnabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisableTelemetry = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableTelemetry
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisableTelemetry</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisableTelemetry": true | false
+ }
+}
+```
+### DisplayBookmarksToolbar
+Set the initial state of the bookmarks toolbar. A user can still hide it and it will stay hidden.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `displayBookmarksToolbar`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisplayBookmarksToolbar = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisplayBookmarksToolbar
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>DisplayBookmarksToolbar</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisplayBookmarksToolbar": true | false
+ }
+}
+```
+### DisplayMenuBar (Deprecated)
+Set the initial state of the menubar. A user can still hide it and it will stay hidden.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (Windows, some Linux)\
+**CCK2 Equivalent:** `displayMenuBar`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisplayMenuBar = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+ <key>DisplayMenuBar</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisplayMenuBar": true | false
+ }
+}
+```
+### DisplayMenuBar
+Set the state of the menubar.
+
+`always` means the menubar is shown and cannot be hidden.
+
+`never` means the menubar is hidden and cannot be shown.
+
+`default-on` means the menubar is on by default but can be hidden.
+
+`default-off` means the menubar is off by default but can be shown.
+
+**Compatibility:** Firefox 73, Firefox ESR 68.5 (Windows, some Linux)\
+**CCK2 Equivalent:** `displayMenuBar`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DisplayMenuBar = "always", "never", "default-on", "default-off"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisplayMenuBar_Enum
+```
+Value (string):
+```
+<enabled/>
+<data id="DisplayMenuBar" value="always | never | default-on | default-off"/>
+```
+#### macOS
+```
+<dict>
+ <key>DisplayMenuBar</key>
+ <string>always | never | default-on | default-off</string>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DisplayMenuBar": "always", "never", "default-on", "default-off"
+ }
+}
+```
+### DNSOverHTTPS
+Configure DNS over HTTPS.
+
+`Enabled` determines whether DNS over HTTPS is enabled
+
+`ProviderURL` is a URL to another provider.
+
+`Locked` prevents the user from changing DNS over HTTPS preferences.
+
+`ExcludedDomains` excludes domains from DNS over HTTPS.
+
+**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.trr.mode`,`network.trr.uri`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ProviderURL = "URL_TO_ALTERNATE_PROVIDER"
+Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains\1 = "example.com"
+```
+#### macOS
+```
+<dict>
+ <key>DNSOverHTTPS</key>
+ <dict>
+ <key>Enabled</key>
+ <true/> | <false/>
+ <key>ProviderURL</key>
+ <string>URL_TO_ALTERNATE_PROVIDER</string>
+ <key>Locked</key>
+ <true/> | <false/>
+ <key>ExcludedDomains</key>
+ <array>
+ <string>example.com</string>
+ </array>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DNSOverHTTPS": {
+ "Enabled": true | false,
+ "ProviderURL": "URL_TO_ALTERNATE_PROVIDER",
+ "Locked": true | false,
+ "ExcludedDomains": ["example.com"]
+ }
+ }
+}
+```
+### DontCheckDefaultBrowser
+Don't check if Firefox is the default browser at startup.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `dontCheckDefaultBrowser`\
+**Preferences Affected:** `browser.shell.checkDefaultBrowser`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DontCheckDefaultBrowser = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+ <key>DontCheckDefaultBrowser</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "DontCheckDefaultBrowser": true | false
+ }
+}
+```
+### DefaultDownloadDirectory
+Set the default download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DefaultDownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+<dict>
+ <key>DefaultDownloadDirectory</key>
+ <string>${home}/Downloads</string>
+</dict>
+```
+#### policies.json (macOS and Linux)
+```
+{
+ "policies": {
+ "DefaultDownloadDirectory": "${home}/Downloads"
+}
+```
+#### policies.json (Windows)
+```
+{
+ "policies": {
+ "DefaultDownloadDirectory": "${home}\\Downloads"
+}
+```
+### DownloadDirectory
+Set and lock the download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`,`browser.download.useDownloadDir`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\DownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+<dict>
+ <key>DownloadDirectory</key>
+ <string>${home}/Downloads</string>
+</dict>
+```
+#### policies.json (macOS and Linux)
+```
+{
+ "policies": {
+ "DownloadDirectory": "${home}/Downloads"
+}
+```
+#### policies.json (Windows)