Instinctive

Get started with Instinctive

Sign in with a Google administrator account to get started

Get started with Instinctive

Sign in with a Google administrator account to get started

Upgrade to Instinctive Professional for this feature

Audit & fix Chrome settings to keep users safe & devices secure

Compare and sync settings across OUs or historical exports. Import settings to copy from one OU to another.

Unlimited search history

Batch actions (max. 250 items at a time)

Custom CSV exports for record-keeping

Hand Raise extension
<- Chrome Settings Library

DeviceLoginScreenSecurityKeyPermitAttestation

URLs/domains automatically permitted direct Security Key attestation on the login screen
Last updated August 13, 2025
Edit in Google Admin Console

Setting the policy specifies WebAuthn RP IDs for which no prompt appears when attestation certificates from security keys are requested on the login screen. A signal is also sent to the security key indicating that enterprise attestation may be used. Without this, when sites request attestation of security keys, users are prompted. This device policy is equivalent to the existing user policy SecurityKeyPermitAttestation, but applies to the sign-in profile on the login screen instead.

Supported On:
Platform Start End
ChromeOS 140
Example value:

["example.com"]

Features: