Browser Considerations when using XpressDox

For full functionality, a few key browser behaviours must be allowed via your organisation’s policies.
 

Why This Matters

XpressDox relies on browser-based authentication (OAuth) and a custom protocol to interact with Microsoft Word on the desktop. Without the correct permissions in place, users may:

• Be blocked from logging in or connecting to cloud templates
• Experience silent failures or repeated prompts when authenticating
• Be unable to open assembled documents in Word automatically

These issues typically result from browser security settings or centrally enforced network policies that block required actions like pop-ups or custom protocol execution.

Recommended Network Policy Allowances

1. Allow Pop‑Ups for XpressDox Authentication

XpressDox uses OAuth, which relies on a browser pop-up to authenticate the user. If pop-ups are blocked, either by browser settings or an enforced policy, users may not be able to log in successfully or may experience repeated authentication loops.

To avoid this:

• Ensure pop-ups are allowed for the following XpressDox domains:
  • https://au14.xpressdox.com *
  • https://au.xpressdox.com *

* au14 and au. represents the cloud instance on which your account is registered. It could be us.xpressdox.com or ca.xpressdox.com. We have 5 cloud instances world-wide, please check your URL and allow pop-ups for your XpressDox domain.

Where possible, we recommend implementing this via your organisation’s network or browser policy, so it applies consistently across all devices.

2. Allow the Custom Protocol Handler to Open Documents in Word

When a user assembles a document, XpressDox makes use of a custom protocol handler to automatically open the resulting file in Microsoft Word. This interaction depends on the browser recognising and allowing the ms-word: protocol, which will prompt the user before opening documents.

To ensure a smooth document launch experience, i.e. no prompts to the user:

• Allow the MS Word custom protocol handler to be launched from the XpressDox domain without prompts or restrictions
• Ensure that documents are opened in Microsoft Word on the desktop, not in the browser or a preview mode

This can usually be addressed by applying an appropriate policy setting for trusted protocols or handlers.

By way of example:

For Microsoft Edge / Chrome (since they share Chromium):

• You can define URLAllowlist / URLBlocklist for which domains are trusted.
• Combine this with ExternalProtocolPolicyAllowedForUrls (Chrome) or AutoLaunchProtocolsFromOrigins (Edge) to allow specific protocols (ms-word:) from specific domains.

Edge ADMX/Intune policy JSON:
“AutoLaunchProtocolsFromOrigins”: {“ms-word”: [“https://yourdomain.com”] }

By ensuring these allowances are in place, you help provide a seamless XpressDox experience for your users, from login to document output, without disruptive browser prompts or blocked actions.