1. Web
  2. HTTP
  3. Reference
  4. Headers
  5. Permissions-Policy
  6. private-state-token-redemption

Permissions-Policy: private-state-token-redemption directive

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The HTTP Permissions-Policy header private-state-token-redemption directive controls usage of private state token token-redemption and send-redemption-record operations.

Specifically, where a defined policy blocks the use of this feature, token redemption and send redemption record operations will fail.

Syntax

http
Permissions-Policy: private-state-token-redemption=<allowlist>;
<allowlist>

A list of origins for which permission is granted to use the feature. See Permissions-Policy > Syntax for more details.

Default policy

The default allowlist for private-state-token-redemption is *.

Specifications

Specification
Private State Token API
# policy-controlled-feature-private-state-token-redemption

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content