Permissions-Policy: private-state-token-redemption directive

{{SeeCompatTable}}

The HTTP {{HTTPHeader("Permissions-Policy")}} header private-state-token-redemption directive controls usage of private state token token-redemption and send-redemption-record operations.

Specifically, where a defined policy blocks the use of this feature, token redemption and send redemption record operations will fail.

Syntax

Permissions-Policy: private-state-token-redemption=<allowlist>;

• <allowlist>
  • : A list of origins for which permission is granted to use the feature. See Permissions-Policy > Syntax for more details.

Default policy

The default allowlist for private-state-token-redemption is *.

Specifications

{{Specifications}}

Browser compatibility

{{Compat}}

See also

• {{HTTPHeader("Permissions-Policy")}} header
• Permissions Policy
• Private State Token API