Allow admins to carry over a filtered set of the user's cookies to policy whitelisted participating apps. An empty whitelist will result in the default behavior which is to block all incoming requests and not hand over any cookies.
Admins should only whitelist apps they fully trust with the user's data. They should ensure they have all proper consent forms placed for users as they are granting permissions to certain apps on their behalf and the system will not show the end users any consent forms once permission is granted via admin policy.
For more details on filter options, please see https://github.com/GoogleChrome/chromeos_saml_apps/blob/master/src/schema.json and https://developer.chrome.com/extensions/cookies#method-getAll.
The code for this extension has been open-sourced at: https://github.com/GoogleChrome/chromeos_saml_apps.
Chrome for Work documentation can be found at: https://support.google.com/chrome/a/answer/7064180.