You would have to use Firefox 60 (ESR) to be able to use policies like this reliably. *https://support.mozilla.org/products/firefox-enterprise *https://github.com/mozilla/policy-templates/blob/master/README.md

You have to check the addons to see if they will install on the Browser version your using. And if there is Addon issue you have to contact the Addon creator for support on their Addon.

   "InstallAddonsPermission": {
     "Allow": ["http://example.org/",
               "http://example.edu/"],
     "Default": [false] /* If this is set to false, add-ons cannot be installed by the user */
   }

   "Extensions": {
     "Install": ["https://addons.mozilla.org/firefox/downloads/somefile.xpi", "//path/to/xpi"]
     "Uninstall": ["*"],
     "Locked":  ["addon_id@mozilla.org"]

Thanks for your reply. @cor-el >> You would have to use Firefox 60 (ESR) I guessed so but I need to be sure before evaluating and rolling out FF v60_ESR. Is it still possible to install the Addons listed under "Allow" in case "Default" is set to "false"? All other Addons will be blocked? https://github.com/mozilla/policy-templates/blob/master/README.md#installaddonspermission "InstallAddonsPermission": { "Allow": ["http://example.org/", "http://example.edu/"], "Default": [false] /* If this is set to false, add-ons cannot be installed by the user */ } The same question applies to the extensions policy. Is it possible to block all and allow just approved ones via whitelist? https://github.com/mozilla/policy-templates/blob/master/README.md#extensions-esr-only "Extensions": { "Install": ["https://addons.mozilla.org/firefox/downloads/somefile.xpi", "//path/to/xpi"] "Uninstall": ["*"], "Locked": ["addon_id@mozilla.org"] @WestEnd >> You have to check the addons to see if they will install on the Browser version your using. Yes, I know that there might be compatibility conflicts by upgrading to a major version.