Computer Configuration > Administrative Templates > Microsoft Edge > HTTP authentication
Both
HKLM\Software\Policies\Microsoft\Edge
If you enable this policy or leave it unset, Basic authentication challenges received over non-secure HTTP will be allowed. If you disable this policy, non-secure HTTP requests from the Basic authentication scheme are blocked, and only secure HTTPS is allowed. This policy setting is ignored (and Basic is always forbidden) if the 'AuthSchemes' (Supported authentication schemes) policy is set and does not include Basic.