App permissions

The permissions field in the app manifest controls the app's access to various sensitive APIs on the device (sometimes called WebAPIs). The permissions are described in the following tables.

The three levels of permission, in brief, are:

  • Web apps: These only have a basic level of permissions, and don't have access to privileged or internal APIs.
  • Privileged apps: These have all the permissions of web apps plus more. Hosted apps can't be privileged — they must be packaged apps.
  • Internal (certified) apps: These have all the permissions of privileged and web apps plus more. Certified/internal apps can only be installed on a device by Mozilla or a device vendor; not 3rd party developers.

For more information on app types, see Types of packaged apps.

Note: If you use the App Manager/WebIDE to test your app, it will display an easy to read table of which permissions are allowed, denied, or require a prompt on the current device or simulator you are connected to.

Hosted app and privileged app permissions

Manifest permission API name Description Minimum app type required access property Default granted Platform/version supported
alarms Alarm Schedule a notification, or schedule an application to be started. hosted none Allow FxOS 1.0.1
audio-capture

getUserMedia, Web Speech API

Obtain MediaStream from audio input devices, e.g. microphone. This is needed to allow audio capture in Firefox OS 1.2+. hosted for getUserMedia, privileged for Web Speech API none Prompt for all installed App types for getUserMedia, Allow for Web Speech API. FxOS 1.2 and
Desktop Firefox 20+ for getUserMedia, FxOS 2.5 and Desktop Firefox 44 for Web Speech API.
audio-channel-alarm AudioChannels Alarm clock, calendar alarms. privileged none Allow FxOS 1.0.1
audio-channel-content AudioChannels Music, video. hosted none Allow FxOS 1.0.1
audio-channel-normal AudioChannels UI sounds, Web content, music, radio. hosted none Allow FxOS 1.0.1
audio-channel-notification AudioChannels New email, incoming SMS. privileged none Allow FxOS 1.0.1
browser Browser Enables the app to implement a browser in an iframe. privileged none Allow FxOS 1.0.1
camera Camera

Take photos, shoot video, record audio, and control the camera.

Note: camera was limited to certified apps initially because the app sandbox was preventing access to the camera hardware. Fixed from Firefox OS 2.0 onwards.

privileged in Firefox OS 2.0+ internal/certified up to Firefox OS 1.4

none Prompt for all installed App types. FxOS 1.0.1-1.4 certified
FxOS 2.0+ privileged
contacts Contacts Add, read, or modify contacts from the address book on the device and read contacts from the SIM. privileged readonly, readwrite, readcreate, or createonly Prompt for all installed App types. FxOS 1.1
Firefox Android 18
desktop-notification mozNotification for Gecko <22, Notification for Gecko 22+ Display a notification on the user's desktop. Note that this has changed, so for Gecko <22 (Firefox OS <1.2) you need to use mozNotification, while for Gecko 22+ (Firefox 1.2+) you need to use Notification. hosted none Prompt for Web content. Allow for all installed App types. FxOS 1.0.1, Android 4.0, Desktop 4.0 for prefixed version
FxOS 1.2, Android 22, Desktop 22 for non-prefixed version
device-storage:music Device Storage Add, read, or modify music files stored on the device. privileged readonly, readwrite, readcreate, or createonly Prompt FxOS 1.0.1
device-storage:pictures Device Storage Add, read, or modify picture files stored on the device. privileged readonly, readwrite, readcreate, or createonly Prompt FxOS 1.0.1
device-storage:sdcard Device Storage Add, read, or modify files stored on the device's SD card. privileged readonly, readwrite, readcreate, or createonly Prompt FxOS 1.0.1
device-storage:videos Device Storage Add, read, or modify video files stored on the device. privileged readonly, readwrite, readcreate, or createonly Prompt FxOS 1.0.1
fmradio FM Radio Control the FM radio. hosted none Allow FxOS 1.0.1
geolocation Geolocation Obtain the current location of the user. hosted none Prompt (even for certified Apps) FxOS 1.0.1, Desktop Firefox 3.5, Android 4.0
input Keyboard Allows the app to act as a virtual keyboard by listening to focus change events in other apps. All IME apps need this permission for sending input keys and updating the value of a input field. privileged none Allow FxOS 1.2
mobileid Mobile identity Allows an app to obtain a verified phone number (MSISDN) after the user selects the number to be shared and gives explicit permission for the app to obtain it. privileged/ none Prompt FxOS 2.0
mobilenetwork Mobile Network Obtain mobile network information (MCC, MNC, etc.). privileged none Allow FxOS 1.0.1
moz-firefox-accounts Firefox Accounts Allows the use of Firefox Accounts when using the navigator.mozId API. privileged none Prompt for all installed App types. FxOS 2.0
nfc NFC API NFC enables an app to transmit data to other devices via near field communication. This permission is required for reading and writing data. Privileged none Allow FxOS 2.2
nfc-share NFC API This permission is just required for sharing tags via NFC. Privileged none Allow FxOS 2.2
nfc-read, nfc-write NFC API These permissions were used to request reading and writing privileges in Firefox OS 2.0/2.1 Was certified/internal at this stage in development. none Allow FxOS 2.0
push Simple Push Enable an app to wake up to receive notification. hosted none Allow FxOS 1.1
speech-recognition Web Speech API Allows an app to use speech recognition. privileged none Allow FxOS 2.5 and Desktop Firefox 44.
systemXHR SystemXHR Allows anonymous (no cookies) cross-origin XHR without the target site having CORS enabled. Similar to the TCP Socket API but restricted to XHR, not just raw sockets, so it is slightly less risky. See XMLHttpRequest. privileged none Allow FxOS 1.0.1
tcp-socket TCP Socket Create TCP sockets and communicate over them. privileged none Allow FxOS 1.0.1,
Desktop (early versions)
video-capture GetUserMedia Obtain MediaStream from video input devices, e.g. camera. This is needed to allow video capture in Firefox OS 1.4+. hosted none Prompt for all installed App types. FxOS 1.4

Note: To declare an app as privileged, you need to put "type" : "privileged" into your app manifest. You don't need to include the type field in your manifest for web apps, as web is the default value.

Internal (Certified) app permissions

The following permissions require a internal app and are granted implicitly without prompting the user. Most app developers will not be able to use internal APIs, because they are intended for system-level apps and default apps created by Mozilla/operators/OEMs.

Manifest permission API name Description Minimum app type required access property Platform
attention Attention Screen

Allow content to open a window in front of all other content. Used by telephone and SMS.

Note: Attention screens use the Firefox OS-specific attention feature name when calling window.open().

internal (certified) none FxOS 1.0.1
audio-channel-ringer AudioChannels Incoming phone calls. internal (certified) none FxOS 1.0.1
audio-channel-telephony AudioChannels Phone calls, VoIP calls. internal (certified) none FxOS 1.0.1
audio-channel-publicnotification AudioChannels Forced camera shutter sounds. internal (certified) none FxOS 1.2
background-sensors Background Sensor Ability to listen to proximity sensor events in the background. (All apps recieve these events in the foreground.) internal (certified) none FxOS 1.0.1
backgroundservice (Deprecated) Background Services

Enable an app to run in the background and perform tasks like syncing or responding to incoming messages.

Note: this functionality has been removed.

internal (certified) none FxOS 1.0.1
bluetooth   Low level access to Bluetooth hardware. internal (certified) none FxOS 1.0.1
browser:embedded-system-app Browser Enables an app opened in a browser <iframe> to call methods of the API on — and listen and respond to related events fired by — itself (usually the parent window of the iframe calls the Browser API.) See bug 1196654 for further information. internal (certified) none FxOS 2.5
camera Camera

Take photos, shoot video, record audio, and control the camera.

Note: camera was limited to certified apps initially because the sandbox that apps run in was preventing access to the camera hardware. This has been fixed from Firefox OS 2.0 onwards.

internal (certified) up to Firefox OS 1.4, privileged in Firefox OS 2.0+ none FxOS 1.0.1-1.4 certified
FxOS 2.0+ privileged
cellbroadcast   Fires an event when a specific type of cell network message is received (an emergency network notification). internal (certified) none FxOS 1.0.1
No permission needed, but datastores-access/datastores-owned needs to be set in the manifest (see Data Store API Manifest fields.) Data Store A powerful, flexible storage mechanism for Firefox OS applications to use to store and share data. internal (certified) datastores-access/
datastores-owned
FxOS 1.0.1
device-storage:apps Device Storage Add, read, or modify files stored in the apps location on the device.

When this is used, the webapps-manage permission is also required alongside it (see below.)
internal (certified) read FxOS 1.0.1
embed-apps Embed Apps Ability to embed apps in mozApp frames. internal (certified) none FxOS 1.0.1
idle Idle Notify the app if the user is idle. internal (certified) none FxOS 1.0.1
mobileconnection Mobile Connection Obtain information about the current mobile voice and data connection. internal (certified) none FxOS 1.0.1
network-events Network Events Monitor network uploads and downloads. internal (certified) none FxOS 1.0.1
networkstats-manage Network Stats Obtain statistics of data usage per interface. internal (certified) none FxOS 1.0.1
open-remote-window Open out-of-process windows Allows normal window.open calls, but the resulting window is opened in a new process. internal (certified) none FxOS 1.0.1
permissions Permissions (Firefox OS) Allow an app to manage other permissions of other apps. internal (certified) none FxOS 1.0.1
phonenumberservice ?? ?? internal (certified) none ??
power Power Management Turn the screen on or off, control CPU, device power, and so on. Listen for and inspect resource lock events. internal (certified) none FxOS 1.0.1
presentation-device-manage Presentation Obtain the list of available devices that can be used as external display and trigger device discovery. internal (certified) none FxOS 3.0
settings Settings Configure or read device settings. internal (certified) readonly or readwrite FxOS 1.0.1
sms WebSMS Send and receive SMS messages. internal (certified) none FxOS 1.0.1,
1.1 for MMS
telephony Web Telephony Access all telephony-related APIs to make and recieve phone calls. internal (certified) none FxOS 1.0.1
time TimeManager Set current time. Time zone information is controlled by the Settings API. Formerly called systemclock. internal (certified) none FxOS 1.0.1
voicemail Voicemail Access voicemail. internal (certified) none FxOS 1.0.1
webapps-manage Open Webapps Obtain access to the navigator.mozApps.mgmt API to manage installed Open Web Apps.

Required alongside the device-storage:apps permission (see above.)
internal (certified) none FxOS 1.0.1, Desktop, Android
wifi-manage WiFi Management Enumerate available WiFi networks, get signal strength, connect to a network. internal (certified) none FxOS 1.0.1
wappush WAP Push Receive WAP Push messages. internal (certified) none FxOS 1.0.1

Note: The internal codename for internal apps is certified apps. To declare an app as internal, you need to put "type" : "certified" into your app manifest.

See also

The permissions table is where Firefox OS API permissions are defined in the Firefox source code.

Document Tags and Contributors

 Last updated by: chrisdavidmills,