The permissions
field in the app manifest controls the app's access to various sensitive APIs on the device (sometimes called WebAPIs). The permissions are described in the following tables.
The three levels of permission, in brief, are:
- Web apps: These only have a basic level of permissions, and don't have access to privileged or internal APIs.
- Privileged apps: These have all the permissions of web apps plus more. Hosted apps can't be privileged — they must be packaged apps.
- Internal (certified) apps: These have all the permissions of privileged and web apps plus more. Certified/internal apps can only be installed on a device by Mozilla or a device vendor; not 3rd party developers.
For more information on app types, see Types of packaged apps.
Note: If you use the App Manager/WebIDE to test your app, it will display an easy to read table of which permissions are allowed, denied, or require a prompt on the current device or simulator you are connected to.
Hosted app and privileged app permissions
Manifest permission | API name | Description | Minimum app type required | access property |
Default granted | Platform/version supported |
---|---|---|---|---|---|---|
alarms |
Alarm | Schedule a notification, or schedule an application to be started. | hosted | none | Allow |
FxOS 1.0.1 |
audio-capture |
Obtain MediaStream from audio input devices, e.g. microphone. This is needed to allow audio capture in Firefox OS 1.2+. |
hosted for getUserMedia, privileged for Web Speech API | none | Prompt for all installed App types for getUserMedia, Allow for Web Speech API. |
FxOS 1.2 and Desktop Firefox 20+ for getUserMedia, FxOS 2.5 and Desktop Firefox 44 for Web Speech API. |
|
audio-channel-alarm |
AudioChannels | Alarm clock, calendar alarms. | privileged | none | Allow |
FxOS 1.0.1 |
audio-channel-content |
AudioChannels | Music, video. | hosted | none | Allow |
FxOS 1.0.1 |
audio-channel-normal |
AudioChannels | UI sounds, Web content, music, radio. | hosted | none | Allow |
FxOS 1.0.1 |
audio-channel-notification |
AudioChannels | New email, incoming SMS. | privileged | none | Allow |
FxOS 1.0.1 |
browser |
Browser | Enables the app to implement a browser in an iframe . |
privileged | none | Allow |
FxOS 1.0.1 |
camera |
Camera |
Take photos, shoot video, record audio, and control the camera. Note: |
privileged in Firefox OS 2.0+ internal/certified up to Firefox OS 1.4 |
none | Prompt for all installed App types. |
FxOS 1.0.1-1.4 certified FxOS 2.0+ privileged |
contacts |
Contacts | Add, read, or modify contacts from the address book on the device and read contacts from the SIM. | privileged | readonly , readwrite , readcreate , or createonly |
Prompt for all installed App types. |
FxOS 1.1 Firefox Android 18 |
desktop-notification |
mozNotification for Gecko <22, Notification for Gecko 22+ | Display a notification on the user's desktop. Note that this has changed, so for Gecko <22 (Firefox OS <1.2) you need to use mozNotification , while for Gecko 22+ (Firefox 1.2+) you need to use Notification . |
hosted | none | Prompt for Web content. Allow for all installed App types. |
FxOS 1.0.1, Android 4.0, Desktop 4.0 for prefixed version FxOS 1.2, Android 22, Desktop 22 for non-prefixed version |
device-storage:music |
Device Storage | Add, read, or modify music files stored on the device. | privileged | readonly , readwrite , readcreate , or createonly |
Prompt |
FxOS 1.0.1 |
device-storage:pictures |
Device Storage | Add, read, or modify picture files stored on the device. | privileged | readonly , readwrite , readcreate , or createonly |
Prompt |
FxOS 1.0.1 |
device-storage:sdcard |
Device Storage | Add, read, or modify files stored on the device's SD card. | privileged | readonly , readwrite , readcreate , or createonly |
Prompt |
FxOS 1.0.1 |
device-storage:videos |
Device Storage | Add, read, or modify video files stored on the device. | privileged | readonly , readwrite , readcreate , or createonly |
Prompt |
FxOS 1.0.1 |
fmradio |
FM Radio | Control the FM radio. | hosted | none | Allow |
FxOS 1.0.1 |
geolocation |
Geolocation | Obtain the current location of the user. | hosted | none | Prompt (even for certified Apps) |
FxOS 1.0.1, Desktop Firefox 3.5, Android 4.0 |
input |
Keyboard | Allows the app to act as a virtual keyboard by listening to focus change events in other apps. All IME apps need this permission for sending input keys and updating the value of a input field. | privileged | none | Allow |
FxOS 1.2 |
mobileid |
Mobile identity | Allows an app to obtain a verified phone number (MSISDN) after the user selects the number to be shared and gives explicit permission for the app to obtain it. | privileged/ | none | Prompt |
FxOS 2.0 |
mobilenetwork |
Mobile Network | Obtain mobile network information (MCC, MNC, etc.). | privileged | none | Allow |
FxOS 1.0.1 |
moz-firefox-accounts |
Firefox Accounts | Allows the use of Firefox Accounts when using the navigator.mozId API. | privileged | none | Prompt for all installed App types. |
FxOS 2.0 |
nfc |
NFC API | NFC enables an app to transmit data to other devices via near field communication. This permission is required for reading and writing data. | Privileged | none | Allow |
FxOS 2.2 |
nfc-share |
NFC API | This permission is just required for sharing tags via NFC. | Privileged | none | Allow |
FxOS 2.2 |
nfc-read , nfc-write |
NFC API | These permissions were used to request reading and writing privileges in Firefox OS 2.0/2.1 | Was certified/internal at this stage in development. | none | Allow |
FxOS 2.0 |
push |
Simple Push | Enable an app to wake up to receive notification. | hosted | none | Allow |
FxOS 1.1 |
speech-recognition |
Web Speech API | Allows an app to use speech recognition. | privileged | none | Allow |
FxOS 2.5 and Desktop Firefox 44. |
systemXHR |
SystemXHR | Allows anonymous (no cookies) cross-origin XHR without the target site having CORS enabled. Similar to the TCP Socket API but restricted to XHR, not just raw sockets, so it is slightly less risky. See XMLHttpRequest. | privileged | none | Allow |
FxOS 1.0.1 |
tcp-socket |
TCP Socket | Create TCP sockets and communicate over them. | privileged | none | Allow |
FxOS 1.0.1, Desktop (early versions) |
video-capture |
GetUserMedia | Obtain MediaStream from video input devices, e.g. camera. This is needed to allow video capture in Firefox OS 1.4+. | hosted | none | Prompt for all installed App types. |
FxOS 1.4 |
Note: To declare an app as privileged, you need to put "type" : "privileged"
into your app manifest. You don't need to include the type
field in your manifest for web apps, as web
is the default value.
Internal (Certified) app permissions
The following permissions require a internal app and are granted implicitly without prompting the user. Most app developers will not be able to use internal APIs, because they are intended for system-level apps and default apps created by Mozilla/operators/OEMs.
Manifest permission | API name | Description | Minimum app type required | access property |
Platform |
---|---|---|---|---|---|
attention |
Attention Screen |
Allow content to open a window in front of all other content. Used by telephone and SMS. Note: Attention screens use the Firefox OS-specific |
internal (certified) | none | FxOS 1.0.1 |
audio-channel-ringer |
AudioChannels | Incoming phone calls. | internal (certified) | none | FxOS 1.0.1 |
audio-channel-telephony |
AudioChannels | Phone calls, VoIP calls. | internal (certified) | none | FxOS 1.0.1 |
audio-channel-publicnotification |
AudioChannels | Forced camera shutter sounds. | internal (certified) | none | FxOS 1.2 |
background-sensors |
Background Sensor | Ability to listen to proximity sensor events in the background. (All apps recieve these events in the foreground.) | internal (certified) | none | FxOS 1.0.1 |
backgroundservice (Deprecated) |
Background Services |
Enable an app to run in the background and perform tasks like syncing or responding to incoming messages. Note: this functionality has been removed. |
internal (certified) | none | FxOS 1.0.1 |
bluetooth |
Low level access to Bluetooth hardware. | internal (certified) | none | FxOS 1.0.1 | |
browser:embedded-system-app |
Browser | Enables an app opened in a browser <iframe> to call methods of the API on — and listen and respond to related events fired by — itself (usually the parent window of the iframe calls the Browser API.) See bug 1196654 for further information. |
internal (certified) | none | FxOS 2.5 |
camera |
Camera |
Take photos, shoot video, record audio, and control the camera. Note: |
internal (certified) up to Firefox OS 1.4, privileged in Firefox OS 2.0+ | none | FxOS 1.0.1-1.4 certified FxOS 2.0+ privileged |
cellbroadcast |
Fires an event when a specific type of cell network message is received (an emergency network notification). | internal (certified) | none | FxOS 1.0.1 | |
No permission needed, but datastores-access /datastores-owned needs to be set in the manifest (see Data Store API Manifest fields.) |
Data Store | A powerful, flexible storage mechanism for Firefox OS applications to use to store and share data. | internal (certified) | datastores-access /datastores-owned |
FxOS 1.0.1 |
device-storage:apps |
Device Storage | Add, read, or modify files stored in the apps location on the device. When this is used, the webapps-manage permission is also required alongside it (see below.) |
internal (certified) | read |
FxOS 1.0.1 |
embed-apps |
Embed Apps | Ability to embed apps in mozApp frames. |
internal (certified) | none | FxOS 1.0.1 |
idle |
Idle | Notify the app if the user is idle. | internal (certified) | none | FxOS 1.0.1 |
mobileconnection |
Mobile Connection | Obtain information about the current mobile voice and data connection. | internal (certified) | none | FxOS 1.0.1 |
network-events |
Network Events | Monitor network uploads and downloads. | internal (certified) | none | FxOS 1.0.1 |
networkstats-manage |
Network Stats | Obtain statistics of data usage per interface. | internal (certified) | none | FxOS 1.0.1 |
open-remote-window |
Open out-of-process windows | Allows normal window.open calls, but the resulting window is opened in a new process. |
internal (certified) | none | FxOS 1.0.1 |
permissions |
Permissions (Firefox OS) | Allow an app to manage other permissions of other apps. | internal (certified) | none | FxOS 1.0.1 |
phonenumberservice | ?? | ?? | internal (certified) | none | ?? |
power |
Power Management | Turn the screen on or off, control CPU, device power, and so on. Listen for and inspect resource lock events. | internal (certified) | none | FxOS 1.0.1 |
presentation-device-manage |
Presentation | Obtain the list of available devices that can be used as external display and trigger device discovery. | internal (certified) | none | FxOS 3.0 |
settings |
Settings | Configure or read device settings. | internal (certified) | readonly or readwrite |
FxOS 1.0.1 |
sms |
WebSMS | Send and receive SMS messages. | internal (certified) | none | FxOS 1.0.1, 1.1 for MMS |
telephony |
Web Telephony | Access all telephony-related APIs to make and recieve phone calls. | internal (certified) | none | FxOS 1.0.1 |
time |
TimeManager | Set current time. Time zone information is controlled by the Settings API. Formerly called systemclock . |
internal (certified) | none | FxOS 1.0.1 |
voicemail |
Voicemail | Access voicemail. | internal (certified) | none | FxOS 1.0.1 |
webapps-manage |
Open Webapps | Obtain access to the navigator.mozApps.mgmt API to manage installed Open Web Apps.Required alongside the device-storage:apps permission (see above.) |
internal (certified) | none | FxOS 1.0.1, Desktop, Android |
wifi-manage |
WiFi Management | Enumerate available WiFi networks, get signal strength, connect to a network. | internal (certified) | none | FxOS 1.0.1 |
wappush |
WAP Push | Receive WAP Push messages. | internal (certified) | none | FxOS 1.0.1 |
Note: The internal codename for internal apps is certified apps. To declare an app as internal, you need to put "type" : "certified"
into your app manifest.
See also
The permissions table is where Firefox OS API permissions are defined in the Firefox source code.