Where can I get a list of more Android permissions? (other than ...)

Question

I'm trying to get a list of valid Android permissions. I know the 'official' ones at http://developer.android.com/reference/android/Manifest.permission.html but it seems there are more out there. Please do not answer by just repeating that link.

For example

android.permission.READ_SETTINGS
android.permission.ACCESS_LOCATION
android.permission.ACCESS_GPS

com.android.vending.CHECK_LICENSE

com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

com.google.android.googleapps.permission.GOOGLE_AUTH
com.google.android.googleapps.permission.GOOGLE_AUTH.OTHER_SERVICES

com.google.android.c2dm.permission.RECEIVE

Where can I get such a list? Where do I get a description for these permissions?

http://developer.android.com/reference/android/Manifest.permission.html — cprcrack, Dec 14 '13 at 04:00
@cprcrack Wow, you've managed to post a Link that's already in the question - after 3 years! — Scolytus, Dec 14 '13 at 09:53
Well I feel silly, I had many tabs here and I thought the link wasn't here. But by the way, it doesn't matter if it's after 3 years, this question is not only for you but for everyone that ends up here at any time ;) — cprcrack, Dec 14 '13 at 14:25
https://github.com/android/platform_frameworks_base/blob/master/core/res/AndroidManifest.xml is pretty interesting :) — Dori, Apr 28 '15 at 16:39
For those of you who cannot see them, please note that there is a bunch of deleted answers below, which were deleted for only repeating the same link as already given in the question. More answers like that will also be deleted of course. Please just do not create them. — Yunnosch, Oct 11 '22 at 06:08

score 22 · Answer 1 · answered Apr 14 '12 at 13:33

22

adb shell pm list permissions -s

This might be what you're looking for.

answered Apr 14 '12 at 13:33

mkozak

221
2
2

2

Also try without `-s` – cprcrack Dec 14 '13 at 04:33
Am I correct in assuming :-) that "adb shell pm list features" would list the features of the attached device ? – ferdil Mar 05 '14 at 16:43
How can I see the real name of the permissions, as being used on the manifest? – android developer Aug 29 '14 at 16:23
@Izzy I don't understand. Did you understand my question ? I meant, suppose I've installed an app that declares a totally new permission (not on your list), and I want to know its name as used in its manifest, how can I do it using ADB ? – android developer Dec 31 '14 at 00:33
2

@androiddeveloper yupp, got that now. But that would be a "new question" rather ;) The answer: `adb shell dumpsys package com.foo.bar`, and in the output skip to `grantedPermissions:`. Below that come the permissions in "full notation", e.g. `android.permission.INTERNET`, one per line. Of course you have to replace `com.foo.bar` with the package name of your interest ;) – Izzy Dec 31 '14 at 00:54
@Izzy Thank! You got +1 for that. :) – android developer Dec 31 '14 at 06:13
1

@Izzy I will just upvote the newly updated answer then. Thank you. I don't even remember why I asked this question. It was a long time ago. – android developer Dec 31 '14 at 13:12

score 16 · Accepted Answer · edited Jul 21 '17 at 11:12

There is no such thing as a comprehensive "list" for all permissions. New permissions can be defined by any application that wants to enforce its own: https://developer.android.com/guide/topics/security/security.html#declaring.

The Manifest.permission class lists the "system" permissions, and you're already aware of those. The other things you've listed aren't system permissions, but rather are specific to certain apps, and or are old names (ACCESS_LOCATION and ACCESS_GPS were pre 1.0 names, for example).

A grep for something like <permission android:name= in the source would reveal all the included app permissions (for the open source apps), but in general you should stick to the documented permission names.

score 12 · Answer 3 · answered Jan 10 '12 at 09:19

12

Use the following snippet to get all the permissions declared on your device:

Context context = this;
PackageManager pm = context.getPackageManager();
CharSequence csPermissionGroupLabel;
CharSequence csPermissionLabel;

List<PermissionGroupInfo> lstGroups = pm.getAllPermissionGroups(0);
for (PermissionGroupInfo pgi : lstGroups) {
    csPermissionGroupLabel = pgi.loadLabel(pm);
    Log.e("perm", pgi.name + ": " + csPermissionGroupLabel.toString());

    try {
        List<PermissionInfo> lstPermissions = pm.queryPermissionsByGroup(pgi.name, 0);
        for (PermissionInfo pi : lstPermissions) {
            csPermissionLabel = pi.loadLabel(pm);
            Log.e("perm", "   " + pi.name + ": " + csPermissionLabel.toString());
        }
    } catch (Exception ex) {
        ex.printStackTrace();
    }
}

answered Jan 10 '12 at 09:19

Nir Pear

291
3
7

Hi When I codning ur code then show errors.there said get all permission on manifest file .Is this is best way ? – Maidul Aug 11 '12 at 05:35
@NirPear Hi, I used your code in a "Galaxy Note" and the log shows android.permission.NFC and this device doesn't have NFC. I need to get the right permissions for the device. Do you know how I can do this? thanks. – htafoya Apr 10 '13 at 22:39
@htafoya I think it shows all available permissions of the OS, no matter what hardware you have. – android developer Sep 06 '14 at 23:21
You're missing permissions that aren't in a permission group. – Androbin Aug 09 '19 at 21:26

score 7 · Answer 4 · answered May 17 '13 at 18:44

7

To list all permissions on your phone

adb shell pm list permissions -g

The -s argument is a short summary

answered May 17 '13 at 18:44

Stephen Donecker

2,361
18
8

For some reason -g returns more permissions than without it – Philippe Girolami Sep 02 '13 at 12:26
@PhilippeGirolami Indeed, and that's even though what it's supposed to do is just grouping them : http://developer.android.com/tools/help/adb.html – android developer Aug 29 '14 at 16:27

score 4 · Answer 5 · edited May 23 '17 at 10:31

There are definitely "more permissions out there". The reference you've linked is just the "official list" – and even for that, it's quite incomplete. I've researched for existing permissions, what they are for, and what impacts they have on the end-user, for about a year now – and really wonder how developers find what they need. Good guessing seems to be part of it, as for many permissions a Google search just yielded content of several apps' Manifest files ("uses …").

Added to that, next to the "official permissions" (or rather "Android core permissions"), each developer can define its own for his app (as Charlie Collins already pointed out in his answer).

During my research, I've setup a list with my findings from several sources (which I listed along) – adding any explanations I could find. This list is rather focused on the end-user, but still might prove helpful to developers. You can find it at my site: Android Permissions explained – bi-lingual (English and German). The list includes the "core permission" as well as some selected app-specific ones (mostly those one encounters more frequently: declared by Google apps, or popular apps like Tasker and K-9 Mail). Again, this of course is far from being complete – a "complete list" being as likely as a unicorn (the day published it most likely would be outdated already).

Edit:

As it was asked for in another comment: If you installed a package with a new permission not yet covered by any list, and you want to know the "technical name" of that new permission, you can retrieve that information from your device via ADB:

adb shell dumpsys package com.foo.bar

(of course replace com.foo.bar with the name of the package in question). In the output, skip down to the line grantedPermissions:. Below that come the permissions in "full notation", e.g. android.permission.INTERNET, one per line. To make that easier:

adb shell dumpsys package com.foo.bar |egrep -A99999 "grantedPermissions:"

score 4 · Answer 6 · answered Nov 21 '10 at 13:52

4

Where can I get such a list?

You can't.

Where do I get a description for these permissions?

Wherever those permissions are documented. In many cases, they are undocumented and therefore should not be used.

For example, your first three were removed from Android a couple of years ago, IIRC. The last one is documented in the C2DM documentation.

answered Nov 21 '10 at 13:52

CommonsWare

986,068
189
2,389
2,491

I think the situation has changed, so now you can do it again: https://stackoverflow.com/a/69053542/878126 – android developer Sep 04 '21 at 08:15
@androiddeveloper: IMHO, not really, at least in the context of this eleven-year-old question. Your code snippet lists the permissions on the specific device or emulator on which it runs. That is not what the question asks for -- it asks for "a list of valid Android permissions". Permissions added by device manufacturers on other devices than the one that you are testing are valid. Permissions added by apps are valid, but your code only lists them for the apps that you happen to have installed. And so on. Your code definitely has value but also has its limits. – CommonsWare Sep 04 '21 at 10:37
Of course. You can at least filter them by those that are from the docs, though. – android developer Sep 04 '21 at 10:56

android developer · Answer 7 · 2021-09-04T13:29:56.270

It depends on the Android version. The reason is that starting from some Android version, Google noticed (or just allowed) that OEMs would be able to change which permission belongs to which permission group. This occurs at least for some Chinese OEMs (not the first time they break behavior, as shown here), according to what I was told by Google on the issue tracker. They can even change it between simple updates to the OS.

So, here's what you have today:

Starting from Android 12 (API 31), you can use the new getPlatformPermissionsForGroup function.
On Android versions older than Android 10 (API 29 and below), you could use queryPermissionsByGroup.
On Android 10-11 (API 29-30), here are the methods:

The normal API (and the adb command of ./adb shell pm list permissions -s) won't work properly. It will put plenty of permissions into "UNDEFINED" group. The reason is that Google said it might be different across devices and OEMs
You can check on Android source code of these versions and hope that most devices use what's there. It used to be here, but the link is dead now. I think this one can give you the same information though (but you need to check on which Android version it's used for).
Another way to handle this is to make your own sample POC to check for each permission - which permission group it belongs to. You will do it by having all permissions declared in the manifest (get from the code below), and then request a bunch of permissions. If you get a single dialog, it means that what you've chosen belong to a single group, and you can continue testing more permissions into it and see if they belong too. If not, at least one of them belong to another group.

To filter by the permissions that are only in the system and/or of Android itself, you could use a condition that the package name of the permission has to start with "android" or that the permission group name should start with "android.permission-group." or that the protection level of the permission is PermissionInfo.PROTECTION_SIGNATURE . It depends on what you wish to filter by.

So, a simple function to list them for all Android versions:

enum class PermissionGroup constructor(@param:Permission @field:Permission val permissions: Array<String>) {
    //based on https://developer.android.com/reference/android/Manifest.permission_group.html, https://developer.android.com/guide/topics/permissions/requesting.html https://developer.android.com/reference/android/Manifest.permission
    // get all permissions and groups here: https://stackoverflow.com/a/51156191/878126 https://cs.android.com/android/platform/superproject/+/master:frameworks/base/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
    CALENDAR(arrayOf(permission.READ_CALENDAR, permission.WRITE_CALENDAR)),
    CAMERA(arrayOf(permission.CAMERA)),
    CONTACTS(arrayOf(permission.READ_CONTACTS, permission.WRITE_CONTACTS, permission.GET_ACCOUNTS)),
    LOCATION(sequenceOf(permission.ACCESS_COARSE_LOCATION, permission.ACCESS_FINE_LOCATION, if (VERSION.SDK_INT >= VERSION_CODES.Q) permission.ACCESS_BACKGROUND_LOCATION else null)
            .filterNotNull().asIterable().toList().toTypedArray()),
    MICROPHONE(arrayOf(permission.RECORD_AUDIO, "android.permission.RECORD_BACKGROUND_AUDIO")),
    PHONE(sequenceOf(permission.READ_PHONE_STATE, if (VERSION.SDK_INT >= VERSION_CODES.P) permission.ACCEPT_HANDOVER else null,
            permission.CALL_PHONE, permission.ADD_VOICEMAIL, permission.USE_SIP,
            if (VERSION.SDK_INT >= VERSION_CODES.O) permission.ANSWER_PHONE_CALLS else null, if (VERSION.SDK_INT < VERSION_CODES.P) permission.READ_CALL_LOG else null,
            if (VERSION.SDK_INT < VERSION_CODES.P) permission.WRITE_CALL_LOG else null, if (VERSION.SDK_INT < VERSION_CODES.P) permission.PROCESS_OUTGOING_CALLS else null,
            if (VERSION.SDK_INT >= VERSION_CODES.O) permission.READ_PHONE_NUMBERS else null).filterNotNull().asIterable().toList().toTypedArray()),
    SENSORS(sequenceOf(if (VERSION.SDK_INT >= VERSION_CODES.KITKAT_WATCH) permission.BODY_SENSORS else null,
            if (VERSION.SDK_INT >= VERSION_CODES.M && VERSION.SDK_INT < VERSION_CODES.P) permission.USE_FINGERPRINT else null, if (VERSION.SDK_INT >= VERSION_CODES.P) permission.USE_BIOMETRIC else null)
            .filterNotNull().asIterable().toList().toTypedArray()),
    SMS(sequenceOf(permission.SEND_SMS, permission.RECEIVE_SMS, permission.READ_SMS, permission.RECEIVE_WAP_PUSH, permission.RECEIVE_MMS,"android.permission.READ_CELL_BROADCASTS")
            .filterNotNull().asIterable().toList().toTypedArray()),

    STORAGE(sequenceOf(permission.READ_EXTERNAL_STORAGE, permission.WRITE_EXTERNAL_STORAGE, if (VERSION.SDK_INT >= VERSION_CODES.Q) permission.ACCESS_MEDIA_LOCATION else null)
            .filterNotNull().asIterable().toList().toTypedArray()),

    CALL_LOG(if (VERSION.SDK_INT >= VERSION_CODES.P)
        arrayOf(permission.READ_CALL_LOG, permission.WRITE_CALL_LOG, permission.PROCESS_OUTGOING_CALLS)
    else emptyArray()),

    ACTIVITY_RECOGNITION(if (VERSION.SDK_INT >= VERSION_CODES.Q) arrayOf(permission.ACTIVITY_RECOGNITION) else emptyArray()),

    NEARBY_DEVICES(if (VERSION.SDK_INT >= VERSION_CODES.S) arrayOf(permission.BLUETOOTH_CONNECT, permission.BLUETOOTH_ADVERTISE, permission.UWB_RANGING, permission.BLUETOOTH_SCAN) else emptyArray())
    ;

    @TargetApi(VERSION_CODES.S)
    @StringDef(permission.READ_CALENDAR, permission.WRITE_CALENDAR, permission.CAMERA, permission.READ_CONTACTS, permission.WRITE_CONTACTS,
            permission.GET_ACCOUNTS, permission.ACCEPT_HANDOVER, permission.ACCESS_COARSE_LOCATION, permission.ACCESS_FINE_LOCATION, permission.RECORD_AUDIO,
            permission.USE_BIOMETRIC, permission.READ_PHONE_STATE, permission.CALL_PHONE, permission.READ_CALL_LOG, permission.WRITE_CALL_LOG, permission.ADD_VOICEMAIL,
            permission.USE_SIP, permission.PROCESS_OUTGOING_CALLS, permission.BODY_SENSORS, permission.SEND_SMS, permission.RECEIVE_SMS, permission.READ_SMS, permission.RECEIVE_WAP_PUSH,
            permission.RECEIVE_MMS, permission.READ_EXTERNAL_STORAGE, permission.WRITE_EXTERNAL_STORAGE, permission.ANSWER_PHONE_CALLS, permission.ACTIVITY_RECOGNITION,
            permission.ACCESS_BACKGROUND_LOCATION, permission.ACCESS_MEDIA_LOCATION, "android.permission.RECORD_BACKGROUND_AUDIO",
            permission.BLUETOOTH_CONNECT, permission.BLUETOOTH_ADVERTISE, permission.UWB_RANGING, permission.BLUETOOTH_SCAN,"android.permission.READ_CELL_BROADCASTS"
    )
    @Retention(AnnotationRetention.SOURCE)
    annotation class Permission
}

And finding them:

fun checkPermissions() {
    var permissionsCount = 0
    when {
        Build.VERSION.SDK_INT >= Build.VERSION_CODES.S -> {
            val permissionGroups = packageManager.getAllPermissionGroups(0)
            var permissionsGroupsLeft = permissionGroups.size
            permissionGroups.forEach { permissionGroup: PermissionGroupInfo ->
                val permissionGroupName = permissionGroup.name
                if (!permissionGroupName.startsWith("android.permission-group.")) {
                    if (--permissionsGroupsLeft == 0) {
                        Log.d("AppLog", "total permissions (of all permissions groups) count:$permissionsCount")
                    }
                    return@forEach
                }
                packageManager.getPlatformPermissionsForGroup(permissionGroupName, mainExecutor) { groupPermissions ->
                    if (groupPermissions.isNotEmpty()) {
                        Log.d("AppLog", "permissionGroup:$permissionGroupName")
                        groupPermissions.forEach { permissionName ->
                            Log.d("AppLog", "\t\t$permissionName")
                            ++permissionsCount
                        }
                    }
                    if (--permissionsGroupsLeft == 0) {
                        Log.d("AppLog", "total permissions (of all permissions groups) count:$permissionsCount")
                    }
                }
            }
            return
        }
        Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q -> {
            Log.d("AppLog", "cannot use API to query permissions, so guessing it is similar to what we have found about it:")
            PermissionGroup.values().forEach { permissionGroup ->
                val permissions = permissionGroup.permissions
                if (permissions.isEmpty())
                    return@forEach
                Log.d("AppLog", "permissionGroup:${permissionGroup.name}")
                permissions.forEach { permissionName ->
                    Log.d("AppLog", "\t\t${permissionName}")
                    ++permissionsCount
                }
            }
        }
        else -> {
            val allPermissionGroups = packageManager.getAllPermissionGroups(0)
            allPermissionGroups.forEach { permissionGroup ->
                val permissionGroupName = permissionGroup.name
                if (!permissionGroupName.startsWith("android.permission-group."))
                    return@forEach
                val groupPermissions = packageManager.queryPermissionsByGroup(permissionGroupName, 0)
                if (groupPermissions.isEmpty())
                    return@forEach
                Log.d("AppLog", "permissionGroup:$permissionGroupName")
                for (permission in groupPermissions) {
                    val permissionName = permission.name
                    Log.d("AppLog", "\t\t${permissionName}")
                    ++permissionsCount
                }
            }
        }
    }
    Log.d("AppLog", "total permissions (of all permissions groups) count:$permissionsCount")
}

What a mess, nice summary! – TWiStErRob Jun 29 '23 at 15:21 — TWiStErRob, Jun 29 '23 at 15:21
Better not to assume too much. – android developer Jun 29 '23 at 21:12 — android developer, Jun 29 '23 at 21:12

Jared Rummler · Answer 8 · 2015-08-18T05:35:16.817

2

You can get all permissions on a device using the following code:

public static List<PermissionInfo> getAllPermissions(Context context) {
    PackageManager pm = context.getPackageManager();
    List<PermissionInfo> permissions = new ArrayList<>();

    List<PermissionGroupInfo> groupList = pm.getAllPermissionGroups(0);
    groupList.add(null); // ungrouped permissions

    for (PermissionGroupInfo permissionGroup : groupList) {
        String name = permissionGroup == null ? null : permissionGroup.name;
        try {
            permissions.addAll(pm.queryPermissionsByGroup(name, 0));
        } catch (PackageManager.NameNotFoundException ignored) {
        }
    }

    return permissions;
}

edited Aug 18 '15 at 05:35

answered Aug 18 '15 at 05:03

Jared Rummler

37,824
19
133
148

Seems it has issues on Android Q, and that the docs are weird about null being passed to queryPermissionsByGroup . Reported here: https://issuetracker.google.com/issues/138239135 , https://issuetracker.google.com/issues/138247524 – android developer Jul 24 '19 at 18:34
@androiddeveloper This behavior is intentional. See https://issuetracker.google.com/issues/139012029#comment8 – Muntashir Akon Jun 13 '20 at 14:31
1

@MuntashirAkon Yes, but still I don't get why. After all, it's just informational... – android developer Jun 13 '20 at 18:33
@androiddeveloper Me too. I mean you can get a list of installed apps using a single query and send them “home”, yet you can't get a complete list of permissions. That's absurd! – Muntashir Akon Jun 14 '20 at 08:52
You can't get a list of permissions? I thought just their groups, no? – android developer Jun 14 '20 at 12:49

score 2 · Answer 9 · answered Oct 03 '16 at 00:41

2

I know this is a late post, but this is more of a reference for people in the future who have the same question.

Here is a list of every single built-in permission in Android 7.0 (Nougat). However, it is possible to create your own permissions, so that list doesn't contain all of them out there.

Hope that helps :)

answered Oct 03 '16 at 00:41

Aaron Esau

1,083
3
15
31

1

No such thing as a "late" post :) – Kartik Chugh Nov 30 '17 at 22:40

score 0 · Answer 10 · answered Jan 05 '23 at 15:41

A short answer without going in detail to get all permissions:

adb shell pm list permissions lists permissions that comes with installed apps (false or true)
adb shell cmd appops get <package> lists permissions on user level per app (allow, deny, ignore)
adb shell dumpsys <package> lists permissions per app on system level (grant and revoke)

Where can I get a list of more Android permissions? (other than ...)

10 Answers10

Linked