Permissions that grant access to sensitive user data or device features. These require explicit user consent at runtime and can be revoked by the user at any time. Examples include accessing location, camera, or contacts.
Low-risk permissions that grant access to isolated application-level features with minimal privacy risk. These are automatically granted at install time without user approval.
Permissions granted only if the requesting app is signed with the same certificate as the app that declared the permission. No user approval required.
Deprecated protection level. Granted only to apps signed with the same certificate as the declaring app or system apps in the Android system image.
Permission is granted to apps installed in the privileged partition of the system image (e.g., /system/priv-app). These apps have elevated privileges beyond regular system apps.
Permission can be granted to apps for development purposes. Typically used during app testing and debugging phases.
Permission is associated with an app operation that can be tracked and controlled through the App Ops framework, allowing fine-grained runtime control.
Permission was granted automatically to apps targeting API level 22 or lower (Android 5.1 and below) without runtime prompts.
Permission is granted to the package installer application, which handles app installation and updates on the device.
Permission is granted to package verifier applications that validate app authenticity and security before installation.
Permission is granted only to apps that were pre-installed on the device at manufacturing time.
Permission is granted to the device setup wizard or provisioning applications used during initial device configuration.
Permission is available to instant apps (apps that run without full installation), subject to instant app restrictions.
Permission can only be granted at runtime and cannot be granted during app installation, even for pre-granted permissions.
Permission is granted to apps signed by the device manufacturer (OEM), allowing vendor-specific functionality.
Permission is granted to privileged vendor apps located in the vendor partition of the system image.
Permission is granted to the designated system text classifier service that provides text analysis features.
Permission is granted to the digital wellbeing application that monitors and manages device usage patterns.
Permission is granted to the system app responsible for document management and handling.
Permission is granted to device configuration applications used in enterprise or managed device scenarios.
Permission is granted to apps that can approve the collection and sharing of incident reports for debugging purposes.
Permission is granted to the system app predictor service that suggests apps based on user behavior and context.
Permission is granted to retail demo mode applications used in store displays and demonstrations.
The permission has been granted to the application and is currently active.
The permission has been explicitly denied or revoked by the user or system.
The grant state of the permission cannot be determined or is in an indeterminate state.
The permission state was explicitly set by the user through settings or runtime prompts.
The permission state has been fixed by the user and cannot be changed by the app or system automatically.
The permission state is fixed by device policy (e.g., enterprise MDM) and cannot be changed by the user or app.
The permission will be automatically revoked when the app is upgraded to a newer version.
The permission state is fixed by the system and cannot be altered by users, apps, or policies.
The permission was granted automatically by default during installation based on system configuration or policy.