Permissions for MDM Applications

The following permissions are available only to Mobile Device Management (MDM) applications.

ohos.permission.ENTERPRISE_GET_DEVICE_INFO

Allows an application to activate a device administrator application.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_GET_NETWORK_INFO

Allows a device administrator application to query network information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_INSTALL_BUNDLE

Allows a device administrator application to install and uninstall applications.

Permission level: system_core

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_MANAGE_SET_APP_RUNNING_POLICY

Allows a device administrator application to set application running policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_RESET_DEVICE

Allows a device administrator application to restore devices' factory settings.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY

Allows a device administrator application to set account management policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_BUNDLE_INSTALL_POLICY

Allows a device administrator application to set bundle installation policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_DATETIME

Allows a device administrator application to set the system time.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 9

ohos.permission.ENTERPRISE_SET_NETWORK

Allows a device administrator application to set network information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_WIFI

Allows a device administrator application to set and query Wi-Fi information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SUBSCRIBE_MANAGED_EVENT

Allows a device administrator application to subscribe to management events.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 9

ohos.permission.ENTERPRISE_RESTRICT_POLICY

Allows a device administrator application to deliver and obtain restriction policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_SCREENOFF_TIME

Allows the device administrator application to set the screen off time.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_MANAGE_USB

Allows a device administrator application to manage the USB.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_MANAGE_NETWORK

Allows a device administrator application to manage the network.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_MANAGE_CERTIFICATE

Allows a device administrator application to manage certificates.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_GET_SETTINGS

Allows a device administrator application to obtain the Settings application data.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.INSTALL_ENTERPRISE_MDM_BUNDLE

Allows an enterprise MDM bundle to be installed on enterprise devices.

Permission level: system_core

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.INSTALL_SELF_BUNDLE

Allows automatic updates of the enterprise MDM applications on enterprise devices.

Permission level: system_core

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_SET_BROWSER_POLICY

Allows the device to set or cancel browser policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.SET_ENTERPRISE_INFO

Allows a device administrator application to set enterprise information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 9

ohos.permission.SET_FILE_GUARD_POLICY

Allows an application to update the file guard policy.

Permission level: system_core

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.FILE_GUARD_MANAGER

Allows an application to scan user directories and set file extended properties.

Permission level: system_core

Authorization mode: system_grant

Enable via ACL: true

Valid since: 10

ohos.permission.ENTERPRISE_MANAGE_SECURITY

Allows a device administrator application to set security management policies for devices.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_BLUETOOTH

Allows a device administrator application to set and obtain Bluetooth information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_SYSTEM

Allows a device administrator application to manage system parameters.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_WIFI

Allows a device administrator application to set and obtain Wi-Fi information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS

Allows a device administrator application to manage restriction policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_APPLICATION

Allows a device administrator application to manage application policies.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_LOCATION

Allows a device administrator application to set and obtain location information.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_REBOOT

Allows a device administrator application to shut down and restart devices.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_LOCK_DEVICE

Allows a device administrator application to lock devices.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11

ohos.permission.ENTERPRISE_MANAGE_SETTINGS

Allows a device administrator application to manage settings.

Permission level: system_basic

Authorization mode: system_grant

Enable via ACL: true

Valid since: 11