Permissions for MDM Applications
The following permissions are available only to Mobile Device Management (MDM) applications.
ohos.permission.ENTERPRISE_GET_DEVICE_INFO
Allows an application to activate a device administrator application.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_GET_NETWORK_INFO
Allows a device administrator application to query network information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_INSTALL_BUNDLE
Allows a device administrator application to install and uninstall applications.
Permission level: system_core
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_MANAGE_SET_APP_RUNNING_POLICY
Allows a device administrator application to set application running policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_RESET_DEVICE
Allows a device administrator application to restore devices' factory settings.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
Allows a device administrator application to set account management policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_BUNDLE_INSTALL_POLICY
Allows a device administrator application to set bundle installation policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_DATETIME
Allows a device administrator application to set the system time.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 9
ohos.permission.ENTERPRISE_SET_NETWORK
Allows a device administrator application to set network information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_WIFI
Allows a device administrator application to set and query Wi-Fi information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SUBSCRIBE_MANAGED_EVENT
Allows a device administrator application to subscribe to management events.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 9
ohos.permission.ENTERPRISE_RESTRICT_POLICY
Allows a device administrator application to deliver and obtain restriction policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_SCREENOFF_TIME
Allows the device administrator application to set the screen off time.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_MANAGE_USB
Allows a device administrator application to manage the USB.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_MANAGE_NETWORK
Allows a device administrator application to manage the network.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_MANAGE_CERTIFICATE
Allows a device administrator application to manage certificates.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_GET_SETTINGS
Allows a device administrator application to obtain the Settings application data.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.INSTALL_ENTERPRISE_MDM_BUNDLE
Allows an enterprise MDM bundle to be installed on enterprise devices.
Permission level: system_core
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.INSTALL_SELF_BUNDLE
Allows automatic updates of the enterprise MDM applications on enterprise devices.
Permission level: system_core
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_SET_BROWSER_POLICY
Allows the device to set or cancel browser policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.SET_ENTERPRISE_INFO
Allows a device administrator application to set enterprise information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 9
ohos.permission.SET_FILE_GUARD_POLICY
Allows an application to update the file guard policy.
Permission level: system_core
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.FILE_GUARD_MANAGER
Allows an application to scan user directories and set file extended properties.
Permission level: system_core
Authorization mode: system_grant
Enable via ACL: true
Valid since: 10
ohos.permission.ENTERPRISE_MANAGE_SECURITY
Allows a device administrator application to set security management policies for devices.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_BLUETOOTH
Allows a device administrator application to set and obtain Bluetooth information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_SYSTEM
Allows a device administrator application to manage system parameters.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_WIFI
Allows a device administrator application to set and obtain Wi-Fi information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_RESTRICTIONS
Allows a device administrator application to manage restriction policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_APPLICATION
Allows a device administrator application to manage application policies.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_LOCATION
Allows a device administrator application to set and obtain location information.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_REBOOT
Allows a device administrator application to shut down and restart devices.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_LOCK_DEVICE
Allows a device administrator application to lock devices.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11
ohos.permission.ENTERPRISE_MANAGE_SETTINGS
Allows a device administrator application to manage settings.
Permission level: system_basic
Authorization mode: system_grant
Enable via ACL: true
Valid since: 11