Permissions API
The Permissions API provides a consistent programmatic way to query the status of API permissions attributed to the current context. For example, the Permissions API can be used to determine if permission to access a particular API has been granted or denied, or requires specific user permission.
Note that the permissions from this API effectively aggregate all security restrictions for the context, including any requirement for an API to be used in a secure context, Permissions-Policy restrictions applied to the document, and user prompts.
So, for example, if an API is restricted by permissions policy, the returned permission would be denied and the user would not be prompted for access.
Note: This feature is available in Web Workers on platforms that support the WorkerNavigator.permissions property.
Concepts and usage
Historically different APIs handle their own permissions inconsistently — for example the Notifications API provided its own methods for requesting permissions and checking permission status, whereas the Geolocation API did not. The Permissions API provides the tools to allow developers to implement a consistent and better user experience for working with permissions.
The permissions property has been made available on the Navigator object, both in the standard browsing context and the worker context (WorkerNavigator — so permission checks are available inside workers), and returns a Permissions object that provides access to the Permissions API functionality.
Once you have this object you can then perform permission-related tasks, for example querying a permission using the Permissions.query() method to return a promise that resolves with the PermissionStatus for a specific API.
Permission-aware APIs
Not all APIs' permission statuses can be queried using the Permissions API. A non-exhaustive list of permission-aware APIs includes:
- Background Synchronization API:
background-sync(should always be granted) - Clipboard API:
clipboard-read,clipboard-write - Geolocation API:
geolocation - Local Font Access API
- Media Capture and Streams API:
microphone,camera - Notifications API:
notifications - Payment Handler API:
payment-handler - Push API:
push - Sensor APIs:
accelerometer,gyroscope,magnetometer,ambient-light-sensor - Storage Access API:
storage-access - Storage API:
persistent-storage - Web Audio Output Devices API:
speaker-selection - Web MIDI API:
midi - Window Management API:
window-management
Examples
We have made a simple example available called Location Finder. You can run the example live, or view the source code on GitHub.
Read more about how it works in our article Using the Permissions API.
Interfaces
-
Provides access to the
Permissionsobject from the main context and worker context respectively. Permissions-
Provides the core Permission API functionality, such as methods for querying and revoking permissions.
PermissionStatus-
Provides access to the current status of a permission, and an event handler to respond to changes in permission status.
Specifications
| Specification |
|---|
| Permissions # permissions-interface |
| Permissions # dom-navigator-permissions |
| Permissions # dom-workernavigator-permissions |
Browser compatibility
api.Permissions
BCD tables only load in the browser
api.Navigator.permissions
BCD tables only load in the browser
api.WorkerNavigator.permissions
BCD tables only load in the browser