Apps should clarify why each permission request is needed, either through the feature name or an explanation provided.
Runtime permissions are requested at the moment a user needs to perform an action in an app.
Denied permissions should provide feedback and options.
Educate before asking
Ask up-front
Ask in context
Educate in context
Provide an immediate benefit
Only ask for relevant permissions
Permissions are divided into nine groups, allowing users to grant all permissions encompassed by a single action. For instance, granting permission to Contacts includes the ability to both view and edit Contacts.
Permission | Description |
Calendar | Managing calendars |
Camera | Taking photos and recording videos |
Contacts | Managing contacts |
Location | Current device location |
Microphone | Audio recording |
Phone | Dialing and managing phone calls |
Body Sensors | Heart rate and similar data |
SMS | Sending and viewing messages |
Storage | Accessing photos, media, and files |
A user may perform an action that demonstrates clear intent, such as:
In these cases, the user’s action clearly demonstrates their intent, and no permission dialog is needed or authorized.
Using intents to request actions from apps
Apps may request permission to access information or use device capabilities at any time after installation. When a user needs to perform an action in an app, such as using the device camera, the app may request permission at that moment.
Users may also allow or deny the permissions of any app from Android Settings anytime after installation.
Example of an app requesting permission
App permissions that users believe are relevant to the app’s function are more likely to be granted. The following request patterns will help you decide when and how to request permissions, based on:
Critical permissions should be requested up-front. Secondary permissions may be requested in-context.
In both cases, permissions that are less clear should provide education about what the permission involves.
If your app has a “warm welcome,” use it to explain what your app does and why unexpected permissions will be requested.
Only ask for critical and obvious permissions on first launch. Because users expect a messaging app to request SMS permissions, requesting it up-front makes sense.
For non-critical permissions, wait until a feature is invoked to request permission. Users are more likely to allow a permission when they want to use the feature it enables.
Non-critical permissions that are less intuitive may benefit from being explained in context. Doing so improves users’ comprehension of the permission.
Provide instant gratification to make accepting a permission feel justified.
When more than one permission is needed for a feature to work, ask for those permissions only and nothing extra.
Provide feedback whenever a permission is denied. Because denying permissions may prevent a feature from working as intended, whenever a permission is denied it should be explained to the user.
Permission denials occur in one of two ways:
To ensure that features requiring permission always behave as intended, the app should state that permission is needed and provide a way to allow it.
A snackbar displays the need for permission in order to use an audio feature.
If the app can no longer run because a critical permission has been denied, explain why that permission must be allowed and offer a button to open Settings so the user can allow it.
A screen explains that a permission is needed for an app to function, with a link to allow that permission in Settings.
