Introduction
This article explains the parameters that allow specific runtime permissions to be automatically granted to trusted applications on Amino H-series devices. This feature improves the deployment experience by removing permission prompts during app installation.
Prerequisites
This article assumes you are working with Amino H-series devices, running firmware version 25.6.2540.10R or later, and deploying Android apps that require runtime permissions, using either Orchestrate or USB-based provisioning.
Summary
Six new INI parameters have been introduced to pre-authorize specific permissions requested by Android apps:
permission.contactspermission.device_storagepermission.device_locationpermission.microphonepermission.camerapermission.display_over_other_apps
These permissions are granted based on a match between the app’s package ID and its SHA-256 signature hash, ensuring that only trusted applications receive the specified permissions.
INI format
To automatically grant a permission to trusted apps, add a line like this to one or more apps:
permission.camera=com.example.app1:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef, com.example.app2:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890
The key is the permission you want to grant, such as permission.camera, permission.microphone, or permission.device_location.
The value consists of one or more entries in the format app_id: SHA-256 signature hash, separated by commas.
Permissions are applied when the app is installed, without requiring a reboot. To revoke a permission, simply uninstall the app.
If any signature hash in the list does not match an app, the permission will still apply to the matching ones. The system validates both the package_id and the signature hash before applying the permission.
Reference
None.