Permissions API
Baseline 2022
Newly available
Since September 2022, this feature works across the latest devices and browser versions. This feature might not work in older devices or browsers.
Note: This feature is available in Web Workers.
The Permissions API provides a consistent programmatic way to query the status of API permissions attributed to the current context. For example, the Permissions API can be used to determine if permission to access a particular API has been granted or denied, or requires specific user permission.
Note that the permissions from this API effectively aggregate all security restrictions for the context, including any requirement for an API to be used in a secure context, Permissions-Policy restrictions applied to the document, and user prompts.
So, for example, if an API is restricted by permissions policy, the returned permission would be denied and the user would not be prompted for access.
Concepts and usage
Historically different APIs handle their own permissions inconsistently — for example the Notifications API provided its own methods for requesting permissions and checking permission status, whereas the Geolocation API did not. The Permissions API provides the tools to allow developers to implement a consistent and better user experience for working with permissions.
The permissions property has been made available on the Navigator object, both in the standard browsing context and the worker context (WorkerNavigator — so permission checks are available inside workers), and returns a Permissions object that provides access to the Permissions API functionality.
Once you have this object you can then use the Permissions.query() method to return a promise that resolves with the PermissionStatus for a specific API.
Note that if the status is prompt the user must acknowledge a prompt before accessing the feature, and that the mechanism for launching this prompt will depend on the specific API — it is not defined as part of the Permissions API.
Permission-aware APIs
Not all APIs' permission statuses can be queried using the Permissions API. A non-exhaustive list of permission-aware APIs includes:
- Background Synchronization API:
background-sync(should always be granted) - Compute Pressure API:
compute-pressure - Geolocation API:
geolocation - Local Font Access API:
local-fonts - Media Capture and Streams API:
microphone,camera - Notifications API:
notifications - Payment Handler API:
payment-handler - Push API:
push - Screen Wake Lock API:
screen-wake-lock - Sensor APIs:
accelerometer,gyroscope,magnetometer,ambient-light-sensor - Storage Access API:
storage-access,top-level-storage-access - Storage API:
persistent-storage - Web MIDI API:
midi - Window Management API:
window-management
Examples
We have created a simple example called Location Finder. You can run the example live, or view the source code on GitHub.
Read more about how it works in our article Using the Permissions API.
Interfaces
Permissions-
Provides the core Permission API functionality, such as methods for querying and revoking permissions.
PermissionStatus-
Provides access to the current status of a permission, and an event handler to respond to changes in permission status.
Extensions to other interfaces
-
Provides access to the
Permissionsobject from the main context and worker context respectively.
Specifications
| Specification |
|---|
| Permissions |
Browser compatibility
api.Permissions
BCD tables only load in the browser
api.Navigator.permissions
BCD tables only load in the browser
api.WorkerNavigator.permissions
BCD tables only load in the browser