Declare Permissions
To use most chrome.* APIs, your extension or app must declare its intent in the "permissions" field of the manifest. Each permission can be either one of a list of known strings (such as "geolocation") or a match pattern that gives access to one or more hosts. Permissions help to limit damage if your extension or app is compromised by malware. Some permissions are also displayed to users before installation, as detailed in Permission Warnings.
If an API requires you to declare a permission in the manifest, then its documentation tells you how to do so. For example, the Storage page shows you how to declare the "storage" permission.
Here's an example of the permissions part of a manifest file:
"permissions": [ "serial", "storage", "videoCapture" ],
The following table lists the currently available permissions:
| Permission | Description |
|---|---|
"[scheme]:[host]/*"
|
Specifies a host permission. Required if the extension or app wants to interact with the code running on pages. Many capabilities, such as cross-origin XMLHttpRequests, programmatically injected content scripts, and the extension's cookies API require host permissions. For details on the syntax, see Match Patterns. A path is allowed but treated as /*.
|
"adview"
|
Gives your app access to the chrome.adview API. |
"alarms"
|
Gives your app access to the chrome.alarms API. |
"audio"
|
Gives your app access to the chrome.audio API. |
"audioCapture"
|
Requests that the app be granted permissions to capture audio directly from the user's Microphone via the getUserMedia API. |
"automation"
|
Gives your app access to the chrome.automation API. |
"clipboardRead"
|
Required if the extension or app uses document.execCommand('paste').
|
"clipboardWrite"
|
Indicates the extension or app uses document.execCommand('copy') or document.execCommand('cut'). This permission is required for hosted apps; it's recommended for extensions and packaged apps.
|
"contextMenus"
|
Gives your app access to the chrome.contextMenus API. |
"desktopCapture"
|
Gives your app access to the chrome.desktopCapture API. |
"diagnostics"
|
Gives your app access to the chrome.diagnostics API. |
"dns"
|
Gives your app access to the chrome.dns API. |
"experimental"
|
Required if the extension or app uses any chrome.experimental.* APIs. |
"fileBrowserHandler"
|
Gives your app access to the chrome.fileBrowserHandler API. |
"fileSystem"
|
Gives your app access to the chrome.fileSystem API. |
"fileSystemProvider"
|
Gives your app access to the chrome.fileSystemProvider API. |
"gcm"
|
Gives your app access to the chrome.gcm API. |
"geolocation"
|
Allows the extension or app to use the proposed HTML5 geolocation API without prompting the user for permission. |
"hid"
|
Gives your app access to the chrome.hid API. |
"identity"
|
Gives your app access to the chrome.identity API. |
"idle"
|
Gives your app access to the chrome.idle API. |
"infobars"
|
Gives your app access to the chrome.infobars API. |
"location"
|
Gives your app access to the chrome.location API. |
"mediaGalleries"
|
Gives your app access to the chrome.mediaGalleries API. |
"notifications"
|
Gives your app access to the chrome.notifications API. |
"pointerLock"
|
Required to use Pointer Lock via calls to webkitRequestPointerLock or Pepper's Mouse Lock API. See Other APIs for behavior differences.
|
"power"
|
Gives your app access to the chrome.power API. |
"pushMessaging"
|
Gives your app access to the chrome.pushMessaging API. |
"serial"
|
Gives your app access to the chrome.serial API. |
"signedInDevices"
|
Gives your app access to the chrome.signedInDevices API. |
"socket"
|
Gives your app access to the chrome.socket API. |
"storage"
|
Gives your app access to the chrome.storage API. |
"syncFileSystem"
|
Gives your app access to the chrome.syncFileSystem API. |
"system.cpu"
|
Gives your app access to the chrome.system.cpu API. |
"system.display"
|
Gives your app access to the chrome.system.display API. |
"system.memory"
|
Gives your app access to the chrome.system.memory API. |
"system.network"
|
Gives your app access to the chrome.system.network API. |
"system.storage"
|
Gives your app access to the chrome.system.storage API. |
"tts"
|
Gives your app access to the chrome.tts API. |
"unlimitedStorage"
|
Provides an unlimited quota for storing HTML5 client-side data, such as databases and local storage files. Without this permission, the extension or app is limited to 5 MB of local storage.
Note: This permission applies only to Web SQL Database and application cache (see issue 58985). Also, it doesn't currently work with wildcard subdomains such as |
"usb"
|
Gives your app access to the chrome.usb API. |
"videoCapture"
|
Requests that the app be granted permissions to capture video directly from the user's Web Cam via the getUserMedia API. |
"wallpaper"
|
Gives your app access to the chrome.wallpaper API. |
"webview"
|
Gives your app access to the chrome.webview API. |