Declare permissions for your app

Permission requests are evaluated during the release process after adding your Android App Bundle. If your app requests the use of high-risk or sensitive permissions (for example, SMS or Call Log), you may be required to complete the Permissions Declaration Form and receive approval from Google Play.

About the process

The Permissions Declaration Form is displayed during the release process if the app includes an app bundle that requests permissions for which a Permissions Declaration has not been provided to Google Play.

If you have an active app bundle that requires a Permissions Declaration, including releases on the Open, Closed, or Internal test tracks, an alert is displayed on the left menu under App Content. You cannot publish any changes to your app, including changes to your Store Presence (for example, Store Listing, Pricing, and Distribution) until you address this alert by creating a release that includes a Permissions Declaration or removes the permissions.

Consider deactivating any Open, Closed, or Internal testing tracks that are not currently in use if they are not compliant with this policy.

If you publish apps using the Google Play Developer Publishing API, consult these special instructions.

Complete the Permissions Declaration Form

 

Step 1: Evaluate requested permissions

If applicable, you will find a history of previously declared permissions, as well as newly requested permissions in an expandable list under the "Permissions Declaration Form" section of the App content page.

  • Permissions with a checkmark have been declared in previous releases.

  • Permissions with an alert are newly added. These permission requests will be included in your declaration form for review by the Google Play team and evaluated against the published guidelines.
If you see permissions requested in the newly requested permissions list that you don't plan to include in your Permissions Declaration Form, you should remove that app bundle or APK and upload a new app bundle with the proper set of permissions requested before proceeding.

 

Step 2: Specify your app's core functionality

You must specify your app's core functionality from the list of supported use cases. Select all checkboxes that apply to your app's core functionality.

Step 3: Provide instructions for app review

Once you submit your Permissions Declaration Form, the Google Play team reviews your app's core functionality to ensure that the permissions requested are required for a supported use case. 
If specific instructions are required to demonstrate this core functionality, you may include those instructions in this section.

Step 4: Provide a video demonstration of your app

You must provide a video demonstration so the Google Play review team can easily evaluate your app's core functionality.

Supported video formats: YouTube link (preferred), cloud storage link to an mp4 or other common video file format

Step 5: Provide instructions for accessing restricted app content

If your app's core functionality is restricted to signed-in users, you must provide instructions to access that restricted content. The Google Play review team will use these instructions to evaluate the restricted functionality.

If your app requires sign in, select All or some functionality is restricted and provide a valid test username or phone number, password, and any other instructions necessary for accessing the restricted app content.

Only provide account credentials specifically used for testing. Do not provide any production user's credentials.
Otherwise, select All functionality is available without special access to proceed without providing test credentials.

Step 6: (Multi-APK only) Request an exception for old APKs 

Note: This field will only appear if you use a multi-APK configuration for your releases and one of the APK variants requests permission to use Call Log or SMS data.

You can file an exception in circumstances where your multi-APK configuration uses old APKs that you can no longer make code changes to. Consult the requirements for this exception before proceeding. Consult the requirements for this exception before proceeding–reference the Use of SMS or Call Log permission groups and Requesting access to location in the background articles for more information.

Any APKs that don't meet the requirements must be deactivated to be compliant with the Permissions policy.

If you qualify for this exception, enter the version code(s), separated by commas, in the APK Exceptions field. 

Step 7: Confirm your declaration

Select the corresponding checkboxes to confirm that the details of your declaration are accurate and that you agree to the terms of the appropriate use of the declared permissions.

Prepare and roll out your release

Once you've completed all required steps of the Permissions Declaration Form, complete the remaining steps to prepare your app for review and prepare and roll out your release.

Permissions review process

When you complete the Permissions Declaration Form and roll out your release, your app will be subject to an extended review by the Google Play team. Your request may require up to several weeks to process. During this time, your new app or app update will be in a pending publication status until your request is reviewed. Your app will also be subject to the standard compliance review against Google Play's Developer Program Policies.

If you override your pending publication with a new release, you may see additional delays to the review process. If you need to urgently release an app update, you must remove the high-risk or sensitive permissions from your app bundle and roll out a new release. This new release would only be reviewed for standard compliance with policies, and be published within several hours.

If your app is not compliant with the Permissions policy, the Google Play team will send an email with the results of the review to the Account Owner and Contact email address on your developer account. If your request is approved and your app is compliant with the Developer Program policies, your new app or update will automatically be published to Google Play.

Special instructions for Google Play Developer Publishing API users

If you roll out a release using the Google Play Developer Publishing API and Google Play has not previously approved your app bundle use of high-risk or sensitive permissions, you will receive an error.

To continue managing releases using the Publishing API, you must either remove any high-risk or sensitive permission requests from your app and create a new release with the revised app bundle. You can also prepare and roll out your release using the Play Console web UI by following these steps:

  1. Upload your app bundle with high-risk or sensitive permissions requested

  2. Complete the Permissions Declaration Form as above

  3. Complete the rollout of the release using the Play Console web UI

Once your Permission Declaration has been approved and your app has been approved for policy compliance, your release will be published and you can once again use the Publishing API to manage your releases. Otherwise, the Google Play team will notify you if your Permissions Declaration request has been rejected and provide any additional information.

Note: Whenever your app requests any new permissions, you will be required to use the UI to complete a revised Permissions Declaration Form specifically addressing the newly requested permissions.

Related content

  • Learn more about Play Console permissions in Play Academy.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu