One Time Permissions Android 11

Starting in Android 11, whenever your application requests permission related to location, microphone, or camera, the permissions dialog will contain an additional option called Only this time.

If the user selects the Only this time option in the dialog, your application is granted temporary one-time permission. Temporary permission means that the OS would automatically revoke permission under certain conditions.

As mentioned in the documentation the application can access the related data for a period of time and that is dependent on the user’s actions or behavior.

• While your app’s activity is visible, your app can access the data.
• If the user sends your app to the background, your app can continue to access the data for a short period of time.
• If you launch a foreground service while the activity is visible, and the user then moves your app to the background, your app can continue to access the data until that foreground service stops.
• If the user revokes the one-time permission, such as in system settings, your app cannot access the data, regardless of whether you launched a foreground service. As with any permission, if the user revokes your app’s one-time permission, your app’s process terminates.

While the documentation covers quite a few scenarios, but there are questions that arise. Listing a few below

• What is the short period of time exactly?
• What happens when the user is switching between applications?
• Should the application ask for the one-time permission every time the application comes to the foreground?
• Can an application register for a callback/broadcast to know the permission has been revoked by the system?

To get answers for the above questions and many more which one could have we need to understand how one-time permissions work under the hood.

Under the hood

Internally the Android OS maintains the permission access at a process level. Once a user gives one-time permission to the application it is not revoked until and unless the process is killed. So if the user is switching between applications the permission for the background application isn’t revoked until and unless the application’s background process is killed.

Once the operating system decides that the one-time permission should be revoked for the application, not only does it revoke data access guarded by the specific permission it also kills the application process and removes it from memory.

For revoking the permission the exact in-activity time period isn’t defined or rather revealed. This would probably be defined based on the user’s behavior.

What does it mean for developers?

Historically applications are expected to handle permissions on application launch i.e. request permission if required whenever the application is launched given that users always had an option to navigate to Settings and revoke permissions granted to the application. If the scenario is already handled in your application nothing additional would be required by the application to handle one-time permission specifically.