# Android Permissions

Android requires additional permissions declared in the manifest for an app to run a BLE scan since API 23 (6.0 / Marshmallow) and perform a Bluetooth Low Energy connection since API 31 (Android 12). These permissions currently assume scanning is only used when the App is in the foreground, and that the App wants to derive the user's location from Bluetooth Low Energy signal (on API >= 23). Below are a number of additions you can make to your `AndroidManifext.xml` for your specific use case.

### **Location permission for Bluetooth Low Energy Scanning**

Bridgefy uses the `uses-permission-sdk-23` tag to require location only on APIs >= 23, you can request the required permissions by adding the following to your `AndroidManifest.xml`:

```xml
<uses-permission-sdk-23 android:name="android.permission.ACCESS_COARSE_LOCATION"
    android:maxSdkVersion="30"
    tools:node="replace" />
    o
<uses-permission-sdk-23 android:name="android.permission.ACCESS_FINE_LOCATION"
    android:maxSdkVersion="32"
    tools:node="replace" />
```

**Scan in the background and support APIs 29 & 32**

You should add the following to your `AndroidManifest.xml`:

```xml
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION"
    android:maxSdkVersion="32" />
```

If you want to access the user's location in the background on APIs > 30, remove the `android:maxSdkVersion` attribute.

### **Location from BLE scanning in API >= 31**

API 31 (Android 12) introduced new Bluetooth permissions. Bridgefy uses the `android:usesPermissionFlags="neverForLocation"` attribute on the `BLUETOOTH_SCAN` permission, which indicates scanning will not be used to derive the user's location, so location permissions are not required. If you need to locate the user with BLE scanning, use this instead, but keep in mind that you will still need `ACCESS_FINE_LOCATION`:

```xml
<uses-permission android:name="android.permission.BLUETOOTH_SCAN" tools:node="replace" />
```

### **Connect peripherals**

You add the `BLUETOOTH_CONNECT` permission that Bridgefy requests in APIs >= 31:

```xml
<uses-permission android:name="android.permission.BLUETOOTH_CONNECT" />
```

### Summary of available permissions

**Required permissions**

A summary of available runtime permissions used for BLE:

<table><thead><tr><th width="117.33333333333331" align="center">from API</th><th width="165" align="center">to API (inclusive)</th><th>Acceptable runtime permissions</th></tr></thead><tbody><tr><td align="center">18</td><td align="center">22</td><td>(No runtime permissions needed)</td></tr><tr><td align="center">23</td><td align="center">28</td><td>One of below:<br>- <code>android.permission.ACCESS_COARSE_LOCATION</code><br>- <code>android.permission.ACCESS_FINE_LOCATION</code></td></tr><tr><td align="center">29</td><td align="center">30</td><td>- <code>android.permission.ACCESS_FINE_LOCATION</code><br>- <code>android.permission.ACCESS_BACKGROUND_LOCATION</code>*</td></tr><tr><td align="center">31</td><td align="center">current</td><td>- <code>android.permission.ACCESS_FINE_LOCATION</code>**<br>- <code>android.permission.BLUETOOTH_SCAN</code><br>- <code>android.permission.BLUETOOTH_ADVERTISE</code><br>- <code>android.permission.BLUETOOTH_CONNECT</code></td></tr></tbody></table>

* Needed if [scan is performed in background](https://developer.android.com/about/versions/10/privacy/changes#app-access-device-location)