How to build a great Windows 8 app Step 8: Protect the user, tell them what your app can do!

  • Article

For the security of your users, your app must declare what devices and features it will use.

As an app user, I wouldn’t want to be playing a video game only to discover afterwards that the app had been taking video footage of me during the game without my permission. I also wouldn’t want to use a social media app that started accessing pictures from my library without my permission. That is why when you create an app for the store you must edit the App Manifest file and specify the capabilities of your application. This provides the user with disclosure of capabilities and libraries the app you are installing may choose to access.

The app manifest file is a XAML file, but rather than edit the XAML directly, we use the app manifest designer. To open the app manifest designer, go to Solution Explorer and double click on the file called Package.appxmanifest. We specify the features and devices our app wishes to access on the capabilities tab.App manifest capabilities

When you select a particular capability, you allow the app to request access to that feature or device.

TIP: Keep in mind when you access users information your app will require a privacy policy that explains to your users how the information you access will be used.

TIP: Many of these capabilities do not need to be declared if you use the File Picker to access files on the user’s device. If you use the File Picker control then the user is directly involved in selecting the music, picture, video, or file that you are accessing so they are fully aware of the fact your app is accessing content.

Here is a summary of the different capabilities you can set. For a complete description visit the app manifest documentation on MSDN

  • Documents Library – indicates your app can add, change or delete files in the users documents library programmatically. You can specify the types of files you will be accessing (e.g. .docx) by specifying File Type Association.
  • Enterprise Authentication – indicates your app will use windows domain credentials to allow the user to log in to remote resources using their credentials. This is usually used in line of business apps which connect to servers within an enterprise.
  • Private Networks (Client & Server) – indicates your app provides inbound and outbound access to home and work networks through the firewall. This is often used for apps that share data across different devices.
  • Internet (Client & Server) – indicates your app provides inbound and outbound access through the firewall to the Internet and public networks.
  • Internet (Client) – indicates your app provides outbound access through the firewall to the internet and public networks.
  • Location – indicates your app provides access to location functionality which you get from dedicated hardware like a GPS sensor or is derived from network information. This is often used for apps that detect the “nearest” restaurant, or for running apps that track your route and mileage.
  • Microphone – indicates your app accesses the microphone audio feed.
  • Music Library – indicates your app programmatically accesses the users Music library.
  • Pictures Library – indicates your app programmatically accesses the users Pictures library.
  • Proximity – indicates your app enables devices in close proximity to communicate (e.g. Bluetooth). This capability is used to initiate communication between the devices.
  • Removable Storage – indicates your app programmatically accesses files in removable storage such as hard drives and USB keys. You can specify the types of files you will be accessing (e.g. .docx) by specifying File Type Association.
  • Shared User-Certificates – indicates your app accesses software and hardware certificates, such as certificates stored on a smart card for validating a user’s identity
  • Videos Library – indicates your app programmatically accesses the users Videos Library.
  • Webcam – indicates your app accesses the webcam’s video feed. The Webcam capability grants only access to the video stream, to grant access to the audio the Microphone capability must be added.

Don’t forget when you are finished your app you can publish it and get rewards through the Developer Movement.