App capability declarations

Capabilities must be declared in your Universal Windows Platform (UWP) app's package manifest to access certain API or resources like pictures, music, or devices such as the camera or the microphone.

You request access to specific resources or API by declaring capabilities in your app's package manifest. You can declare general capabilities by using the Manifest Designer in Microsoft Visual Studio, or you can add them manually. For more information, see How to specify capabilities in a package manifest. It is important to know that when customers get your app from the Store, they're notified of all the capabilities that the app declares. Avoid declaring capabilities that your app doesn't need.

Some capabilities provide apps with access to a sensitive resource. These resources are considered sensitive because they can access the user's personal data or cost the user money. Privacy settings, managed by the Settings app, let the user dynamically control access to sensitive resources. Thus, it's important that your app doesn't assume a sensitive resource is always available. For more info about accessing sensitive resources, see Guidelines for privacy-aware apps. Capabilities that provide apps with access to a sensitive resource are annotated by an asterisk (*) next to the capability scenario.

There are several types of capabilities.

General-use capabilities

General-use capabilities apply to the most common app scenarios.

Capability scenario Capability usage
Music* The musicLibrary capability provides programmatic access to the user's Music, allowing the app to enumerate and access all files in the library without user interaction. This capability is typically used in jukebox apps that make use of the entire Music library.

The file picker provides a robust UI mechanism that lets users open files for use with an app. Declare the musicLibrary capability only when the scenarios for your app require programmatic access and can't be realized by using the file picker.

The musicLibrary capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="musicLibrary"/></Capabilities>
Pictures* The picturesLibrary capability provides programmatic access to the user's Pictures, allowing the app to enumerate and access all files in the library without user interaction. This capability is typically used in photo apps that make use of the entire Pictures library.

The file picker provides a robust UI mechanism that lets users open files for use with an app. Declare the picturesLibrary capability only when the scenarios for your app require programmatic access and can't be realized them by using the file picker.

The picturesLibrary capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="picturesLibrary"/></Capabilities>
Videos* The videosLibrary capability provides programmatic access to the user's Videos, allowing the app to enumerate and access all files in the library without user interaction. This capability is typically used in movie-playback apps that make use of the entire Videos library.

The file picker provides a robust UI mechanism that lets users open files for use with an app. Declare the videosLibrary capability only when the scenarios for your app require programmatic access and can't be realized by using the file picker.

The videosLibrary capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="videosLibrary"/></Capabilities>
Removable Storage The removableStorage capability provides programmatic access to files on removable storage, like USB keys and external hard drives, filtered to the file-type associations declared in the package manifest. For example, if a document-reader app declares a .doc file-type association, it can open .doc files on the removable storage device, but not other types of files. Be careful when you declare this capability, because users may include a variety of info in their removable storage devices, and will expect your app to provide a valid justification for programmatic access to the removable storage for all files of the declared type.

Users will expect your app to handle any file associations that you declare. So don't declare file associations that your app cannot handle responsibly. The file picker provides a robust UI mechanism that lets users open files for use with an app.

Declare the removableStorage capability only when the scenarios for your app require programmatic access and can't be realized by using the file picker.

The removableStorage capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="removableStorage"/></Capabilities>
Internet and public networks* There are two capabilities that provide different levels of access to the Internet and public networks.

The internetClient capability indicates that apps can receive incoming data from the Internet. Cannot act as a server. No local network access.
The internetClientServer capability indicates that apps can receive incoming data from the Internet. Can act as a server. No local network access.

Most apps that have a web service component will use internetClient. Apps that enable peer-to-peer (P2P) scenarios where the app needs to listen for incoming network connections should use internetClientServer. The internetClientServer capability includes the access that the internetClient capability provides, so you don't need to specify internetClient when you specify internetClientServer.
Homes and work networks* The privateNetworkClientServer capability provides inbound and outbound access to home and work networks through the firewall. This capability is typically used for games that communicate across the local area network (LAN), and for apps that share data across a variety of local devices. If your app specifies musicLibrary, picturesLibrary, or videosLibrary, you don't need to use this capability to access the corresponding library in a Home Group. On Windows, this capability does not provide access to the Internet.
Appointments The appointments capability provides access to the user’s appointment store. This capability allows read access to appointments obtained from the synced network accounts and to other apps that write to the appointment store. With this capability, your app can create new calendars and write appointments to calendars that it creates.

The appointments capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="appointments"/></Capabilities>
Contacts* The contacts capability provides access to the aggregated view of the contacts from various contacts stores. This capability gives the app limited access (network permitting rules apply) to contacts that were synced from various networks and the local contact store.

The contacts capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="contacts"/></Capabilities>
Code generation The codeGeneration capability allows apps to access the following functions which provide JIT capabilities to apps.

VirtualProtectFromApp
CreateFileMappingFromApp
OpenFileMappingFromApp
MapViewOfFileFromApp
AllJoyn The allJoyn capability allows AllJoyn-enabled apps and devices on a network to discover and interact with each other.

All apps that access APIs in the Windows.Devices.AllJoyn namespace must use this capability.
Phone calls The phoneCall capability allows apps to access all of the phone lines on the device and perform the following functions.

Place a call on the phone line and show the system dialer without prompting the user.
Access line-related metadata.
Access line-related triggers.
Allows the user-selected spam filter app to set and check block list and call origin information.

The phoneCall capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="phoneCall"/></Capabilities>
The phoneCallHistoryPublic capability allows apps to read cellular and some VoIP call history information on the device. This capability also allows the app to write VoIP call history entries. This capability is required to access all members of the PhoneCallHistoryStore class.
Recorded Calls Folder* The recordedCallsFolder device capability allows apps to access the recorded calls folder.

The recordedCallsFolder capability must include the mobile namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><mobile:Capability Name="recordedCallsFolder"/></Capabilities>
User Account Information* The userAccountInformation capability gives apps the ability to access the user's name and picture.

This capability is required to access some APIs in the Windows.System.UserProfile namespace.

The userAccountInformation capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="userAccountInformation"/></Capabilities>
VoIP calling The voipCall capability allows apps to access the VoIP calling APIs in the Windows.ApplicationModel.Calls namespace.

The voipCall capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="voipCall"/></Capabilities>
3D Objects The objects3D capability allows apps to have programmatic access to the 3D object files. This capability is typically used in 3D apps and games that need access to the entire 3D objects library.

This capability is required to access the folder that contains the 3D objects using APIs in the Windows.Storage namespace.

The objects3D capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="objects3D"/></Capabilities>
Read Blocked Messages* The blockedChatMessages capability allows apps to read SMS and MMS messages that have been blocked by the Spam Filter app.

This capability is required to access the blocked messages using APIs in the Windows.ApplicationModel.Chat namespace.

The blockedChatMessages capability must include the uap namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><uap:Capability Name="blockedChatMessages"/></Capabilities>
Custom Devices The lowLevelDevices capability allows apps to access custom devices when a number of additional requirements are met. This capability should not be confused with the lowLevel device capability, which allows access to GPIO, I2C, SPI, and PWM devices.

If you develop a custom driver that exposes a device interface and you wish to open a handle to this device and send IOCTLs, you must

You can then use Windows.Devices.Custom.CustomDevice to open a handle to your device. For more information, see UWP device apps for internal devices.
IoT System Administration The systemManagement capability allows apps to have basic system administration privileges such as shutting down or rebooting, locale, and timezone.

This capability is required to access some of the APIs in the Windows.System namespace.

The systemManagement capability must include the iot namespace when you declare it in your app's package manifest as shown below.
XML
<Capabilities><iot:Capability Name="systemManagement"/></Capabilities>
Background Media Playback The backgroundMediaPlayback capability changes the behavior of the media-specific APIs like the MediaPlayer and AudioGraph classes to enable media playback while your app is in the background. All active audio streams will no longer mute, but will continue to be audible when an app transitions to the background. Additionally, app lifetime will be extended automatically while playback is occurring.
Remote System The remoteSystem capability allows apps to have access to a list of devices associated with the user's Microsoft Account. Access to the device list is necessary to perform any operations that persist across devices. This capability is required to access to all members of the following.

Windows.System.RemoteSystems namespace
Windows.System.RemoteLauncher namespace
AppServiceConnection.OpenRemoteAsync method
Spatial Perception The spatialPerception capability provides programmatic access to spatial mapping data, giving mixed reality apps information about surfaces in application-specified regions of space near the user. Declare the spatialPerception capability only when your app will explicitly use these surface meshes, as the capability is not required for mixed reality apps to perform holographic rendering based on the user’s head pose.

Device capabilities

Device capabilities allow your app to access peripheral and internal devices. Device capabilities are specified by using the DeviceCapability element in your app package manifest. This element may require additional child elements and some device capabilities need to be added to the package manifest manually. For more info, see How to specify device capabilities in a package manifest and DeviceCapability Schema reference.

Capability scenario Capability usage
Location* The location capability provides access to location functionality that is retrieved from dedicated hardware like a GPS sensor in the PC or is derived from available network info. Apps must handle the case in which the user has disabled location services from the Settings charm.
Microphone The microphone capability provides access to the microphone’s audio feed, which allows the app to record audio from connected microphones. Apps must handle the case in which the user has disabled the microphone from the Settings charm.
Proximity The proximity capability enables multiple devices in close proximity to communicate with one another. This capability is typically used in casual multi-player games and in apps that exchange information. Devices attempt to use the communication technology that provides the best possible connection, including Bluetooth, Wi-Fi, and the Internet. This capability is used only to initiate communication between the devices.
Webcam The webcam capability provides access to the video feed of a built-in camera or external webcam, which allows the app to capture photos and videos. On Windows, apps must handle the case in which the user has disabled the camera from the Settings charm.
The webcam capability only grants access to the video stream. In order to grant access to the audio stream as well, the microphone capability must be added.
USB The usb device capability enables access to APIs in the Updating the app manifest package for a USB device.
Human interface device (HID) The humaninterfacedevice device capability enables access to APIs in the How to specify device capabilities for HID.
Point of Service (POS) The pointOfService device capability enables access to APIs in the Windows.Devices.PointOfService namespace. This namespace lets your app access Point of Service (POS) barcode scanners and magnetic stripe readers. The namespace provides a vendor-neutral interface for accessing POS devices from various manufacturers from a UWP app.
Bluetooth The bluetooth device capability allows apps to communicate with already paired bluetooth devices over both Generic Attribute (GATT) or Classic Basic Rate (RFCOMM) protocol.
This capability is required to use some APIs in the Windows.Devices.Bluetooth namespace.
Wi-Fi Networking The wiFiControl device capability allows apps to scan and connect to Wi-Fi networks.
This capability is required to use some APIs in the Windows.Devices.WiFi namespace.
Radio state The radios device capability allows apps to toggle the Wi-Fi and Bluetooth radios.
This capability is required to use the APIs in the Windows.Devices.Radios namespace.
Optical disc The optical device capability allows apps to access functions on optical disk drives such as CD, DVD, and Blu-ray.
This capability is required to use some APIs in the Windows.Devices.Custom namespace.
Motion activity The activity device capability allows apps to detect the current motion of the device.
This capability is required to use some APIs in the Windows.Devices.Sensors namespace.
Serial communication The serialcommunication device capability provides access to APIs in the Windows.Devices.SerialCommunication namespace, which allows a Windows app to communicate with a device that exposes a serial port or some abstraction of a serial port. This capability is required to use the APIs in the Windows.Devices.SerialCommnication namespace.
Eye Tracker The gazeInput capability allows apps to detect where the user is looking within the application bounds when a compatible eye tracking device is connected. This capability is required to use some APIs in the Windows.Devices.Input.Preview namespace.
GPIO, I2C, SPI, and PWM The lowLevel device capability provides access to GPIO, I2C, SPI, and PWM devices. This capability is required to use the APIs in the following namespaces: Windows.Devices.Gpio, Windows.Devices.I2c, Windows.Devices.Spi,Windows.Devices.Pwm.
XML
<Capabilities><DeviceCapability Name="lowLevel"/></Capabilities>

Restricted capabilities

If your app declares any restricted capabilities, you must provide info during the app submission process in order to be approved to publish the app to the Microsoft Store. You provide this info on the Submission options page of your submission, explaining how your app uses each restricted capability that it declares.

Important

Restricted capabilities are intended for very specific scenarios. The use of these capabilities is highly restricted and subject to additional Store onboarding policy and review. Note that you can sideload apps that declare restricted capabilities without needing to receive any approval. Approval is only required when submitting these apps to the Store.

Be sure not to declare these restricted capabilities unless your app truly needs them. There are cases where such capabilities are necessary and appropriate, such as banking with two-factor authentication, where users provide a smart card with a digital certificate that confirms their identity. Other apps may be designed primarily for enterprise customers and may need access to corporate resources that cannot be accessed without the user’s domain credentials.

To declare a restricted capability, modify your app package manifest source file (Package.appxmanifest). Add the xmlns:rescap XML namespace declaration, and use the rescap prefix when you declare your restricted capability. For example, here's how to declare the appCaptureSettings capability.

<?xml version="1.0" encoding="utf-8"?>
<Package
    ...
    xmlns:rescap="http://schemas.microsoft.com/appx/manifest/foundation/windows10/restrictedcapabilities"
    IgnorableNamespaces="... rescap">
...
<Capabilities>
    <rescap:Capability Name="appCaptureSettings"/>
</Capabilities>
</Package>

Restricted capability approval process

Previously, we required you to contact support to get approval to use a capability. We now allow you to provide this info in Partner Center as part of the submission process.

When you upload packages for your submission, we will detect whether any restricted capabilities are declared. If we do so, you will be required to provide details about how your product uses each capability on the Submission options page. Be sure to provide as much detail as possible to help us understand why your product needs to declare the capability. Note that this may add some additional time for your submission to complete the certification process.

During the certification process, our testers will review the info you provide to determine whether your submission is approved to use the capability. Note that this may add some additional time for your submission to complete the certification process. If we approve your use of the capability, your app will continue through the rest of the certification process. You generally will not have to repeat the capability approval process when you submit updates to your app (unless you declare additional capabilities).

If we don't approve your use of the capability, your submission will fail certification, and we will provide feedback in the certification report. You then have the option to create a new submission and upload packages which don’t declare the capability, or, if applicable, address any issues related to your use of the capability and request approval in a new submission.

Note

If your submission uses a development sandbox in Partner Center (for example, this is the case for any game that integrates with Xbox Live), you must request approval in advance rather than providing info on the Submission options page. To do so, visit the Windows Developer support page. Select Developer support topic Dashboard issue, Issue Type App submissions, and Subcategory Other. Then describe how you are using the capability and why it is necessary for your product. If you do not provide all the information necessary, your request will be denied. You may also be asked to provide more information. Note that this process typically takes 5 business days or longer, so please submit your request well in advance.

You may also use this method of requesting approval (rather than providing this info during your submission), whether or not you're using a development sandbox, if you prefer to confirm that you are approved to use a restricted capability before you start your submission.

Restricted capability list

The following table lists the restricted capabilities. You may request approval for these capabilities in apps that you submit to the Store by following the process described above.

Important

Some of these restricted capabilities are almost never approved for apps submitted to the Store, except in very specific and limited circumstances. These capabilities are called out in the table below. We recommend not declaring these capabilities in your app if you plan to distribute it through the Store.

Capability scenario Capability usage
Enterprise Windows domain credentials enable a user to log into remote resources using their credentials, and act as if a user provided their user name and password. The enterpriseAuthentication capability is typically used in line-of-business apps that connect to servers within an enterprise.

You don't need this capability for generic communication across the Internet.

The enterpriseAuthentication capability is intended to support common line-of-business apps. Don't declare it in apps that don't need to access corporate resources. The file picker provides a robust UI mechanism that enables users to open files on a network share for use with an app. Declare the enterpriseAuthentication capability only when the scenarios for your app require programmatic access, and you cannot realize them by using the file picker.

The enterpriseAuthentication capability must include the uap namespace when you declare it in your app's package manifest as shown below.

<Capabilities><uap:Capability Name="enterpriseAuthentication"/></Capabilities>

The enterpriseDataPolicy capability allows apps to handle enterprise data separately and safely when the app is managed with Windows Information Protection policy (For example: Mobile Device Management and Mobile Application Management systems). Declare this restricted capability as shown below.

<Capabilities><rescap:Capability Name="enterpriseDataPolicy"/></Capabilities>

This capability is required to use all members of the following classes.
Shared user certificates The sharedUserCertificates capability enables an app to add and access software and hardware-based certificates in the Shared User store, such as certificates stored on a smart card. This capability is typically used for financial or enterprise apps that require a smart card for authentication.

The sharedUserCertificates capability must include the uap namespace when you declare it in your app's package manifest as shown below.

<Capabilities><uap:Capability Name="sharedUserCertificates"/></Capabilities>
Documents* The documentsLibrary capability provides programmatic access to the user's Documents, filtered to the file type associations declared in the package manifest, to support offline access to OneDrive. For example, if a DOC reader app declared a .doc file type association, it can open .doc files in Documents, but not other types of files.

Apps that declare the documentsLibrary capability can't access Documents on Home Group computers. The file picker provides a robust UI mechanism that enables users to open files for use with an app. Declare the documentsLibrary capability only when you cannot use the file picker.

To use the documentsLibrary capability, an app must:
  • Facilitate cross-platform offline access to specific OneDrive content using valid OneDrive URLs or Resource IDs
  • Save open files to the user’s OneDrive automatically while offline
Apps that use the documentsLibrary capability for these two purposes may also optionally use the capability to open embedded content within another document. Only the above uses of the documentsLibrary capability are accepted.
  • Your app can't access the Documents library in the phone's internal storage. If another app creates a Documents folder on the optional SD card, however, your app can see that folder.
The documentsLibrary capability must include the uap namespace when you declare it in your app's package manifest as shown below.

<Capabilities><uap:Capability Name="documentsLibrary"/></Capabilities>
Game DVR Settings The appCaptureSettings restricted capability allows apps to control the user settings for the Game DVR.

This capability is required to use some APIs in the Windows.Media.Capture namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Cellular The cellularDeviceControl restricted capability allows apps to have control over the cellular device.

The cellularDeviceIdentity capability allows apps to access cellular identification data.

The cellularMessaging capability allows apps to make use of SMS and RCS.

These capabilities are required to use some APIs in the Windows.Devices.Sms namespaces.
Device Unlock The deviceUnlock restricted capability allows apps to unlock a device for developer and enterprise sideloading scenarios.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Dual SIM Tiles The dualSimTiles restricted capability allows apps to create an additional app list entry on devices that have multiple SIMs.

This capability is required to use some APIs in the Windows.UI.StartScreen namespace.
Enterprise Shared Storage The enterpriseDeviceLockdown restricted capability allows apps to use the device lock down API and access the enterprise shared storage folders.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Input Injection The inputInjectionBrokered restricted capability allows apps to inject various forms of input such as HID, touch, pen, keyboard or mouse into the system programmatically. This capability is typically used for collaboration apps that can take control of the system.

For a PC, input injection from an app that has this capability will only be received by processes in the same App Container.

<Capabilities><rescap:Capability Name="inputInjectionBrokered" /></Capabilities>
Observe Input* The inputObservation restricted capability allows apps to observe various forms of raw input such as HID, touch, pen, keyboard, or mouse being received by the system regardless of its final destination.
Suppress Input The inputSuppression restricted capability allows apps to suppress various forms of raw input such as HID, touch, pen, keyboard, or mouse from being received by the system.
VPN App The networkingVpnProvider restricted capability allows apps to have full access to VPN features, including the ability to manage connections and provide VPN Plugin functionality.

This capability is required to use some APIs in the Windows.Networking.Vpn namespace.
Other App Mangement The packageManagement restricted capability allows apps to manage other apps directly.

The packageQuery device capability allows apps to gather information about other apps.

These capabilities are required to access some methods and properties in the PackageManager class.
Screen Projection The screenDuplication restricted capability allows apps to project the screen on another device.

This capability is required to use APIs in the DirectX namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
User Principal Name The userPrincipalName restricted capability allows apps to modify and access the thumbnail cache from photos.

This capability is required to call the GetUserNameEx function.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Wallet The walletSystem restricted capability allows apps to have full access to the stored wallet cards.

This capability is required to use APIs in the Windows.ApplicationModel.Wallet.System namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Location History The locationHistory restricted capability allows apps to access the location history of the device.

This capability is required to use APIs in the Windows.Devices.Geolocation namespace.
App Close Confirmation The confirmAppClose restricted capability allows apps to close themselves, their own windows, and delay the closing of their app.

Apps may request this capability in Windows 10 version 1703 (build 10.0.15063) and beyond. In prior Windows 10 versions the capability is private and will cause app install to fail with error message "The requested capability can not be authorized for this application."
Call History* The phoneCallHistory restricted capability allows apps to read the call history and to delete entries in the history.

This capability is required to use APIs in the Windows.ApplicationModel.Chat namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Level Appointment Access The appointmentsSystem restricted capability allows apps to read and modify all appointments on the user's calendar.

This capability is required to use APIs in the Windows.ApplicationModel.Appointment namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Level Chat Message Access* The chatSystem restricted capability allows apps to read and write all SMS and MMS messages.
This capability is required to use APIs in the Windows.ApplicationModel.Chat namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Level Contact Access The contactsSystem restricted capability allows apps to read contact information that has been designated as restricted or sensitive and modify existing contact information.

This capability is required to use APIs in the Windows.ApplicationModel.Chat namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Email Access* The email restricted capability allows apps to read, triage, and send user emails.

This capability is required to use APIs in the Windows.ApplicationModel.Email namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Level Email Access The emailSystem restricted capability allows apps to read, triage, and send user restricted or sensitive emails.

This capability is required to use APIs in the Windows.ApplicationModel.Email namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
System Level Call History Access The phoneCallHistorySystem restricted capability allows apps to fully modify the call history by changing existing entries and writing new ones.

This capability is required to use APIs in the Windows.ApplicationModel.Calls namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Send Text Messages* The smsSend restricted capability allows apps to send SMS and MMS messages.

This capability is required to use APIs in the Windows.ApplicationModel.Chat namespace.
System Level Access to All User Data The userDataSystem restricted capability allows apps to access the user data system datastore.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Store Preview Features The previewStore restricted capability allows apps to retrieve and purchase SKUs of in-app products.

This capability is required to use certain APIs in the Windows.ApplicationModel.Store.Preview namespace.
First-Time Sign-in Settings The firstSignInSettings restricted capability allows apps to access user settings that were set when the user first signed in to their device.
Windows Team Experience The teamEditionExperience restricted capability allows apps to access internal APIs that control many experiential aspects of a Windows Team session. A Windows Team session is likely to be running on a team device such as a Microsoft Surface Hub.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Remote Unlock The remotePassportAuthentication restricted capability allows apps to access credentials that can be used to unlock a remote PC.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Preview Composition The previewUiComposition restricted capability allows apps to preview the Windows.UI.Composition namespace for their user interface so they can provide feedback on the API before it is completed. Please contact wincomposition@microsoft.com for more information.
Secure Assessment Lockdown The secureAssessment restricted capability allows apps to lockdown Windows into a single app mode for secure assessments.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Connection Manager Provisioning The networkConnectionManagerProvisioning restricted capability allows apps to define the policies that connect the device with WWAN and WLAN interfaces. Apps that use this capability are created by Mobile Operators to govern the devices that connect to their mobile network.
Data Plan Provisioning The networkDataPlanProvisioning restricted capability allows apps to gather information about data plans on the device and read network usage. Apps that use this capability are created by Mobile Operators to integrate their customers’ actual data usage into the OS Data usage setting.
Software Licensing The slapiQueryLicenseValue restricted capability allows apps to query software licensing policies.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Extended Execution The extendedBackgroundTaskTime restricted capability prevents background tasks from being cancelled or terminated due to execution time limits. They are still subject to all other memory and energy usage limits. This capability can be restricted using the Battery Usage or Privacy Background Apps Settings. Note that consumers and administrators still have the ability to control background tasks through the Group Policy settings.

The extendedExecutionBackgroundAudio restricted capability allows apps to play audio when the app is not in the foreground.

The extendedExecutionCritical restricted capability allows apps to begin a critical extended execution session.

The extendedExecutionUnconstrained restricted capability allows apps to begin an unconstrained extended execution session.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.

See Postpone app suspension with extended execution for more information about using extended execution to postpone when your app is suspended.
Mobile Device Management The deviceManagementDmAccount restricted capability allows apps to provision and configure Mobile Operator Open Mobile Alliance - Device Management (MO OMA-DM) accounts.

The deviceManagementFoundation restricted capability allows apps to have basic access to the Mobile Device Management (MDM) configuration service provider (CSP) infrastructure on the device. Note that other capabilities are needed to access specific CSPs.

The deviceManagementWapSecurityPolicies restricted capability allows apps to configure Wireless Application Protocol (WAP)-based services such as MMs, Service Indication/Service Loading (SI/SL), and Open Mobile Alliance - Client Provisioning (OMA-CP).

The deviceManagementEmailAccount restricted capability allows apps created by Mobile Operators to add and manage an email account on devices they provision to users.
Package Policy Control The packagePolicySystem restricted capability allows apps to have control of system policies related to apps that are installed on the device.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Games List The gameList restricted capability allows apps to get a list of known games installed on the system.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Xbox Accessory The xboxAccessoryManagement restricted capability allows apps to directly manage Xbox devices that conform to the Xbox hardware specification.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Speech Recognition for Accessories The cortanaSpeechAccessory restricted capability allows apps to invoke and pass commands to Cortana.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Accessory Management The accessoryManager restricted capability allows apps to register as an accessory app and opt-in to specific app notifications so that they may be forwarded to accessories and display to the user.
Driver access The interopServices restricted capability allows apps to interact directly with drivers.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Foreground observation The inputForegroundObservation restricted capability allows apps in the foreground to intercept keyboard input and byasses all non-app keyboard input processing. SAS combinations cannot be intercepted by this capability. This capability is required to access members of the KeyboardDeliveryInterceptor class.
OEM and MO Partner apps The oemDeployment restricted capability allows apps that are created by Microsoft partners to install new apps and query currently installed apps on the device.

The oemPublicDirectory restricted capability allows apps that are created by Microsoft partners to have access to the shared app folder. We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
App Licensing The appLicensing restricted capability allows apps to run without the need of a license. You cannot submit your app to the store if you declare this capability in your manifest.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Location System The locationSystem restricted capability allows apps to perform certain privileged location configurations like setting the default location for the device.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
User Data Accounts Provider The userDataAccountsProvider restricted capability allows apps to fully manage the mail, calendar, and contact accounts.
Pen Workspace The previewPenWorkspace capability allows an app to access the Windows.ApplicationModel.Preview.Notes namespace to be hosted inside the pen workspace as the remember action handler.
Secondary Authentication Factor The secondaryAuthenticationFactor capability allows an app to unlock a PC by passing the secrets store on a nearby companion authentication device. For example, a companion fitness band can be used to unlock the PC. This capability is required to access APIs in the Windows.Security.Authentication.Identity.Provider namespace.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Store License Management The storeLicenseManagement capability allows Microsoft partner hub-apps to manage store licenses on the device. This capability is required to access APIs in the Windows.ApplicationModel.Store.LicenseManagement namespace.
User System ID The userSystemId capability allows apps to get a system identifier specific to the user. This identifier uniquely identifies the current user on a specific system and can be used to correlate information across apps. This capability is required to access the GetUserSpecificSystemId API in the Windows.System.Profile.SystemIdentification class.
Targeted Content The targetedContent capability provides an application the ability to retrieve and use targeted subscription content provided by the Windows.Services.TargetedContent namespace.

This capability is required to use some APIs in the Windows.System.Profile.SystemIdentification namespace.
UI Automation The uiAutomation capability allows a UI automation client, such as Narrator, to connect to a UI Automation server or provider.

This capability is required to use some APIs in the Windows.Xbox.Media.Capture.Broadcaster namespace.
Game Bar Services The gameBarServices is restricted to 1st party store updatable inbox UWAs.

This capability is required to use the Windows.Media.Capture.GameBarsSrvices class.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
App Capture Services The appCaptureServices capacity is limited to parties with which Microsoft has contractual relationships. These relationships are granted based on partner agreements, which are being driven with the help of Xbox Services and bizdev.

This capability is required to use the Windows.Media.Capture.AppCaptureServices class.
App Broadcast Services The appBroadcastServices capability is limited to parties with which Microsoft has contractual relationships. These relationships are granted based on partner agreements, which are being driven with the help of Xbox Services.


This capability is required to use the Windows.Media.capture.AppBroadcastServices class.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Audio Device Configuration The audioDeviceConfiguration This capability allows an application to query, configure, enable, and disable audio effects exposed by the audio driver.

This capability is required to use the Windows.Media.Devices.AudioDeviceModulesManager class.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved. This is because AudioDeviceModulesManager allows an application to access to all audio effects on a given system. Potentially, the audio effects can be set to negatively impact audio performance on the device.
Preview Ink Workspace The previewInkWorkspace capability allows an app to access the Preview Ink namespace hosted inside the ink workspace. Generally speaking, this is used by an OEM to replace the whiteboard application on a device.

This capability is required to the APIs in the Windows.ApplicationModel.Preview.InkWorkspace namespace.
Start Screen Management The startScreenManagement capability allows apps to silently pin Tiles to the Start screen. Apps can also pin from the background. Not having the startScreenManagement capability does not block any APIs; rather, using startScreenManagement means that the Shell will not display any UI when an app uses the Pin API.
Cortana Permissions The cortanaPermissions capability allows an app to enumerate the permissions that the user has granted Cortana on the device. The capability also allows an app to grant and revoke Cortana permissions on the device. Note that using cortanaPermissions requires that the device display legal text before granting permissions. As such, it is the responsiblity of the app to inform the user of the legal consequences of modifying permissions.


This capability is required to gain read access to the HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search(*) registry settings.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
All App Mods The allAppMods capability allows an app to access the AppMods folder for all apps. Mod Management utilities use allAppMods to manage mods outside of the game or app that consume them.
Expanded Resources The expandedResources capability allows an app access to the Game Mode resources. On Xbox, and on PCs that meet a sufficient bar, Game Mode resources represent a subset of the available CPU cores that are reserved for the app’s exclusive use. On Xbox, the app also has exclusive use of a memory partition of at least 4GB.

This capability is required to gain exclusive use of CPU and memory resources as defined above.
Protected App The protectedApp capability grants an app the ability to be loaded into a procteded process by the store. When the app is ingested into the store, the store adds a blob to the executable. The store also page signs the executable with a Microsoft key. The process loader checks for this blob rather than the capability to enforce protected process, as the blob needs a Microsoft signature.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Game Monitor The gameMonitor capability causes the system to use active monitoring to detect game cheats by the app.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
App Diagnostics The appDiagnostics capability allows an app to get diagnostic information, (such as package information, memory usage, and account name) for any other running UWP app. The information returned includes the domain/machine account name under which the app is running; if the calling app is launched with Administrator rights then the app can retrieve a list of all running apps for all accounts on the machine.

This capability is required to use the Windows.System.AppDiagnosticInfo, Windows.System.AppDiagnosticInfo.RequestAppDiagnosticInfoAsync, and Windows.ApplicationModel.AppInfo classes.
Device Portal Providers The devicePortalProvider capability allows apps to call the Windows.System.Diagnostics.DevicePortal APIs, and serve as a webserver for diagnostic tooling while in Developer Mode.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Enterprise Cloud Single Sign On The enterpriseCloudSSO capability allows apps to use single sign on with Azure Active Director (AAD) resources inside a hosted web view control.
Automatically accept VoIP calls The backgroundVoIP capability allows you to automatically receive and accept incoming VoIP calls without requiring the user to accept the call explicitly. Apps utilizing this capability are granted full control of camera and microphone and can use these resources in the background.

We don't recommend declaring this capability in apps submitted to the Microsoft Store. For most developers, use of this capability won't be approved.
Reserve resources for VoIP calls The oneProcessVoIP capability allows you to reserve the CPU and memory resources necessary for a VoIP call in a single-process application.

We don't recommend declaring this capability in apps submitted to the Microsoft Store. For most developers, use of this capability won't be approved.
Development Mode Network The developmentModeNetwork capability allows apps to access network paths using the credentials from the signed-in user when calling the OpenFile Win32 API in a C++/CX UWP app or C++ Windows Runtime Component.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Broad Filesystem Access The broadFileSystemAccess capability allows apps to get the same access to the file system as the user who is currently running the app without any additional file-picker style prompts during runtime. It is important to note that this capability is not required to access files that the user has already chosen using the FilePicker or FolderPicker.

This capability works for the Windows.Storage APIs. It is important to note that the first use of any Windows.Storage APIs with this capability declared in your app package manifest will trigger a user-consent prompt where the user can grant or deny the permission. Users can also grant or deny the permission at any point by toggling Settings. It is also important that you do not declare any special folder capabilities such as Documents, Pictures, or Videos with this capability.
System Firmware and BIOS The smbios capability allows apps to access bios data and system firmware data.
Full Trust Permission Level The runFullTrust restricted capability allows apps to run at the full trust permission level on the user’s machine. This capability is required to use the FullTrustProcessLauncher API.

This capability is also required for any desktop application that is delivered as an appx or msix package (as with the Desktop Bridge), and it will automatically appear in your manifest when packaging these apps using the Desktop App Converter (DAC) or Visual Studio.
Elevation The allowElevation restricted capability allows apps that are created by Microsoft partners and enterprises to preserve existing desktop functionality that requires auto-elevation on launch or during an app‘s lifetime.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved. It will only be approved for line-of-business apps deployed by enterprises to their private store via the Microsoft Store for Business.
Windows Team Device Credentials The teamEditionDeviceCredential restricted capability allows apps to access APIs that request device account credentials on a Surface Hub device running Windows 10, version 1703 or later.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Windows Team Application View The teamEditionView restricted capability allows apps to access APIs for hosting an application view on a Surface Hub device running Windows 10, version 1703 or later.

We don't recommend that you declare this capability in applications that you submit to the Microsoft Store. In most cases, the use of this capability won't be approved.
Camera Processing Extension The cameraProcessingExtension restricted capability allows apps to process images captured from the camera without direct camera control.

This capability is required to call APIs in the Windows.Devices.PointOfService.Provider namespace.

Anyone may request access to this capability for store submission.
Data usage Management* The networkDataUsageManagement restricted capability allows apps to gather network data usage information.

This capability is required to call GetAttributedNetworkUsageAsync.

Anyone may request access to this capability for store submission.

Custom capabilities

The restricted capabilities section above describes the same capability approval process that you can use to request approval to use a custom capability. The embedded SIM APIs are examples of APIs that require a custom capability. If you only want to run your application locally in developer mode, then you don't need the custom capability. But you need it to publish your app to the Microsoft Store, or to run it outside of developer mode.

If you have a Windows Technical Account Manager (TAM), then you can work with your TAM to request access. You can find more details at Contact your Microsoft TAM.

To declare a custom capability, modify your app package manifest source file (Package.appxmanifest). Add the xmlns:uap4 XML namespace declaration, and use the uap4 prefix when you declare your custom capability. Here's an example.

<?xml version="1.0" encoding="utf-8"?>
<Package
    ...
    xmlns:uap4="http://schemas.microsoft.com/appx/manifest/uap/windows10/4">
...
<Capabilities>
    <uap4:CustomCapability Name="CompanyName.customCapabilityName_PublisherID"/>
</Capabilities>
</Package>