Share via

Why aren’t the capabilities defined in a sideloaded line-of-business (LOB) UWP app retained after installation?

McMillenBelenMNRF-9276 10 Reputation points
2025-07-11T18:53:05.24+00:00

Our organization have defined the following capabilities in a custom LOB UWP application:

<uap:Capability Name="userAccountInformation"/>

<uap3:Capability Name="userNotificationListener"/>

<rescap:Capability Name="broadFileSystemAccess"/>

<DeviceCapability Name="documentsLibrary"/>

However, after installation, users still need to manually enable these permissions in Windows Settings > App Permissions for the app.

If users forget to perform this step, the corresponding capabilities—particularly access to local files—do not function as expected.

Is there any additional configuration required during development or packaging to ensure that these permissions are enabled by default after installation, without requiring users to manually enable them through the Settings interface?

Developer technologies | Universal Windows Platform (UWP)

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harry Vo (WICLOUD CORPORATION) 405 Reputation points Microsoft External Staff
    2025-07-14T02:38:45.87+00:00

    Hi McMillen Buom,

    Although you've correctly declared capabilities like userAccountInformation, userNotificationListener, broadFileSystemAccess, and documentsLibrary in your app's manifest, Windows has a built-in user consent model for sensitive permissions. This means:

    • Capabilities such as broadFileSystemAccess and userNotificationListener require manual activation by the user in Windows Settings.
    • Even after installation, users must enable these permissions individually under Settings > Privacy > App Permissions for your app.

    This behavior is by design—Windows aims to protect user privacy and data by ensuring users have full control over granting access.

    To improve UX, you can add the following to your project to make these manual steps more convenient for your customers!

    • This code block checks whether the required permissions are enabled:
    var status = UserNotificationListener.CurrentAccessStatus; 
if (status != UserNotificationListenerAccessStatus.Allowed) 
	{     
		// Show custom message 
	}
    •  If the required permissions are not enabled, this XAML snippet displays helpful options for the user to enable them manually:
    <StackPanel Margin="20"> 
	<TextBlock Text="Permissions Required" FontSize="20" FontWeight="Bold" />
	<TextBlock Margin="0,10,0,0" Text="To use all features, please enable notifications and file access permissions in Windows Settings." /> 
	<Button Content="Open Notification Settings" Click="OpenNotificationSettings_Click"             Margin="0,10,0,0"/> 
	<Button Content="Open File System Settings" Click="OpenFileSystemSettings_Click"             Margin="0,10,0,0"/> 
</StackPanel>
    • These button-click events will open the corresponding settings pages to help users enable the required permissions directly.
    private async void OpenNotificationSettings_Click(object sender, RoutedEventArgs e) 
{     
	await Launcher.LaunchUriAsync(new Uri("ms-settings:privacy-notifications"));
}
 
private async void OpenFileSystemSettings_Click(object sender, RoutedEventArgs e) 
{     
	await Launcher.LaunchUriAsync(new Uri("ms-settings:privacy-broadfilesystemaccess")); 
}

    If you have any questions, feel free to ask! Thank you!

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.