New Google Play Console Guidelines for “Sensitive app permissions”
Google Play Console has introduced new guidelines for “Sensitive app permission”, such as android.permission.ACCESS_BACKGROUND_LOCATION
, which the Background Geolocation SDK (for React Native, Flutter and Cordova/Capacitor) automatically adds to your app’s AndroidManifest
. While submitting your app recently, you may find your app being rejected by Google Play Console with an email stating “Prominent disclosure not found”:
Do not be alarmed — Transistor Software has successfully submitted the Background Geolocation Demo app for Cordova, React Native and Flutter and all have been accepted. And you can too!
Step 1: Config.backgroundPermissionRationale
The latest version of the BackgroundGeolocation SDK (Flutter 1.10.1, React Native 3.9.1, Cordova 3.9.2) has a new Config option Config.backgroundPermissionRationale
(See API docs: Flutter, React Native, Cordova/Capacitor). This option configures the text elements on a new dialog presented by the SDK on Android 11 devices when the location permission “Always” is requested. You should customize these elements, particularly the message
element, according to your app’s use-case.
Step 2:
Using the new version of the Play Store Console, scroll down to the “Policy” section in the menu bar and click “App Content”. We’re interested in two sections within:
- “App access”
- “Sensitive app permissions”
Step 3: “App access”
If your app requires user login, you must use this section to describe to the Google reviewer how to login to your app and cause your app to invoke the background location permission request, where your app would execute BackgroundGeolocation.start()
or BackgroundGeolocation.requestPermission()
.
- Select the option “All or some functionality is restricted”
- Click [+ Add new instructions]
Here you will describe to the Google reviewer how exactly to login to your app. I suggest creating an account in your system specifically for reviewers with username: google, for example.
Step 4: “Sensitive app permissions”
Here you will select “Yes, this app meets the Location permissions policy”. Fill out the three form-fields, honestly describing your “App purpose”, why your app requires location in the background. You will need to create a short video (30s or less) describing how to login to your app and invoke background location access, where your code invokes BackgroundGeolocation.start()
.
Here is the form used for the BackgroundGeolocation demo apps:
Here is the Video Instructions produced for the for demo app and provided to the form above:
Step 5: Prominent Disclosure for Background Location Access
After completing all the above steps and re-submitting the demo apps for review, we found that Google Play Store was still complaining about “Prominent Disclosure Not Found”. In the video above, at the 20s mark, note the following Alert:
This is a simple one-time Alert dialog shown by the demo app code at first install (nothing to do with BackgroundGeolocation SDK). Once shown, a flag is set and the Alert will never be shown again.
The addition of this dialog finally satisfied the Play Store reviewer and the app was approved.
Conclusion
After receiving an initial rejection from Play Store Review, you may be tempted to simply remove the offending permission android.permission.ACCESS_BACKGROUND_LOCATION
from your app but this would be a mistake since the BackgroundGeolocation SDK relies upon this permission.
If you carefully follow the steps described in the article, your app will most likely be accepted once again.
However, if you do want to remove the android.permission.ACCESS_BACKGROUND_LOCATION
from your app, simply add the following element to you AndroidManifest.xml
<manifest>
<uses-permission
android:name="android.permission.ACCESS_BACKGROUND_LOCATION"
tools:node="remove" />
.
.
.
</manifest>