# App Permissions

## Who can run your app

### App Identifier Link

See Sharing [**App Identifier Links**](https://docs.appetize.io/sharing-apps#app-identifier).

By default, only users linked to your organization and signed in to Appetize will have access to your App Identifier link.

### Build Identifier Link

See Sharing [**Build Identifier Links**](https://docs.appetize.io/sharing-apps#build-identifier).

By default, anybody who has your app's Build Identifier link, i.e. its **buildId** (previously known as **publicKey**), will have permission to run your app.

Some customers want to restrict access, so that only authenticated users may run their app. For this purpose, we have a configuration option which can be set at either the organization level or the app build level.

## Organization Session Default Permissions

Set and control default session permissions across your organization by navigating to [**Organization -> Session Defaults**](https://appetize.io/organization/session-defaults).

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2FLrdMz5CA2b0FtMz6beXb%2FScreenshot%202025-03-21%20112952.png?alt=media&#x26;token=90c1325e-b946-49a4-b4d5-4d7cae68b5f6" alt=""><figcaption><p>Example Organization App Build Permissions</p></figcaption></figure>

## App Build Permissions

{% hint style="warning" %}
App Build Permissions will override Organization Session Default Permissions. We recommend using Organization Session Default Permissions. In the future we will introduce more granular ways to provide permissions for your apps.
{% endhint %}

For the app-level setting, navigate to your [**Dashboard**](https://appetize.io/dashboard), select your preferred app and then select the build you want to change permissions for:

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2FBSQMay02ea9T5tkEjPIK%2FScreenshot%202025-03-21%20113201.png?alt=media&#x26;token=def5ec30-09cb-446c-991f-598b60b7186a" alt=""><figcaption><p>Select the build you want to apply permission to</p></figcaption></figure>

and finally configure the option under Settings > App Permissions.

{% hint style="info" %}
App Level Permissions can also be applied when uploading the app via our REST API. See [Create new app](https://docs.appetize.io/rest-api/create-new-app) and [Update existing app](https://docs.appetize.io/rest-api/update-existing-app) for more information.
{% endhint %}

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2F5sIAd84LvOu7plbOnzV9%2FScreenshot%202025-03-21%20113050.png?alt=media&#x26;token=296f4b35-68d6-48a9-be63-952ee0605ed4" alt=""><figcaption><p>Example App Build Level Permissions</p></figcaption></figure>

## Permissions

Configure the permissions below to determine whether you need to be authenticated with Appetize and linked to the organization or simply have the Embed or View link for an app in order to perform the following actions.

| Permission                | Description                                                          |
| ------------------------- | -------------------------------------------------------------------- |
| **run**                   | Run your application                                                 |
| **networkProxy**          | Specify a network proxy when running the app                         |
| **networkIntercept**      | Use Appetize's intercepting proxy when running the app               |
| **debugLog**              | View your app's NSLog/Logger or Logcat output                        |
| **adbConnect**            | Debug your app by connecting ADB to the hosted emulator              |
| **androidPackageManager** | Allow the installation of additional APK's while your app is running |