Android controls access to its features by means of “permissions”. Apps can’t perform certain task without being granted permission to do so by the user.
Most apps request permission only once, when they’re installed. A user have no choice, either grant all permissions required by the app, or don’t install it.
Automate uses an alternative solution. The app itself require very few (basic) permissions, but gives the user a way to selectively grant and revoke
groups of permissions by installing or uninstalling add-ons. It’s the same system permissions as enforced by Android.
Permissions are granted by clicking the check marks in the Privileges section on flow details screen
or in Privileges settings.
Since Android 6 apps can request permissions at “run-time”, making the above solution obsolete. Work is in progress to migrate to it.
When authorization is required, Automate will never force a user to write a username or password within a flow.
Instead the credentials are stored in accounts handled by the Android operating system.
Accounts are then only referenced by their public names, making flows safe to share among users.
A username and password are often required when accessing FTP/SMTP servers or personal web content.
Automate has its own type of account for those cases, the “generic credentials” account.
Add or remove “generic credentials” in system Account settings.
Automate can never access the password of a Google account.
Instead, Automate requests an authentication token when accessing online services
like Gmail and Google Drive. This token isn’t accessible by, nor stored in a flow.
All communication with online services requiring authorization are done though secure (HTTPS) connections,
this includes the following features:
- Automate cloud messaging
- Automate community
- Google Drive