Set up API access for your app or SDK

To access the privacy preserving APIs (PPAPIs) for your app or SDK during the Developer Preview, you must first carry out the following steps:

API access is needed for the privacy preserving APIs and the SDK Runtime.

This is needed for specific privacy preserving APIs used in your app or SDKs.

Enable access to the Privacy Sandbox APIs and SDK Runtime

The designs for the Privacy Sandbox on Android allow for users to control whether Privacy-Preserving APIs and the SDK Runtime are active on their device. These settings are disabled by default as of Developer Preview 5. For development purposes, you can enable API and SDK Runtime access with the following adb commands:

Enable the Privacy Sandbox

adb shell am start -n

Then click the toggle button to enable the Privacy Sandbox on this device. This will enable every API.

In preparation for production rollout, Developer Preview 6 introduced a flag to disable Privacy-Preserving API access by default. For testing purposes, enable Privacy-Preserving API access in the Developer Preview by running the following command:

adb shell device_config put adservices global_kill_switch false

Enable Individual APIs

adb shell device_config put adservices ppapi_app_allow_list \"*\"

Enable the SDK Runtime

adb shell device_config put adservices disable_sdk_sandbox false


FLEDGE enrollment is enforced as of Developer Preview 6. For development purposes, you can enable API access with the following adb command:

adb shell "device_config put adservices disable_fledge_enrollment_check true"

Configure AdServices permissions

Follow the instructions below to declare API-specific permissions, and configure SDK access to resources managed by the targeted API.

Declare AdServices API-specific permissions

Access to each PPAPI requires an AdServices normal permission. In your manifest, declare the appropriate access permissions that correspond to the APIs needed in your app or SDK.

Attribution Reporting API:

<uses-permission android:name="android.permission.ACCESS_ADSERVICES_ATTRIBUTION" />

FLEDGE / custom audience API:

<uses-permission android:name="android.permission.ACCESS_ADSERVICES_CUSTOM_AUDIENCE" />

Topics API:

<uses-permission android:name="android.permission.ACCESS_ADSERVICES_TOPICS" />

Configure API-specific ad services

Similar to the PPAPI access permissions, each API has a corresponding entry in the ad services configuration. This configuration gives you fine-grained control access to resources managed by the APIs in your app or embedded SDK. In your manifest, specify an adservicesConfig property as show in the example below:

<application ...>
    <property android:name="android.adservices.AD_SERVICES_CONFIG"
        android:resource="@xml/ad_services_config" />


Specify the ad services XML resource referenced in the manifest, such as res/xml/ad_services_config.xml. For each privacy preserving API applicable to your app (or embedded SDK), use the allowAllToAccess attribute to grant access.

You can use the allowAdPartnersToAccess attribute to grant fine-grained API access on a per-adtech basis. You'll need to provide a list of API calls using your enrollment account IDs, which you obtained through enrollment.

Adtech platforms should also make sure that their app clients properly grant access to the required privacy preserving APIs in the ad services configuration.

    <!-- Attribution API -->
    <attribution allowAdPartnersToAccess="a123" allowAllToAccess="true" />

    <!-- Topics API -->
    <topics allowAllToAccess="true" />

    <!-- FLEDGE on Android API -->
    <custom-audiences allowAllToAccess="true" />

Foreground access limitation

To provide transparency, access to the SDK Runtime and privacy preserving APIs is limited to apps with a visible Activity, or with a RunningAppProcessInfo of IMPORTANCE_FOREGROUND.