Once in a while I read that MANAGE_ACCOUNTS Permission is needed (actually it is called "KONTEN HINZUFÜGEN ODER ENTFERNEN" as I have a German phone. I guess the text below is something like "Add or remove accounts, create accounts and set passwords, use accounts on the device" in English).
I'm asking this question because I wanted to install the GitHub-App.
I think I found a very similar question which I would like to include here:
- What does it mean they can create accounts?
- Why would Amazon (Kindle app) / GitHub even need this?
- Are there any risks?
Answer
In short, GitHub is using the internal Account System manager to store your GitHub credentials. This works the exact same was as adding a Google account or an Exchange account. Essentially, you are logging in with your credentials and they are stored in the Account Manager, which prevents you from having to re-enter these credentials again in the future.
This is most useful when the credentials are used across multiple applications as you only have to login once. For example, Google Chrome will access your account via the Account Manager instead of forcing you to login again (the yellow dialog that pops up at the bottom asking if you want to sign in with your locally held Account on your phone when visiting gmail or another Google website on your phone's Google Chrome browser).
What does it mean they can create accounts?
They can created local accounts on your phone for their application (and only their application). Here's an example of a list on my phone:
Screenshot (Click image for larger variant)
Why would Amazon (Kindle app) / GitHub even need this?
It simplifies credentials in Android. It's the recommended method to do this.
Are there any risks?
There shouldn't be. If an app uses the AccountManager and say, wants to use your Google account, then it will have to explicitly ask you for permission as it needs an auth token to use that account. See more info on the SDK documentation.
No comments:
Post a Comment