Distribute and grow

VRC.Quest.Security.2

Updated: Mar 30, 2026

Criteria

The app must request the minimum number of permissions required to function and may not include permissions that are unsupported.
 Required ✓Recommended +
Immersive apps
✓
 
Panel (2D) apps
✓
 

Additional details

Be sure you know the purpose of every permission declared in the app manifest and remove any that are unnecessary.
A list of prohibited Android permissions, which are never allowed, is available at Prohibited Android Permissions.
A list of review-requiring Android permissions, which are only allowed if necessary for your specific app, is available at Review-Requiring Android Permissions.
If a user denies a permission, the app must:
  • Display an informative on-screen prompt explaining that certain features will be unavailable until the permission is accepted, or
  • Continue functioning without interruption, even if some features are limited.
To learn how to remove undesired permissions from your app, see Remove Permissions from your Manifest.

Steps to test

  1. Review the permissions declared in the Android manifest. (See Determining Permissions Used By Your App.)
  2. Verify that the app uses every permission it declares.
  3. Verify that none of the declared permissions are prohibited.
  4. For each review-requiring permission, verify that Meta has been provided a valid justification for its use.
  5. Graceful failure test: For each permission that prompts the user at runtime, launch the app and deny the permission when prompted. Verify that the app does not crash or become permanently unresponsive.

Expected result

  • The app has a functional use for every permission declared.
  • The app doesn’t declare any prohibited permissions.
  • Each review-requiring permission has a valid justification explaining why it is necessary.
  • When a user denies a runtime permission, the app either:
    • Displays an informative on-screen prompt explaining that certain features will be unavailable, or
    • Continues functioning without interruption (some features may be limited).

Revisions

  • 2026-03-30: Added review-requiring permission justification checks and graceful failure testing for denied runtime permissions.
  • 2024-12-18: Moved the lists of prohibited and review-required permissions to their own reference pages.
  • 2024-07-31: Removed App Lab from VRC platform requirements.
Nav Logo
Virtual reality / Meta Horizon
Virtual reality / Meta Horizon
Virtual reality / Meta Horizon
English (US)
© 2026 Meta