# @ohos.account.osAccount (System Account) (System API)
The **osAccount** module provides basic capabilities for managing system (OS) accounts, including adding, deleting, querying, setting, subscribing to, and enabling a system account.
> **NOTE**
>
> - The initial APIs of this module are supported since API version 7. Newly added APIs will be marked with a superscript to indicate their earliest API version.
> - This topic describes only the system APIs provided by the module. For details about its public APIs, see [ohos.account.osAccount (System Account Management)](js-apis-osAccount.md).
## Modules to Import
```ts
import { osAccount } from '@kit.BasicServicesKit';
```
## AccountManager
Provides APIs for managing system accounts.
### activateOsAccount
activateOsAccount(localId: number, callback: AsyncCallback<void>): void
Activates a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------- | ---- | -------------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
| 12300016 | The number of logged in accounts reaches the upper limit. |
**Example**: Activate system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let localId: number = 100;
try {
accountManager.activateOsAccount(localId, (err: BusinessError)=>{
if (err) {
console.error(`activateOsAccount failed, code is ${err.code}, message is ${err.message}`);
} else {
console.log('activateOsAccount successfully');
}
});
} catch (err) {
console.log('activateOsAccount failed, error:' + JSON.stringify(err));
}
```
### activateOsAccount
activateOsAccount(localId: number): Promise<void>
Activates a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | -------------------- |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ------------------- | ------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
| 12300016 | The number of logged in accounts reaches the upper limit. |
**Example**: Activate system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.activateOsAccount(localId).then(() => {
console.log('activateOsAccount successfully');
}).catch((err: BusinessError) => {
console.log('activateOsAccount failed, err:' + JSON.stringify(err));
});
} catch (e) {
console.log('activateOsAccount exception: ' + JSON.stringify(e));
}
```
### deactivateOsAccount12+
deactivateOsAccount(localId: number): Promise<void>
Deactivates (logs out of) a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | -------------------- |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ------------------- | ------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Deactivate system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.deactivateOsAccount(localId).then(() => {
console.log('deactivateOsAccount successfully');
}).catch((err: BusinessError) => {
console.log('deactivateOsAccount failed, err:' + JSON.stringify(err));
});
} catch (e) {
console.log('deactivateOsAccount exception: ' + JSON.stringify(e));
}
```
### isOsAccountActivated11+
isOsAccountActivated(localId: number): Promise<boolean>
Checks whether a system account is activated. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | --------------------------------- |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ---------------------- | ---------------------------------------------------------- |
| Promise<boolean> | Promise used to return the result. The value **true** means the account is activated; the value **false** means the opposite.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
**Example**: Check whether system account 100 is activated.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.isOsAccountActivated(localId).then((isActivated: boolean) => {
console.log('isOsAccountActivated successfully, isActivated: ' + isActivated);
}).catch((err: BusinessError) => {
console.log('isOsAccountActivated failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('isOsAccountActivated exception: ' + JSON.stringify(err));
}
```
### isOsAccountConstraintEnabled11+
isOsAccountConstraintEnabled(localId: number, constraint: string): Promise<boolean>
Checks whether a constraint is enabled for a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | ------ | ---- | ---------------------------------- |
| localId | number | Yes | ID of the target system account. |
| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) to check.|
**Return value**
| Type | Description |
| --------------------- | --------------------------------------------------------------------- |
| Promise<boolean> | Promise used to return the result. The value **true** means the specified constraint is enabled; the value **false** means the opposite.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
**Example**: Check whether system account 100 is forbidden to use Wi-Fi.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let constraint: string = 'constraint.wifi';
try {
accountManager.isOsAccountConstraintEnabled(localId, constraint).then((isEnabled: boolean) => {
console.log('isOsAccountConstraintEnabled successfully, isEnabled: ' + isEnabled);
}).catch((err: BusinessError) => {
console.log('isOsAccountConstraintEnabled failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('isOsAccountConstraintEnabled exception: ' + JSON.stringify(err));
}
```
### isOsAccountUnlocked11+
isOsAccountUnlocked(localId: number): Promise<boolean>
Checks whether a system account has been verified. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | --------------------------------------------------------------- |
| localId | number | Yes | ID of the target system account. If this parameter is not specified, this API checks whether the current system account has been verified.|
**Return value**
| Type | Description |
| ---------------------- | ----------------------------------------------------------------- |
| Promise<boolean> | Promise used to return the result. The value **true** means the system account has been verified; the value **false** means the opposite.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.isOsAccountUnlocked(localId).then((isVerified: boolean) => {
console.log('isOsAccountUnlocked successfully, isVerified: ' + isVerified);
}).catch((err: BusinessError) => {
console.log('isOsAccountUnlocked failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('isOsAccountUnlocked exception: ' + JSON.stringify(err));
}
```
### removeOsAccount
removeOsAccount(localId: number, callback: AsyncCallback<void>): void
Removes a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------- | ---- | -------------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let accountName: string = 'testAccountName';
try {
accountManager.createOsAccount(accountName, osAccount.OsAccountType.NORMAL,
(err: BusinessError, osAccountInfo: osAccount.OsAccountInfo) => {
accountManager.removeOsAccount(osAccountInfo.localId, (err: BusinessError)=>{
if (err) {
console.log('removeOsAccount failed, error: ' + JSON.stringify(err));
} else {
console.log('removeOsAccount successfully');
}
});
});
} catch (err) {
console.log('removeOsAccount exception: ' + JSON.stringify(err));
}
```
### removeOsAccount
removeOsAccount(localId: number): Promise<void>
Removes a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | --------------------------------- |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ------------------- | ------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let accountName: string = 'testAccountName';
try {
accountManager.createOsAccount(accountName, osAccount.OsAccountType.NORMAL,
(err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{
accountManager.removeOsAccount(osAccountInfo.localId).then(() => {
console.log('removeOsAccount successfully');
}).catch((err: BusinessError) => {
console.log('removeOsAccount failed, error: ' + JSON.stringify(err));
});
});
} catch (err) {
console.log('removeOsAccount exception: ' + JSON.stringify(err));
}
```
### setOsAccountConstraints
setOsAccountConstraints(localId: number, constraints: Array<string>, enable: boolean,callback: AsyncCallback<void>): void
Sets or removes constraints for a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ----------- | ------------------------- | ---- | ----------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| constraints | Array<string> | Yes | [Constraints](js-apis-osAccount.md#constraints) to set or remove. |
| enable | boolean | Yes | Set or remove constraints. The value **true** means to set constraints, and **false** means to remove constraints. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or constraints. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Disable Wi-Fi for system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let constraint: string = 'constraint.wifi';
try {
accountManager.setOsAccountConstraints(localId, [constraint], true, (err: BusinessError) => {
if (err) {
console.log('setOsAccountConstraints failed, error: ' + JSON.stringify(err));
} else {
console.log('setOsAccountConstraints successfully');
}
});
} catch (err) {
console.log('setOsAccountConstraints exception: ' + JSON.stringify(err));
}
```
### setOsAccountConstraints
setOsAccountConstraints(localId: number, constraints: Array<string>, enable: boolean): Promise<void>
Sets or removes constraints for a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ----------- | ------------------- | ---- | -------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| constraints | Array<string> | Yes | [Constraints](js-apis-osAccount.md#constraints) to set or remove. |
| enable | boolean | Yes | Set or remove constraints. The value **true** means to set constraints, and **false** means to remove constraints. |
**Return value**
| Type | Description |
| :------------------ | :----------------------------------- |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or constraints. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Remove the constraint on the use of Wi-Fi for system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.setOsAccountConstraints(localId, ['constraint.location.set'], false).then(() => {
console.log('setOsAccountConstraints succsuccessfully');
}).catch((err: BusinessError) => {
console.log('setOsAccountConstraints failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('setOsAccountConstraints exception: ' + JSON.stringify(err));
}
```
### setOsAccountName
setOsAccountName(localId: number, localName: string, callback: AsyncCallback<void>): void
Sets the name of a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| :-------- | ------------------------- | ---- | ----------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| localName | string | Yes | Account name to set. The value cannot exceed 1024 characters. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or localName. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Set the name of system account 100 to **demoName**.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let name: string = 'demoName';
try {
accountManager.setOsAccountName(localId, name, (err: BusinessError) => {
if (err) {
console.log('setOsAccountName failed, error: ' + JSON.stringify(err));
} else {
console.log('setOsAccountName successfully');
}
});
} catch (err) {
console.log('setOsAccountName exception: ' + JSON.stringify(err));
}
```
### setOsAccountName
setOsAccountName(localId: number, localName: string): Promise<void>
Sets the name of a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------ | ---- | --------------------------------- |
| localId | number | Yes | ID of the target system account.|
| localName | string | Yes | Account name to set. The value cannot exceed 1024 characters. |
**Return value**
| Type | Description |
| ------------------- | ------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or localName. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Set the name of system account 100 to **demoName**.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let name: string = 'testName';
try {
accountManager.setOsAccountName(localId, name).then(() => {
console.log('setOsAccountName successfully');
}).catch((err: BusinessError) => {
console.log('setOsAccountName failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('setOsAccountName exception: ' + JSON.stringify(err));
}
```
### queryMaxOsAccountNumber
queryMaxOsAccountNumber(callback: AsyncCallback<number>): void
Queries the maximum number of system accounts that can be created. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | -------------------------------------------------------------------------------- |
| callback | AsyncCallback<number> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the maximum number of system accounts that can be created. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryMaxOsAccountNumber((err: BusinessError, maxCnt: number) => {
if (err) {
console.log('queryMaxOsAccountNumber failed, error:' + JSON.stringify(err));
} else {
console.log('queryMaxOsAccountNumber successfully, maxCnt:' + maxCnt);
}
});
} catch (err) {
console.log('queryMaxOsAccountNumber exception: ' + JSON.stringify(err));
}
```
### queryMaxOsAccountNumber
queryMaxOsAccountNumber(): Promise<number>
Queries the maximum number of system accounts that can be created. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| --------------------- | ------------------------------------------- |
| Promise<number> | Promise used to return the maximum number of system accounts that can be created.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryMaxOsAccountNumber().then((maxCnt: number) => {
console.log('queryMaxOsAccountNumber successfully, maxCnt: ' + maxCnt);
}).catch((err: BusinessError) => {
console.log('queryMaxOsAccountNumber failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('queryMaxOsAccountNumber exception: ' + JSON.stringify(err));
}
```
### queryMaxLoggedInOsAccountNumber12+
queryMaxLoggedInOsAccountNumber(): Promise<number>
Queries the maximum number of system accounts allowed to log in to the system. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| --------------------- | ------------------------------------------- |
| Promise<number> | Promise used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryMaxLoggedInOsAccountNumber().then((maxNum: number) => {
console.log('queryMaxLoggedInOsAccountNumber successfully, maxNum: ' + maxNum);
}).catch((err: BusinessError) => {
console.log('queryMaxLoggedInOsAccountNumber failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('queryMaxLoggedInOsAccountNumber exception: ' + JSON.stringify(err));
}
```
### getEnabledOsAccountConstraints11+
getEnabledOsAccountConstraints(localId: number): Promise<Array<string>>
Obtains all the enabled constraints of a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ---------------------------------- | ---------------------------------------------------------- |
| Promise<Array<string>> | Promise used to return all the enabled [constraints](js-apis-osAccount.md#constraints) of the system account.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
**Example**: Obtain all constraints of system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.getEnabledOsAccountConstraints(localId).then((constraints: string[]) => {
console.log('getEnabledOsAccountConstraints, constraints: ' + constraints);
}).catch((err: BusinessError) => {
console.log('getEnabledOsAccountConstraints err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('getEnabledOsAccountConstraints exception: ' + JSON.stringify(e));
}
```
### queryAllCreatedOsAccounts
queryAllCreatedOsAccounts(callback: AsyncCallback<Array<OsAccountInfo>>): void
Queries information about all the system accounts created. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------------------------ | ---- | -------------------------------------------------- |
| callback | AsyncCallback<Array<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is a list of all created system accounts. Otherwise, **data** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryAllCreatedOsAccounts((err: BusinessError, accountArr: osAccount.OsAccountInfo[])=>{
console.log('queryAllCreatedOsAccounts err:' + JSON.stringify(err));
console.log('queryAllCreatedOsAccounts accountArr:' + JSON.stringify(accountArr));
});
} catch (e) {
console.log('queryAllCreatedOsAccounts exception: ' + JSON.stringify(e));
}
```
### queryAllCreatedOsAccounts
queryAllCreatedOsAccounts(): Promise<Array<OsAccountInfo>>
Queries information about all the system accounts created. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Return value**
| Type | Description |
| ----------------------------------------------------------- | --------------------------------------------- |
| Promise<Array<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)>> | Promise used to return the information about all the system accounts created.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryAllCreatedOsAccounts().then((accountArr: osAccount.OsAccountInfo[]) => {
console.log('queryAllCreatedOsAccounts, accountArr: ' + JSON.stringify(accountArr));
}).catch((err: BusinessError) => {
console.log('queryAllCreatedOsAccounts err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('queryAllCreatedOsAccounts exception: ' + JSON.stringify(e));
}
```
### getForegroundOsAccountLocalId12+
getForegroundOsAccountLocalId(): Promise<number>;
Obtains the ID of the foreground system account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| ---------------------- | ----------------------------------------------------------------- |
| Promise<number> | Promise used to return the result. return the ID of the foreground system account obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.getForegroundOsAccountLocalId().then((localId: number) => {
console.log('getForegroundOsAccountLocalId, localId: ' + localId);
}).catch((err: BusinessError) => {
console.log('getForegroundOsAccountLocalId err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('getForegroundOsAccountLocalId exception: ' + JSON.stringify(e));
}
```
### createOsAccount
createOsAccount(localName: string, type: OsAccountType, callback: AsyncCallback<OsAccountInfo>): void
Creates a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| :-------- | ---------------------------------------------------- | ---- | --------------------------------------------------------------------------- |
| localName | string | Yes | Name of the system account to create. |
| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create. |
| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the created system account. Otherwise, **err** is an error object.|
**Error codes**
| ID | Error Message |
| -------- | ------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localName or type. |
| 12300004 | Local name already exists. |
| 12300005 | Multi-user not supported. |
| 12300006 | Unsupported account type. |
| 12300007 | The number of accounts has reached the upper limit. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.createOsAccount('testName', osAccount.OsAccountType.NORMAL,
(err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{
console.log('createOsAccount err:' + JSON.stringify(err));
console.log('createOsAccount osAccountInfo:' + JSON.stringify(osAccountInfo));
});
} catch (e) {
console.log('createOsAccount exception: ' + JSON.stringify(e));
}
```
### createOsAccount
createOsAccount(localName: string, type: OsAccountType, options?: CreateOsAccountOptions): Promise<OsAccountInfo>
Creates a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------------------------------- | ---- | ---------------------- |
| localName | string | Yes | Name of the system account to create.|
| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create.|
| options | [CreateOsAccountOptions](js-apis-osAccount-sys.md#createosaccountoptions12) | No | Options for creating a system account. By default, this parameter is left blank.
This parameter is supported since API version 12. |
**Return value**
| Type | Description |
| ---------------------------------------------- | ------------------------------------- |
| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the information about the created system account.|
**Error codes**
| ID | Error Message |
| -------- | ------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localName, type or options. |
| 12300004 | Local name already exists. |
| 12300005 | Multi-user not supported. |
| 12300006 | Unsupported account type. |
| 12300007 | The number of accounts has reached the upper limit. |
| 12300015 | The short name already exists. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let options: osAccount.CreateOsAccountOptions = {
shortName: 'myShortName'
}
try {
accountManager.createOsAccount('testAccountName', osAccount.OsAccountType.NORMAL, options).then(
(accountInfo: osAccount.OsAccountInfo) => {
console.log('createOsAccount, accountInfo: ' + JSON.stringify(accountInfo));
}).catch((err: BusinessError) => {
console.log('createOsAccount err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('createOsAccount exception: ' + JSON.stringify(e));
}
```
### createOsAccountForDomain8+
createOsAccountForDomain(type: OsAccountType, domainInfo: DomainAccountInfo, callback: AsyncCallback<OsAccountInfo>): void
Creates a system account and associates it with the specified domain account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | ---------------------------------------------------- | ---- | -------------------------------------------------------------------------- |
| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create. |
| domainInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. |
| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the created system account. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type or domainInfo. |
| 12300004 | Account already exists. |
| 12300005 | Multi-user not supported. |
| 12300006 | Unsupported account type. |
| 12300007 | The number of accounts has reached the upper limit. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let domainInfo: osAccount.DomainAccountInfo =
{domain: 'testDomain', accountName: 'testAccountName'};
try {
accountManager.createOsAccountForDomain(osAccount.OsAccountType.NORMAL, domainInfo,
(err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{
console.log('createOsAccountForDomain err:' + JSON.stringify(err));
console.log('createOsAccountForDomain osAccountInfo:' + JSON.stringify(osAccountInfo));
});
} catch (e) {
console.log('createOsAccountForDomain exception: ' + JSON.stringify(e));
}
```
### createOsAccountForDomain8+
createOsAccountForDomain(type: OsAccountType, domainInfo: DomainAccountInfo, options?: CreateOsAccountForDomainOptions): Promise<OsAccountInfo>
Creates a system account and associates it with the specified domain account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | ---------------------------------------- | ---- | -------------------- |
| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create.|
| domainInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. |
| options | [CreateOsAccountForDomainOptions](#createosaccountfordomainoptions12) | No | Optional parameters for creating the account. By default, this parameter is left blank.
This parameter is supported since API version 12. |
**Return value**
| Type | Description |
| ---------------------------------------------- | -------------------------------------- |
| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the information about the created system account.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type, domainInfo or options. |
| 12300004 | Account already exists. |
| 12300005 | Multi-user not supported. |
| 12300006 | Unsupported account type. |
| 12300007 | The number of accounts has reached the upper limit. |
| 12300015 | The short name already exists. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let domainInfo: osAccount.DomainAccountInfo =
{domain: 'testDomain', accountName: 'testAccountName'};
let options: osAccount.CreateOsAccountForDomainOptions = {
shortName: 'myShortName'
}
try {
accountManager.createOsAccountForDomain(osAccount.OsAccountType.NORMAL, domainInfo, options).then(
(accountInfo: osAccount.OsAccountInfo) => {
console.log('createOsAccountForDomain, account info: ' + JSON.stringify(accountInfo));
}).catch((err: BusinessError) => {
console.log('createOsAccountForDomain err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('createOsAccountForDomain exception: ' + JSON.stringify(e));
}
```
### queryOsAccount11+
queryOsAccount(): Promise<OsAccountInfo>
Obtains information about the system account to which the current process belongs. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.GET_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| ---------------------------------------------- | ----------------------------------------- |
| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the system account information obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.queryOsAccount().then((accountInfo: osAccount.OsAccountInfo) => {
console.log('queryOsAccount, accountInfo: ' + JSON.stringify(accountInfo));
}).catch((err: BusinessError) => {
console.log('queryOsAccount err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('queryOsAccount exception: ' + JSON.stringify(e));
}
```
### queryOsAccountById
queryOsAccountById(localId: number, callback: AsyncCallback<OsAccountInfo>): void
Queries information about the system account of the given ID. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------------------------------- | ---- | ------------------------------------------------------------------------ |
| localId | number | Yes | ID of the target system account. |
| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the system account information obtained. Otherwise, **data** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
**Example**: Query information about system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.queryOsAccountById(localId, (err: BusinessError, accountInfo: osAccount.OsAccountInfo)=>{
console.log('queryOsAccountById err:' + JSON.stringify(err));
console.log('queryOsAccountById accountInfo:' + JSON.stringify(accountInfo));
});
} catch (e) {
console.log('queryOsAccountById exception: ' + JSON.stringify(e));
}
```
### queryOsAccountById
queryOsAccountById(localId: number): Promise<OsAccountInfo>
Queries information about the system account of the given ID. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | -------------------- |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| ---------------------------------------------- | ------------------------------------ |
| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the system account information obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
**Example**: Query information about system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.queryOsAccountById(localId).then((accountInfo: osAccount.OsAccountInfo) => {
console.log('queryOsAccountById, accountInfo: ' + JSON.stringify(accountInfo));
}).catch((err: BusinessError) => {
console.log('queryOsAccountById err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('queryOsAccountById exception: ' + JSON.stringify(e));
}
```
### getOsAccountProfilePhoto
getOsAccountProfilePhoto(localId: number, callback: AsyncCallback<string>): void
Obtains the profile photo of a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | -------------------------------------------------------------------------- |
| localId | number | Yes | ID of the target system account. |
| callback | AsyncCallback<string> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the profile photo information obtained. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
**Example**: Obtain the profile photo of system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.getOsAccountProfilePhoto(localId, (err: BusinessError, photo: string)=>{
console.log('getOsAccountProfilePhoto err:' + JSON.stringify(err));
console.log('get photo:' + photo + ' by localId: ' + localId);
});
} catch (e) {
console.log('getOsAccountProfilePhoto exception: ' + JSON.stringify(e));
}
```
### getOsAccountProfilePhoto
getOsAccountProfilePhoto(localId: number): Promise<string>
Obtains the profile photo of a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| --------------------- | -------------------------------------- |
| Promise<string> | Promise used to return the profile photo information obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | Account not found. |
**Example**: Obtain the profile photo of system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
try {
accountManager.getOsAccountProfilePhoto(localId).then((photo: string) => {
console.log('getOsAccountProfilePhoto: ' + photo);
}).catch((err: BusinessError) => {
console.log('getOsAccountProfilePhoto err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('getOsAccountProfilePhoto exception: ' + JSON.stringify(e));
}
```
### setOsAccountProfilePhoto
setOsAccountProfilePhoto(localId: number, photo: string, callback: AsyncCallback<void>): void
Sets a profile photo for a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------- | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
| photo | string | Yes | Profile photo information. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object. |
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or photo. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Set a profile photo for system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let photo: string = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAAPCAYAAAA/I0V3AAAAAXNSR0IArs4c6QAAAARnQU1BAA'+
'Cxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAACwSURBVDhPvZLBDYMwDEV/ugsXRjAT0EHCOuFIBwkbdIRewi6unbiAyoGgSn1SFH85+Y'+
'q/4ljARW62X+LHS8uIzjm4dXUYF+utzBikB52Jo5e5iEPKqpACk7R9NM2RvWm5tIkD2czLCUFNKLD6IjdMHFHDzws285MgGrT0xCtp3WOKHo'+
'+7q0mP0DZW9pNmoEFUzrQjp5cCnaen2kSJXLFD8ghbXyZCMQf/8e8Ns1XVAG/XAgqKzVnJFAAAAABJRU5ErkJggg=='
try {
accountManager.setOsAccountProfilePhoto(localId, photo, (err: BusinessError)=>{
console.log('setOsAccountProfilePhoto err:' + JSON.stringify(err));
});
} catch (e) {
console.log('setOsAccountProfilePhoto exception: ' + JSON.stringify(e));
}
```
### setOsAccountProfilePhoto
setOsAccountProfilePhoto(localId: number, photo: string): Promise<void>
Sets a profile photo for a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
| photo | string | Yes | Profile photo information. |
**Return value**
| Type | Description |
| ------------------- | ------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId or photo. |
| 12300003 | Account not found. |
| 12300008 | Restricted Account. |
**Example**: Set a profile photo for system account 100.
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let localId: number = 100;
let photo: string = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAAPCAYAAAA/I0V3AAAAAXNSR0IArs4c6QAAAARnQU1BAA'+
'Cxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAACwSURBVDhPvZLBDYMwDEV/ugsXRjAT0EHCOuFIBwkbdIRewi6unbiAyoGgSn1SFH85+Y'+
'q/4ljARW62X+LHS8uIzjm4dXUYF+utzBikB52Jo5e5iEPKqpACk7R9NM2RvWm5tIkD2czLCUFNKLD6IjdMHFHDzws285MgGrT0xCtp3WOKHo'+
'+7q0mP0DZW9pNmoEFUzrQjp5cCnaen2kSJXLFD8ghbXyZCMQf/8e8Ns1XVAG/XAgqKzVnJFAAAAABJRU5ErkJggg=='
try {
accountManager.setOsAccountProfilePhoto(localId, photo).then(() => {
console.log('setOsAccountProfilePhoto success');
}).catch((err: BusinessError) => {
console.log('setOsAccountProfilePhoto err: ' + JSON.stringify(err));
});
} catch (e) {
console.log('setOsAccountProfilePhoto exception: ' + JSON.stringify(e));
}
```
### on
on(type: 'activate' | 'activating', name: string, callback: Callback<number>): void
Subscribes to the system account activation states, including the states of the account being activated and the account with activation completed. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'activate' \| 'activating' | Yes | Type of the event to subscribe to. The value **activate** indicates a system account is activated, and **activating** indicates a system account is being activated.|
| name | string | Yes | Subscription name, which can be customized. The value cannot be empty or exceed 1024 bytes. |
| callback | Callback<number> | Yes | Callback used to return the ID of the system account being activated or activated. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type or name. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
function onCallback(receiveLocalId: number){
console.log('receive localId:' + receiveLocalId);
}
try {
accountManager.on('activating', 'osAccountOnOffNameA', onCallback);
} catch (e) {
console.log('receive localId exception: ' + JSON.stringify(e));
}
```
### off
off(type: 'activate' | 'activating', name: string, callback?: Callback<number>): void
Unsubscribes from the system account activation states, including the states of the account being activated and the account with activation completed. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'activate' \| 'activating' | Yes | Type of the event to unsubscribe from. The value **activate** indicates that a system account is activated, and **activating** indicates that a system account is being activated.|
| name | string | Yes | Subscription name, which can be customized. The value cannot be empty or exceed 1024 bytes, and must be the same as the value passed by **on()**.|
| callback | Callback<number> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the system account activation states. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type or name. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
function offCallback(){
console.log('off enter')
}
try {
accountManager.off('activating', 'osAccountOnOffNameA', offCallback);
} catch (e) {
console.log('off exception: ' + JSON.stringify(e));
}
```
### on12+
on(type: 'switching', callback: Callback<OsAccountSwitchEventData>): void
Subscribes to the switchover between a foreground system account and a background system account in progress. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'switching' | Yes | Event type. The value **switching** indicates that the switchover between a foreground system account and a background account is being performed.|
| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | Yes | Callback used to return the system account IDs before and after the switchover. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
function onSwitchingCallback(eventData: osAccount.OsAccountSwitchEventData){
console.log('receive eventData:' + JSON.stringify(eventData));
}
try {
accountManager.on('switching', onSwitchingCallback);
} catch (e) {
console.log('receive eventData exception: ' + JSON.stringify(e));
}
```
### off12+
off(type: 'switching', callback?: Callback<OsAccountSwitchEventData>): void
Unsubscribes from the switchover between a foreground system account and a background system account in progress. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'switching' | Yes | Event type. The value **switching** indicates that the switchover between a foreground system account and a background account is being performed.|
| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the **switching** event. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.off('switching');
} catch (e) {
console.log('off exception: ' + JSON.stringify(e));
}
```
### on12+
on(type: 'switched', callback: Callback<OsAccountSwitchEventData>): void
Subscribes to the end of a switchover between a foreground system account and a background system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'switched' | Yes | Event type. The value **switched** indicates that the switchover between a foreground system account and a background system account is complete.|
| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | Yes | Callback used to return the system account IDs before and after the switchover. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
function onSwitchedCallback(eventData: osAccount.OsAccountSwitchEventData){
console.log('receive eventData:' + JSON.stringify(eventData));
}
try {
accountManager.on('switched', onSwitchedCallback);
} catch (e) {
console.log('receive eventData exception: ' + JSON.stringify(e));
}
```
### off12+
off(type: 'switched', callback?: Callback<OsAccountSwitchEventData>): void
Unsubscribes from the end of a switchover between a foreground system account and a background system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| type | 'switched' | Yes | Event type. The value **switched** indicates that the switchover between a foreground system account and a background system account is complete.|
| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the **switched** event. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid type. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.off('switched');
} catch (e) {
console.log('off exception: ' + JSON.stringify(e));
}
```
### getBundleIdForUid9+
getBundleIdForUid(uid: number, callback: AsyncCallback<number>): void
Obtains the bundle ID based on the UID. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | --------------------------- | ---- | ------------------------------------------------------------------------ |
| uid | number | Yes | Process UID. |
| callback | AsyncCallback<number> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the bundle ID obtained. Otherwise, **data** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid uid. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let testUid: number = 1000000;
try {
accountManager.getBundleIdForUid(testUid, (err: BusinessError, bundleId: number) => {
console.info('getBundleIdForUid errInfo:' + JSON.stringify(err));
console.info('getBundleIdForUid bundleId:' + JSON.stringify(bundleId));
});
} catch (e) {
console.info('getBundleIdForUid exception: ' + JSON.stringify(e));
}
```
### getBundleIdForUid9+
getBundleIdForUid(uid: number): Promise<number>
Obtains the bundle ID based on the UID. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| uid | number | Yes | Process UID.|
**Return value**
| Type | Description |
| --------------------- | ------------------------------------ |
| Promise<number> | Promise used to return the bundle ID obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid uid. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let testUid: number = 1000000;
try {
accountManager.getBundleIdForUid(testUid).then((result: number) => {
console.info('getBundleIdForUid bundleId:' + JSON.stringify(result));
}).catch((err: BusinessError) => {
console.info('getBundleIdForUid errInfo:' + JSON.stringify(err));
});
} catch (e) {
console.info('getBundleIdForUid exception: ' + JSON.stringify(e));
}
```
### getBundleIdForUidSync10+
getBundleIdForUidSync(uid: number): number
Obtains the bundle ID based on the specified UID. The API returns the result synchronously.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| uid | number | Yes | Process UID.|
**Return value**
| Type | Description |
| ------ | ------------------------ |
| number | Bundle ID obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300002 | Invalid uid. |
**Example**
```ts
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
let testUid: number = 1000000;
try {
let bundleId : number = accountManager.getBundleIdForUidSync(testUid);
console.info('getBundleIdForUidSync bundleId:' + bundleId);
} catch (e) {
console.info('getBundleIdForUidSync exception: ' + JSON.stringify(e));
}
```
### isMainOsAccount9+
isMainOsAccount(callback: AsyncCallback<boolean>): void
Checks whether the current process belongs to the main system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------------- | ---- | ----------------------------------------------------------------- |
| callback | AsyncCallback<boolean> | Yes | Callback used to return the result. If **true** is returned, the current process belongs to the main system account. If **false** is returned, the current process does not belong to the main system account.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.isMainOsAccount((err: BusinessError,result: boolean)=>{
console.info('isMainOsAccount errInfo:' + JSON.stringify(err));
console.info('isMainOsAccount result:' + JSON.stringify(result));
});
} catch (e) {
console.info('isMainOsAccount exception: ' + JSON.stringify(e));
}
```
### isMainOsAccount9+
isMainOsAccount(): Promise<boolean>;
Checks whether the current process belongs to the main system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| ---------------------- | --------------------------------------------------------------------- |
| Promise<boolean> | Promise used to return the result. If **true** is returned, the current process belongs to the main system account. If **false** is returned, the current process does not belong to the main system account.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.isMainOsAccount().then((result: boolean) => {
console.info('isMainOsAccount result:' + JSON.stringify(result));
}).catch((err: BusinessError) => {
console.info('isMainOsAccount errInfo:' + JSON.stringify(err));
});
} catch (e) {
console.info('isMainOsAccount exception: ' + JSON.stringify(e));
}
```
### getOsAccountConstraintSourceTypes9+
getOsAccountConstraintSourceTypes(localId: number, constraint: string, callback: AsyncCallback<Array<ConstraintSourceTypeInfo>>): void
Obtains the constraint source information of a system account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------- | ---- | ------------------------------------------------------------ |
| localId | number | Yes | ID of the target system account.|
| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) whose source information is to be obtained.|
| callback | AsyncCallback<Array<[ConstraintSourceTypeInfo](#constraintsourcetypeinfo9)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the [constraint](js-apis-osAccount.md#constraints) source information obtained. Otherwise, **err** is an error object. |
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid name or constraint. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.getOsAccountConstraintSourceTypes(100, 'constraint.wifi',
(err: BusinessError,sourceTypeInfos: osAccount.ConstraintSourceTypeInfo[])=>{
console.info('getOsAccountConstraintSourceTypes errInfo:' + JSON.stringify(err));
console.info('getOsAccountConstraintSourceTypes sourceTypeInfos:' + JSON.stringify(sourceTypeInfos));
});
} catch (e) {
console.info('getOsAccountConstraintSourceTypes exception: ' + JSON.stringify(e));
}
```
### getOsAccountConstraintSourceTypes9+
getOsAccountConstraintSourceTypes(localId: number, constraint: string): Promise<Array<ConstraintSourceTypeInfo>>;
Obtains the constraint source information of a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) whose source information is to be obtained.|
**Return value**
| Type | Description |
| --------------------- | ------------------------------------------------------------ |
| Promise<Array<[ConstraintSourceTypeInfo](#constraintsourcetypeinfo9)>> | Promise used to return the source information of the specified [constraint](js-apis-osAccount.md#constraints).|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid name or constraint. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
accountManager.getOsAccountConstraintSourceTypes(100, 'constraint.wifi').then(
(result: osAccount.ConstraintSourceTypeInfo[]) => {
console.info('getOsAccountConstraintSourceTypes sourceTypeInfos:' + JSON.stringify(result));
}).catch((err: BusinessError) => {
console.info('getOsAccountConstraintSourceTypes errInfo:' + JSON.stringify(err));
});
} catch (e) {
console.info('getOsAccountConstraintSourceTypes exception: ' + JSON.stringify(e));
}
```
### getOsAccountType12+
getOsAccountType(localId: number): Promise<OsAccountType>;
Obtains the type of a system account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ------- | ------ | ---- | ------------ |
| localId | number | Yes | ID of the target system account.|
**Return value**
| Type | Description |
| --------------------- | ------------------------------------------------------------ |
| Promise<[OsAccountType](js-apis-osAccount.md#osaccounttype)> | Promise used to return the type of the system account obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountManager: osAccount.AccountManager = osAccount.getAccountManager();
try {
let localId: number = 100;
accountManager.getOsAccountType(localId).then((type: osAccount.OsAccountType) => {
console.info('getOsAccountType Type:' + type);
}).catch((err: BusinessError) => {
console.info('getOsAccountType errInfo:' + JSON.stringify(err));
});
} catch (e) {
console.info('getOsAccountType exception: ' + JSON.stringify(e));
}
```
## UserAuth8+
Provides APIs for user authentication.
**System API**: This is a system API.
### constructor8+
constructor()
A constructor used to create an instance for user authentication.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
**Example**
```ts
let userAuth = new osAccount.UserAuth();
```
### getVersion8+
getVersion(): number;
Obtains version information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Return value**
| Type | Description |
| :----- | :----------- |
| number | Version information obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let version: number = userAuth.getVersion();
console.log('getVersion version = ' + version);
```
### getAvailableStatus8+
getAvailableStatus(authType: AuthType, authTrustLevel: AuthTrustLevel): number;
Obtains the available status of the authentication capability corresponding to the specified authentication type and trust level.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | -----------------------------------| ---- | ------------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication.|
**Return value**
| Type | Description |
| ------ | ----------------------------- |
| number | Available status of the authentication capability.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid authType or authTrustLevel. |
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let authType: osAccount.AuthType = osAccount.AuthType.PIN;
let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1;
try {
let status: number = userAuth.getAvailableStatus(authType, authTrustLevel);
console.log('getAvailableStatus status = ' + status);
} catch (e) {
console.log('getAvailableStatus exception = ' + JSON.stringify(e));
}
```
### getProperty8+
getProperty(request: GetPropertyRequest, callback: AsyncCallback<ExecutorProperty>): void
Obtains the executor property based on the request. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------ |
| request | [GetPropertyRequest](#getpropertyrequest8) | Yes | Request information, including the authentication credential type and property list.|
| callback | AsyncCallback<[ExecutorProperty](#executorproperty8)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the executor property information obtained. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid request. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userAuth = new osAccount.UserAuth();
let keys: Array = [
osAccount.GetPropertyType.AUTH_SUB_TYPE,
osAccount.GetPropertyType.REMAIN_TIMES,
osAccount.GetPropertyType.FREEZING_TIME
];
let request: osAccount.GetPropertyRequest = {
authType: osAccount.AuthType.PIN,
keys: keys
};
try {
userAuth.getProperty(request, (err: BusinessError, result: osAccount.ExecutorProperty) => {
console.log('getProperty err = ' + JSON.stringify(err));
console.log('getProperty result = ' + JSON.stringify(result));
});
} catch (e) {
console.log('getProperty exception = ' + JSON.stringify(e));
}
```
### getProperty8+
getProperty(request: GetPropertyRequest): Promise<ExecutorProperty>;
Obtains the executor property based on the request. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------------------ | ---- | ---------------------------------- |
| request | [GetPropertyRequest](#getpropertyrequest8) | Yes | Request information, including the authentication credential type and property list.|
**Return value**
| Type | Description |
| :---------------------------------------------------------------- | :-------------------------------------------------- |
| Promise<[ExecutorProperty](#executorproperty8)> | Promise used to return the executor property information obtained.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid request. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userAuth = new osAccount.UserAuth();
let keys: Array = [
osAccount.GetPropertyType.AUTH_SUB_TYPE,
osAccount.GetPropertyType.REMAIN_TIMES,
osAccount.GetPropertyType.FREEZING_TIME
];
let request: osAccount.GetPropertyRequest = {
authType: osAccount.AuthType.PIN,
keys: keys
};
try {
userAuth.getProperty(request).then((result: osAccount.ExecutorProperty) => {
console.log('getProperty result = ' + JSON.stringify(result));
}).catch((err: BusinessError) => {
console.log('getProperty error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('getProperty exception = ' + JSON.stringify(e));
}
```
### setProperty8+
setProperty(request: SetPropertyRequest, callback: AsyncCallback<void>): void
Sets the property for the initialization algorithm. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------------------------- | ---- | ---------------------------------------------------------------------- |
| request | [SetPropertyRequest](#setpropertyrequest8)| Yes | Request information, including the authentication credential type and the key value to set. |
| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid request. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userAuth = new osAccount.UserAuth();
let request: osAccount.SetPropertyRequest = {
authType: osAccount.AuthType.PIN,
key: osAccount.SetPropertyType.INIT_ALGORITHM,
setInfo: new Uint8Array([0])
};
try {
userAuth.setProperty(request, (err: BusinessError) => {
if (err) {
console.log('setProperty failed, error = ' + JSON.stringify(err));
} else {
console.log('setProperty successfully');
}
});
} catch (e) {
console.log('setProperty exception = ' + JSON.stringify(e));
}
```
### setProperty8+
setProperty(request: SetPropertyRequest): Promise<void>;
Sets the property for the initialization algorithm. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------ | ---- | ---------------------------------------- |
| request | [SetPropertyRequest](#setpropertyrequest8) | Yes | Request information, including the authentication credential type and the key value to set.|
**Return value**
| Type | Description |
| :-------------------- | :------------------------------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid request. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userAuth = new osAccount.UserAuth();
let request: osAccount.SetPropertyRequest = {
authType: osAccount.AuthType.PIN,
key: osAccount.SetPropertyType.INIT_ALGORITHM,
setInfo: new Uint8Array([0])
};
try {
userAuth.setProperty(request).then(() => {
console.log('setProperty successfully');
}).catch((err: BusinessError) => {
console.log('setProperty failed, error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('setProperty exception = ' + JSON.stringify(e));
}
```
### prepareRemoteAuth12+
prepareRemoteAuth(remoteNetworkId: string): Promise<void>;
Prepares for remote authentication. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------ | ---- | --------------- |
| remoteNetworkId | string | Yes | Remote network ID. |
**Return value**
| Type | Description |
| :-------------------- | :------------------------------------------------------------ |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | System service exception. |
| 12300002 | Invalid remoteNetworkId. |
**Example**
```ts
import { distributedDeviceManager } from '@kit.DistributedServiceKit';
import { BusinessError } from '@kit.BasicServicesKit';
let userAuth = new osAccount.UserAuth();
let distributedDeviceMgr = distributedDeviceManager.createDeviceManager("com.example.bundleName");
distributedDeviceMgr.getAvailableDeviceList().then((data: Array) => {
try {
if (data.length > 0 && data[0].networkId != null) {
userAuth.prepareRemoteAuth(data[0].networkId).then(() => {
console.log('prepareRemoteAuth successfully');
}).catch((err: BusinessError) => {
console.log('prepareRemoteAuth failed, error = ' + JSON.stringify(err));
});
}
} catch (e) {
console.log('prepareRemoteAuth exception = ' + JSON.stringify(e));
}
}
)
```
### auth8+
auth(challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): Uint8Array;
Performs authentication of the current user. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ---------------------------------------- | --- | ------------------------------------ |
| challenge | Uint8Array | Yes | Challenge value, which is a random number used to improve security.|
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. |
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. |
**Return value**
| Type | Description |
| ---------- | ------------------ |
| Uint8Array | ID of the context for canceling the authentication.|
**Error codes**
| ID| Error Message |
| -------- | --------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid challenge, authType or authTrustLevel. |
| 12300101 | The credential is incorrect. |
| 12300102 | Credential not enrolled. |
| 12300105 | The trust level is not supported. |
| 12300106 | The authentication type is not supported. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300117 | PIN is expired. |
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let challenge: Uint8Array = new Uint8Array([0]);
let authType: osAccount.AuthType = osAccount.AuthType.PIN;
let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1;
try {
userAuth.auth(challenge, authType, authTrustLevel, {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
console.log('auth result = ' + result);
console.log('auth extraInfo = ' + JSON.stringify(extraInfo));
}
});
} catch (e) {
console.log('auth exception = ' + JSON.stringify(e));
}
```
### auth12+
auth(challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, options: AuthOptions, callback: IUserAuthCallback): Uint8Array
Starts user authentication based on the specified challenge value, authentication type (PIN, facial, or fingerprint authentication), authentication trust level, and optional parameters (such as the account ID and authentication intent). This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ---------------------------------------- | --- | ------------------------------------ |
| challenge | Uint8Array | Yes | Challenge value, which is a random number used to prevent replay attacks and improve security.|
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. |
| options | [AuthOptions](#authoptions12) | Yes| Optional parameters for the authentication.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. |
**Return value**
| Type | Description |
| ---------- | ------------------ |
| Uint8Array | ID of the context for canceling the authentication.|
**Error codes**
| ID| Error Message |
| -------- | --------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid challenge, authType, authTrustLevel or options. |
| 12300003 | Account not found. |
| 12300101 | The credential is incorrect. |
| 12300102 | Credential not enrolled. |
| 12300105 | The trust level is not supported. |
| 12300106 | The authentication type is not supported. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300117 | PIN is expired. |
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let challenge: Uint8Array = new Uint8Array([0]);
let authType: osAccount.AuthType = osAccount.AuthType.PIN;
let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1;
let options: osAccount.AuthOptions = {
accountId: 100
};
try {
userAuth.auth(challenge, authType, authTrustLevel, options, {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
console.log('auth result = ' + result);
console.log('auth extraInfo = ' + JSON.stringify(extraInfo));
}
});
} catch (e) {
console.log('auth exception = ' + JSON.stringify(e));
}
```
### authUser8+
authUser(userId: number, challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): Uint8Array;
Performs authentication of the specified user. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ---------------------------------------------------- | --- | ------------------------------------ |
| userId | number | Yes | User ID. |
| challenge | Uint8Array | Yes | Challenge value, which is a random number used to improve security. |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. |
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. |
**Return value**
| Type | Description |
| ---------- | ------------------ |
| Uint8Array | ID of the context for canceling the authentication.|
**Error codes**
| ID| Error Message |
| -------- | --------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid challenge, authType or authTrustLevel. |
| 12300101 | The credential is incorrect. |
| 12300102 | Credential not enrolled. |
| 12300003 | Account not found. |
| 12300105 | The trust level is not supported. |
| 12300106 | The authentication type is not supported. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300117 | PIN is expired. |
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let userID: number = 100;
let challenge: Uint8Array = new Uint8Array([0]);
let authType: osAccount.AuthType = osAccount.AuthType.PIN;
let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1;
try {
userAuth.authUser(userID, challenge, authType, authTrustLevel, {
onResult: (result,extraInfo) => {
console.log('authUser result = ' + result);
console.log('authUser extraInfo = ' + JSON.stringify(extraInfo));
}
});
} catch (e) {
console.log('authUser exception = ' + JSON.stringify(e));
}
```
### cancelAuth8+
cancelAuth(contextID: Uint8Array): void
Cancels an authentication.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory | Description |
| ----------| ---------- | ---- | ------------------------------------------ |
| contextId | Uint8Array | Yes | ID of the authentication context. The context ID is dynamically generated.|
**Error codes**
| ID| Error Message |
| -------- | ------------------ |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid contextId. |
**Example**
```ts
let userAuth = new osAccount.UserAuth();
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
let challenge = new Uint8Array([0]);
let contextId: Uint8Array = userAuth.auth(challenge, osAccount.AuthType.PIN, osAccount.AuthTrustLevel.ATL1, {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
console.log('auth result = ' + result);
console.log('auth extraInfo = ' + JSON.stringify(extraInfo));
}
});
try {
userAuth.cancelAuth(contextId);
} catch (e) {
console.log('cancelAuth exception = ' + JSON.stringify(e));
}
```
## PINAuth8+
Provides APIs for PIN authentication.
**System API**: This is a system API.
### constructor8+
constructor()
Creates a PIN authentication instance.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Error codes**
| ID| Error Message |
| -------- | ------------- |
| 202 | Not system application.|
**Example**
```ts
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
```
### registerInputer8+
registerInputer(inputer: IInputer): void
Registers a PIN inputer.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_PIN_AUTH
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| inputer | [IInputer](#iinputer8) | Yes | PIN inputer, which is used to obtain the PIN.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid inputer. |
| 12300103 | The credential inputer already exists. |
**Example**
```ts
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
let password = new Uint8Array([0, 0, 0, 0, 0]);
try {
pinAuth.registerInputer({
onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => {
callback.onSetData(authSubType, password);
}
});
console.log('registerInputer success.');
} catch (e) {
console.log('registerInputer exception = ' + JSON.stringify(e));
}
```
### unregisterInputer8+
unregisterInputer(): void
Unregisters this PIN inputer.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_PIN_AUTH
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
**Example**
```ts
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
pinAuth.unregisterInputer();
```
## InputerManager 9+
Provides APIs for managing credential inputers.
### registerInputer9+
static registerInputer(authType: AuthType, inputer: IInputer): void
Registers a credential inputer.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL or ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type.|
| inputer | [IInputer](#iinputer8) | Yes | Credential inputer to register.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid authType or inputer. |
| 12300103 | The credential inputer already exists. |
| 12300106 | The authentication type is not supported. |
**Example**
```ts
let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN;
let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0]);
try {
osAccount.InputerManager.registerInputer(authType, {
onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => {
callback.onSetData(authSubType, password);
}
});
console.log('registerInputer success.');
} catch (e) {
console.log('registerInputer exception = ' + JSON.stringify(e));
}
```
### unregisterInputer9+
static unregisterInputer(authType: AuthType): void
Unregisters this credential inputer.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL or ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300002 | Invalid authType. |
**Example**
```ts
let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN;
try {
osAccount.InputerManager.unregisterInputer(authType);
console.log('unregisterInputer success.');
} catch(err) {
console.log('unregisterInputer err:' + JSON.stringify(err));
}
```
## DomainPlugin9+
Provides APIs for domain account authentication.
**System API**: This is a system API.
### auth9+
auth(domainAccountInfo: DomainAccountInfo, credential: Uint8Array, callback: IUserAuthCallback): void
Authenticates a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| credential | Uint8Array | Yes | Credentials of the domain account.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Example**
```ts
import { AsyncCallback } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {
// mock authentication
// notify authentication result
let result: osAccount.AuthResult = {
token: new Uint8Array([0]),
remainTimes: 5,
freezingTime: 0
};
callback.onResult(0, result);
},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin);
let userAuth = new osAccount.UserAuth();
let challenge: Uint8Array = new Uint8Array([0]);
let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN;
let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1;
try {
userAuth.auth(challenge, authType, authTrustLevel, {
onResult: (resultCode: number, authResult: osAccount.AuthResult) => {
console.log('auth resultCode = ' + resultCode);
console.log('auth authResult = ' + JSON.stringify(authResult));
}
});
} catch (err) {
console.log('auth exception = ' + JSON.stringify(err));
}
```
### authWithPopup10+
authWithPopup(domainAccountInfo: DomainAccountInfo, callback: IUserAuthCallback): void
Authenticates a domain account in a pop-up window.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Example**
```ts
import { AsyncCallback } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {
// mock authentication
// notify authentication result
let result: osAccount.AuthResult = {
token: new Uint8Array([0]),
remainTimes: 5,
freezingTime: 0
};
callback.onResult(0, result);
},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### authWithToken10+
authWithToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: IUserAuthCallback): void
Authenticates a domain account by the authorization token.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| token | Uint8Array | Yes | Authorization token generated when the PIN or biometric authentication is successful.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Example**
```ts
import { AsyncCallback } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {
// mock authentication
// notify authentication result
let result: osAccount.AuthResult = {
token: new Uint8Array([0]),
remainTimes: 5,
freezingTime: 0
};
callback.onResult(0, result);
},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### getAccountInfo10+
getAccountInfo(options: GetDomainAccountInfoPluginOptions, callback: AsyncCallback<DomainAccountInfo>): void
Obtains information about a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| options | [GetDomainAccountInfoPluginOptions](#getdomainaccountinfopluginoptions10) | Yes | Domain account information.|
| callback | AsyncCallback<[DomainAccountInfo](#domainaccountinfo8)> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {
// mock getting account information
// notify result
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
let accountInfo: osAccount.DomainAccountInfo = {
domain: options.domain ? options.domain : "",
accountName: options.accountName,
accountId: 'xxxx'
};
callback(code, accountInfo);
},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### getAuthStatusInfo10+
getAuthStatusInfo(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<AuthStatusInfo>): void
Obtains the authentication status of a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| callback | AsyncCallback<[AuthStatusInfo](#authstatusinfo10)> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
let statusInfo: osAccount.AuthStatusInfo = {
remainTimes: 5,
freezingTime: 0
};
callback(code, statusInfo);
},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### bindAccount10+
bindAccount(domainAccountInfo: DomainAccountInfo, localId: number, callback: AsyncCallback<void>): void
Binds a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| callback | AsyncCallback<void> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {
// mock unbinding operation
// notify binding result
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
callback(code);
},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### unbindAccount10+
unbindAccount(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<void>): void
Unbinds a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| callback | AsyncCallback<void> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {
// mock unbinding operation
// notify unbinding result
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
callback(code);
},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### isAccountTokenValid10+
isAccountTokenValid(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: AsyncCallback<boolean>): void
Checks whether the specified domain account token is valid.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| token | Uint8Array | Yes| Domain account token to check.|
| callback | AsyncCallback<boolean> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {
// mock checking operation
// notify checking result
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
callback(code, true);
},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
### getAccessToken10+
getAccessToken(options: GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>): void
Obtains the domain access token based on the specified conditions.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| options | [GetDomainAccessTokenOptions](#getdomainaccesstokenoptions10) | Yes | Options specified for obtaining the domain access token.|
| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result.|
**Example**
```ts
import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {
// mock getting operation
// notify result
let code: BusinessError = {
code: 0,
name: "",
message: ""
};
let token: Uint8Array = new Uint8Array([0]);
callback(code, token);
}
}
osAccount.DomainAccountManager.registerPlugin(plugin)
```
## DomainAccountManager 9+
Provides APIs for domain account management.
### registerPlugin9+
static registerPlugin(plugin: DomainPlugin): void
Registers a domain plug-in.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| plugin | [DomainPlugin](#domainplugin9) | Yes | Domain plug-in to register.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300201 | The domain plugin has been registered. |
**Example**
```ts
import { AsyncCallback } from '@kit.BasicServicesKit';
let plugin: osAccount.DomainPlugin = {
auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: osAccount.IUserAuthCallback) => {},
authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: osAccount.IUserAuthCallback) => {},
getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions,
callback: AsyncCallback) => {},
getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo,
callback: AsyncCallback) => {},
bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number,
callback: AsyncCallback) => {},
unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback) => {},
isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array,
callback: AsyncCallback) => {},
getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback) => {}
}
try {
osAccount.DomainAccountManager.registerPlugin(plugin);
console.log('registerPlugin success.');
} catch(err) {
console.log('registerPlugin err:' + JSON.stringify(err));
}
```
### unregisterPlugin9+
static unregisterPlugin(): void
Unregisters this domain plug-in.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
**Example**
```ts
try {
osAccount.DomainAccountManager.unregisterPlugin();
console.log('unregisterPlugin success.');
} catch(err) {
console.log('unregisterPlugin err:' + JSON.stringify(err));
}
```
### auth10+
auth(domainAccountInfo: DomainAccountInfo, credential: Uint8Array, callback: IUserAuthCallback): void
Authenticates a domain account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| credential | Uint8Array | Yes | Credentials of the domain account.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid domainAccountInfo or credential. |
| 12300003 | Domain account does not exist. |
| 12300013 | Network exception. |
| 12300101 | Authentication failed. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300113 | The account authentication service does not exist. |
| 12300114 | The account authentication service works abnormally. |
**Example**
```ts
let domainAccountInfo: osAccount.DomainAccountInfo = {
domain: 'CHINA',
accountName: 'zhangsan'
}
let credential = new Uint8Array([0])
try {
osAccount.DomainAccountManager.auth(domainAccountInfo, credential, {
onResult: (resultCode: number, authResult: osAccount.AuthResult) => {
console.log('auth resultCode = ' + resultCode);
console.log('auth authResult = ' + JSON.stringify(authResult));
}
});
} catch (err) {
console.log('auth exception = ' + JSON.stringify(err));
}
```
### authWithPopup10+
authWithPopup(callback: IUserAuthCallback): void
Authenticates this domain account in a pop-up window.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
No permission is required since API version 11. Use the SDK of the latest version.
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300003 | No domain account is bound. |
| 12300013 | Network exception. |
| 12300101 | Authentication failed. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300113 | The account authentication service does not exist. |
| 12300114 | The account authentication service works abnormally. |
**Example**
```ts
try {
osAccount.DomainAccountManager.authWithPopup({
onResult: (resultCode: number, authResult: osAccount.AuthResult) => {
console.log('auth resultCode = ' + resultCode);
console.log('auth authResult = ' + JSON.stringify(authResult));
}
})
} catch (err) {
console.log('auth exception = ' + JSON.stringify(err));
}
```
### authWithPopup10+
authWithPopup(localId: number, callback: IUserAuthCallback): void
Authenticates a domain account in a pop-up window.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL
No permission is required since API version 11. Use the SDK of the latest version.
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| localId | number | Yes | Local ID of the system account bound to the domain account.|
| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid localId. |
| 12300003 | No domain account is bound. |
| 12300013 | Network exception. |
| 12300101 | Authentication failed. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300110 | The authentication is locked. |
| 12300111 | The authentication time out. |
| 12300112 | The authentication service is busy. |
| 12300113 | The account authentication service does not exist. |
| 12300114 | The account authentication service works abnormally. |
**Example**
```ts
try {
osAccount.DomainAccountManager.authWithPopup(100, {
onResult: (resultCode: number, authResult: osAccount.AuthResult) => {
console.log('authWithPopup resultCode = ' + resultCode);
console.log('authWithPopup authResult = ' + JSON.stringify(authResult));
}
})
} catch (err) {
console.log('authWithPopup exception = ' + JSON.stringify(err));
}
```
### hasAccount10+
hasAccount(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<boolean>): void
Checks whether a domain account exists.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| callback | AsyncCallback<boolean> | Yes | Callback used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid domainAccountInfo. |
| 12300013 | Network exception. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.DomainAccountInfo = {
domain: 'CHINA',
accountName: 'zhangsan'
}
try {
osAccount.DomainAccountManager.hasAccount(domainAccountInfo, (err: BusinessError, result: boolean) => {
if (err) {
console.log('call hasAccount failed, error: ' + JSON.stringify(err));
} else {
console.log('hasAccount result: ' + result);
}
});
} catch (err) {
console.log('hasAccount exception = ' + JSON.stringify(err));
}
```
### hasAccount10+
hasAccount(domainAccountInfo: DomainAccountInfo): Promise<boolean>
Checks whether a domain account exists.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<boolean> | Promise used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid domainAccountInfo. |
| 12300013 | Network exception. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.DomainAccountInfo = {
domain: 'CHINA',
accountName: 'zhangsan'
}
try {
osAccount.DomainAccountManager.hasAccount(domainAccountInfo).then((result: boolean) => {
console.log('hasAccount result: ' + result);
}).catch((err: BusinessError) => {
console.log('call hasAccount failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('hasAccount exception = ' + JSON.stringify(err));
}
```
### updateAccountToken10+
updateAccountToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: AsyncCallback<void>): void
Updates the token of a domain account. An empty token means an invalid token. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| token | Uint8Array | Yes | New domain account token.|
| callback | AsyncCallback<void> | Yes| Callback used to return the result. If the token is successfully updated, **err** is **null**. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid token. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.DomainAccountInfo = {
domain: 'CHINA',
accountName: 'zhangsan',
accountId: '123456'
}
let token = new Uint8Array([0])
try {
osAccount.DomainAccountManager.updateAccountToken(domainAccountInfo, token, (err: BusinessError) => {
if (err != null) {
console.log('updateAccountToken failed, error: ' + JSON.stringify(err));
} else {
console.log('updateAccountToken successfully');
}
})
} catch (err) {
console.log('updateAccountToken exception = ' + JSON.stringify(err));
}
```
### updateAccountToken10+
updateAccountToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array): Promise<void>
Updates the token of a domain account. An empty token means an invalid token. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| token | Uint8Array | Yes | New domain account token.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid token. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.DomainAccountInfo = {
domain: 'CHINA',
accountName: 'zhangsan',
accountId: '123456'
}
let token = new Uint8Array([0])
try {
osAccount.DomainAccountManager.updateAccountToken(domainAccountInfo, token).then(() => {
console.log('updateAccountToken successfully');
}).catch((err: BusinessError) => {
console.log('updateAccountToken failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('updateAccountToken exception = ' + JSON.stringify(err));
}
```
### updateAccountInfo12+
updateAccountInfo(oldAccountInfo: DomainAccountInfo, newAccountInfo: DomainAccountInfo): Promise<void>
Updates information of a domain account. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| oldAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
| newAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | New domain account information.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | The new account info is invalid. |
| 12300003 | The old account not found. |
| 12300004 | The new account already exists. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let oldDomainInfo: osAccount.DomainAccountInfo =
{domain: 'testDomain', accountName: 'oldtestAccountName'};
let newDomainInfo: osAccount.DomainAccountInfo =
{domain: 'testDomain', accountName: 'newtestAccountName'};
try {
osAccount.DomainAccountManager.updateAccountInfo(oldDomainInfo, newDomainInfo).then(() => {
console.log('updateAccountInfo, success');
}).catch((err: BusinessError) => {
console.log('updateAccountInfo err: ' + err);
});
} catch (e) {
console.log('updateAccountInfo exception: ' + e);
}
```
### getAccountInfo10+
getAccountInfo(options: GetDomainAccountInfoOptions, callback: AsyncCallback<DomainAccountInfo>): void
Obtains information about the specified domain account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.GET_DOMAIN_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| options | [GetDomainAccountInfoOptions](#getdomainaccountinfooptions10) | Yes | Domain account information.|
| callback | AsyncCallback<DomainAccountInfo> | Yes | Callback used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
| 12300013 | Network exception. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.GetDomainAccountInfoOptions = {
domain: 'CHINA',
accountName: 'zhangsan'
}
try {
osAccount.DomainAccountManager.getAccountInfo(domainAccountInfo,
(err: BusinessError, result: osAccount.DomainAccountInfo) => {
if (err) {
console.log('call getAccountInfo failed, error: ' + JSON.stringify(err));
} else {
console.log('getAccountInfo result: ' + result);
}
});
} catch (err) {
console.log('getAccountInfo exception = ' + JSON.stringify(err));
}
```
### getAccountInfo10+
getAccountInfo(options: GetDomainAccountInfoOptions): Promise<DomainAccountInfo>
Obtains information about the specified domain account. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.GET_DOMAIN_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| options | [GetDomainAccountInfoOptions](#getdomainaccountinfooptions10) | Yes | Domain account information.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<DomainAccountInfo> | Promise used to return the domain account information obtained.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
| 12300013 | Network exception. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainAccountInfo: osAccount.GetDomainAccountInfoOptions = {
domain: 'CHINA',
accountName: 'zhangsan'
}
try {
osAccount.DomainAccountManager.getAccountInfo(domainAccountInfo)
.then((result: osAccount.DomainAccountInfo) => {
console.log('getAccountInfo result: ' + result);
}).catch((err: BusinessError) => {
console.log('call getAccountInfo failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('getAccountInfo exception = ' + JSON.stringify(err));
}
```
### getAccessToken11+
getAccessToken(businessParams: Record, callback: AsyncCallback<Uint8Array>): void
Obtains the service access token of this domain account. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| businessParams | Record | Yes | Service parameters. The specific formats vary depending on the domain plug-in.|
| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, an error object is returned.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid business parameters. |
| 12300003 | Domain account not found. |
| 12300013 | Network exception. |
| 12300014 | The domain account is not authenticated. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let businessParams: Record = {
'clientId': 'xxx',
'secretId': 'yyy'
}; // depends on the implementation of the domain plugin
try {
osAccount.DomainAccountManager.getAccessToken(businessParams,
(err: BusinessError, result: Uint8Array) => {
if (err) {
console.log('getAccessToken failed, error: ' + JSON.stringify(err));
} else {
console.log('getAccessToken result: ' + result);
}
});
} catch (err) {
console.log('getAccessToken exception = ' + JSON.stringify(err));
}
```
### getAccessToken11+
getAccessToken(businessParams: Record): Promise<Uint8Array>
Obtains the service access token of this domain account. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| businessParams | Record | Yes | Service parameters. The specific formats vary depending on the domain plug-in.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<Uint8Array> | Promise used to return the service access token obtained.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid business parameters. |
| 12300003 | Domain account not found. |
| 12300013 | Network exception. |
| 12300014 | The domain account is not authenticated. |
| 12300111 | The authentication time out. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let businessParams: Record = {
'clientId': 'xxx',
'secretId': 'yyy'
}; // depends on the implementation of the domain plugin
try {
osAccount.DomainAccountManager.getAccessToken(businessParams)
.then((result: Uint8Array) => {
console.log('getAccessToken result: ' + result);
}).catch((err: BusinessError) => {
console.log('getAccessToken failed, error: ' + JSON.stringify(err));
});
} catch (err) {
console.log('getAccessToken exception = ' + JSON.stringify(err));
}
```
### isAuthenticationExpired12+
isAuthenticationExpired(domainAccountInfo: DomainAccountInfo): Promise<boolean>;
Checks whether the authentication of a domain account has expired. This API uses a promise to return the result.
**System API**: This is a system API.
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<boolean> | Promise used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300003 | Domain account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let domainInfo: osAccount.DomainAccountInfo =
{domain: 'testDomain', accountName: 'testAccountName'};
try {
osAccount.DomainAccountManager.isAuthenticationExpired(domainInfo).then((result: boolean) => {
console.log('isAuthenticationExpired, result: ' + result);
}).catch((err: BusinessError) => {
console.log('isAuthenticationExpired err: ' + err);
});
} catch (e) {
console.log('isAuthenticationExpired exception: ' + e);
}
```
## DomainServerConfig12+
Represents the configuration of a domain server.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| parameters | Record | Yes | Server configuration parameters.|
| id | string | Yes | Server configuration ID.|
| domain | string | Yes| Domain to which the server belongs.|
## DomainServerConfigManager12+
Provides APIs for domain server configuration and management.
### addServerConfig12+
static addServerConfig(parameters: Record<string, Object>): Promise<DomainServerConfig>
Adds domain server configuration. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| parameters | Record | Yes | Configuration parameters of the domain server.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<[DomainServerConfig](#domainserverconfig12)> | Promise used to return the configuration of the newly added domain server.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300002 | - Invalid server config parameters. |
| 12300211 | - Server unreachable. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let configParams: Record = {
'uri': 'test.example.com',
'port': 100
};
osAccount.DomainServerConfigManager.addServerConfig(configParams).then((
serverConfig: osAccount.DomainServerConfig) => {
console.log('add server configuration successfully, the return config: ' + JSON.stringify(serverConfig));
}).catch((err: BusinessError) => {
console.log('add server configuration failed, error: ' + JSON.stringify(err));
});
```
### removeServerConfig12+
static removeServerConfig(configId: string): Promise<void>
Deletes domain server configuration. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| configId | string | Yes | Server configuration ID.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<void> | Promise that returns no value.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300212 | - Server config not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let configParams: Record = {
'uri': 'test.example.com',
'port': 100
};
osAccount.DomainServerConfigManager.addServerConfig(configParams).then((
serverConfig: osAccount.DomainServerConfig) => {
console.log('add domain server configuration successfully, the added config: ' + JSON.stringify(serverConfig));
osAccount.DomainServerConfigManager.removeServerConfig(serverConfig.id);
console.log('remove domain server configuration successfully');
}).catch((err: BusinessError) => {
console.log('add server configuration failed, error: ' + JSON.stringify(err));
});
```
### getAccountServerConfig12+
static getAccountServerConfig(domainAccountInfo: DomainAccountInfo): Promise<DomainServerConfig>
Obtains the server configuration of a domain account. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS
**Parameters**
| Name | Type | Mandatory| Description |
| ----------| ----------------------- | --- | -------------------------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Information of the domain account.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<[DomainServerConfig](#domainserverconfig12)> | Promise used to return the domain server configuration of the account.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 801 | Capability not supported.|
| 12300001 | The system service works abnormally. |
| 12300003 | Domain account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let accountInfo: osAccount.DomainAccountInfo = {
'accountName': 'demoName',
'accountId': 'demoId',
'domain': 'demoDomain'
};
osAccount.DomainServerConfigManager.getAccountServerConfig(accountInfo).then((
serverConfig: osAccount.DomainServerConfig) => {
console.log('get account server configuration successfully, the return config: ' + JSON.stringify(serverConfig));
}).catch((err: BusinessError) => {
console.log('add server configuration failed, error: ' + JSON.stringify(err));
});
```
## UserIdentityManager8+
Provides APIs for user IDM.
**System API**: This is a system API.
### constructor8+
constructor()
A constructor used to create an instance for user IDM.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 202 | Not system application.|
**Example**
```ts
let userIDM = new osAccount.UserIdentityManager();
```
### openSession8+
openSession(callback: AsyncCallback<Uint8Array>): void
Opens a session to obtain the challenge value. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------------- | ---- | -------------------------------------------------------------- |
| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the challenge value obtained. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
try {
userIDM.openSession((err: BusinessError, challenge: Uint8Array) => {
console.log('openSession error = ' + JSON.stringify(err));
console.log('openSession challenge = ' + JSON.stringify(challenge));
});
} catch (e) {
console.log('openSession exception = ' + JSON.stringify(e));
}
```
### openSession8+
openSession(accountId?: number): Promise<Uint8Array>
Opens a session. This API returns a challenge value, which can be used to determine whether the subsequent identity authentication is in this session. This can prevent replay attacks. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------- | ---- | ----------- |
| accountId12+ | number | No | System account ID, which is left blank by default.|
**Return value**
| Type | Description |
| :------------------------ | ----------------------- |
| Promise<Uint8Array> | Promise used to return the challenge value obtained.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
| 12300008 | Restricted account. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
let accountId = 100;
try {
userIDM.openSession(accountId).then((challenge: Uint8Array) => {
console.info('openSession challenge = ' + JSON.stringify(challenge));
}).catch((err: BusinessError) => {
console.info('openSession error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('openSession exception = ' + JSON.stringify(e));
}
```
### addCredential8+
addCredential(credentialInfo: CredentialInfo, callback: IIdmCallback): void
Adds credential information, including the credential type, subtype, and token (if a non-PIN credential is added).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ------------------------------------ | --- | ---------------------------- |
| credentialInfo | [CredentialInfo](#credentialinfo8) | Yes | Credential information to add. |
| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result. |
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid credentialInfo, i.e. authType or authSubType. |
| 12300003 | Account not found. |
| 12300008 | Restricted account. |
| 12300101 | The token is invalid. |
| 12300106 | The authentication type is not supported. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300111 | The authentication time out. |
| 12300115 | The number of credentials reaches the upper limit. |
| 12300116 | Credential complexity verification failed. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]);
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
pinAuth.registerInputer({
onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => {
callback.onSetData(authSubType, password);
}
});
let credentialInfo: osAccount.CredentialInfo = {
credType: osAccount.AuthType.PIN,
credSubType: osAccount.AuthSubType.PIN_SIX,
token: new Uint8Array([]),
};
let userIDM = new osAccount.UserIdentityManager();
userIDM.openSession((err: BusinessError, challenge: Uint8Array) => {
try {
userIDM.addCredential(credentialInfo, {
onResult: (result: number, extraInfo: osAccount.RequestResult) => {
console.log('addCredential result = ' + result);
console.log('addCredential extraInfo = ' + extraInfo);
}
});
} catch (e) {
console.log('addCredential exception = ' + JSON.stringify(e));
}
});
```
### updateCredential8+
updateCredential(credentialInfo: CredentialInfo, callback: IIdmCallback): void
Updates credential information. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ------------------------------------- | --- | ------------------------- |
| credentialInfo | [CredentialInfo](#credentialinfo8) | Yes | Credential information to add. |
| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid credentialInfo, i.e. authType or authSubType or token. |
| 12300003 | Account not found. |
| 12300101 | The token is invalid. |
| 12300102 | Credential not enrolled.|
| 12300106 | The authentication type is not supported. |
| 12300109 | The authentication, enrollment, or update operation is canceled. |
| 12300111 | The authentication time out. |
| 12300116 | Credential complexity verification failed. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
let userAuth: osAccount.UserAuth = new osAccount.UserAuth();
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]);
let credentialInfo: osAccount.CredentialInfo = {
credType: osAccount.AuthType.PIN,
credSubType: osAccount.AuthSubType.PIN_SIX,
token: new Uint8Array([]),
};
pinAuth.registerInputer({
onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => {
callback.onSetData(authSubType, password);
}
});
userIDM.openSession((err: BusinessError, challenge: Uint8Array) => {
userAuth.auth(challenge, credentialInfo.credType, osAccount.AuthTrustLevel.ATL1, {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
if (result != osAccount.ResultCode.SUCCESS) {
return;
}
if (extraInfo.token != null) {
credentialInfo.token = extraInfo.token;
}
try {
userIDM.updateCredential(credentialInfo, {
onResult: (result: number, extraInfo: osAccount.RequestResult) => {
console.log('updateCredential result = ' + result);
console.log('updateCredential extraInfo = ' + extraInfo);
}
});
} catch (e) {
console.log('updateCredential exception = ' + JSON.stringify(e));
}
}
});
});
```
### closeSession8+
closeSession(accountId?: number): void
Closes this session to terminate IDM.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------- | ---- | ----------- |
| accountId12+ | number | No | System account ID, which is left blank by default.|
**Error codes**
| ID| Error Message |
| -------- | --------------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300003 | Account not found. |
| 12300008 | Restricted account. |
**Example**
```ts
let userIDM = new osAccount.UserIdentityManager();
let accountId = 100;
userIDM.closeSession(accountId);
```
### cancel8+
cancel(challenge: Uint8Array): void
Cancels an entry based on the challenge value.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------- | ---- | ----- |
| challenge | Uint8Array | Yes | Challenge value.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid challenge. |
**Example**
```ts
let userIDM = new osAccount.UserIdentityManager();
let challenge: Uint8Array = new Uint8Array([0]);
try {
userIDM.cancel(challenge);
} catch(err) {
console.log('cancel err:' + JSON.stringify(err));
}
```
### delUser8+
delUser(token: Uint8Array, callback: IIdmCallback): void
Deletes a user based on the authentication token. This API uses a callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------ | --- | ------------------------- |
| token | Uint8Array | Yes | Authentication token. |
| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300101 | The token is invalid. |
**Example**
```ts
let userIDM = new osAccount.UserIdentityManager();
let token: Uint8Array = new Uint8Array([0]);
try {
userIDM.delUser(token, {
onResult: (result: number, extraInfo: osAccount.RequestResult) => {
console.log('delUser result = ' + result);
console.log('delUser extraInfo = ' + JSON.stringify(extraInfo));
}
});
} catch (e) {
console.log('delUser exception = ' + JSON.stringify(e));
}
```
### delCred8+
delCred(credentialId: Uint8Array, token: Uint8Array, callback: IIdmCallback): void
Deletes user credential information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.MANAGE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| --------------- | ----------------------------------- | --- | ---------------------------|
| credentialId | Uint8Array | Yes | Credential ID. |
| token | Uint8Array | Yes | Authentication token. |
| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid credentialId. |
| 12300101 | The token is invalid. |
| 12300102 | Credential not enrolled. |
**Example**
```ts
let userIDM = new osAccount.UserIdentityManager();
let credentialId: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0]);
let token: Uint8Array = new Uint8Array([0]);
try {
userIDM.delCred(credentialId, token, {
onResult: (result: number, extraInfo: osAccount.RequestResult) => {
console.log('delCred result = ' + result);
console.log('delCred extraInfo = ' + JSON.stringify(extraInfo));
}
});
} catch (e) {
console.log('delCred exception = ' + JSON.stringify(e));
}
```
### getAuthInfo8+
getAuthInfo(callback: AsyncCallback<Array<EnrolledCredInfo>>): void
Obtains authentication information. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.USE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ------------------------------------------------------------------------ | ---- | --------------------------------------------- |
| callback | AsyncCallback<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is information about all registered credentials of the user. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | --------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300102 | Credential not enrolled. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
try {
userIDM.getAuthInfo((err: BusinessError, result: osAccount.EnrolledCredInfo[]) => {
console.log('getAuthInfo err = ' + JSON.stringify(err));
console.log('getAuthInfo result = ' + JSON.stringify(result));
});
} catch (e) {
console.log('getAuthInfo exception = ' + JSON.stringify(e));
}
```
### getAuthInfo8+
getAuthInfo(authType: AuthType, callback: AsyncCallback<Array<EnrolledCredInfo>>): void
Obtains authentication information of the specified type. This API uses an asynchronous callback to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.USE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | -------------------------------------------------- | ---- | -------------------------------------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| callback | AsyncCallback<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the information about all enrolled credentials of the specified type. Otherwise, **err** is an error object.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid authType. |
| 12300102 | Credential not enrolled. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
try {
userIDM.getAuthInfo(osAccount.AuthType.PIN,
(err: BusinessError, result: osAccount.EnrolledCredInfo[]) => {
console.log('getAuthInfo err = ' + JSON.stringify(err));
console.log('getAuthInfo result = ' + JSON.stringify(result));
});
} catch (e) {
console.log('getAuthInfo exception = ' + JSON.stringify(e));
}
```
### getAuthInfo8+
getAuthInfo(authType?: AuthType): Promise<Array<EnrolledCredInfo>>;
Obtains authentication information of the specified type. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.USE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------- | ---- | -------- |
| authType | [AuthType](#authtype8) | No | Authentication type. By default, this parameter is left blank, which means to obtain information about all authentication types.|
**Return value**
| Type | Description |
| :------------------------------------------- | :----------------------------------------------------------------------- |
| Promise<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Promise used to return the information about all the enrolled credentials of the specified type.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid authType. |
| 12300102 | Credential not enrolled. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
try {
userIDM.getAuthInfo(osAccount.AuthType.PIN).then((result: osAccount.EnrolledCredInfo[]) => {
console.log('getAuthInfo result = ' + JSON.stringify(result))
}).catch((err: BusinessError) => {
console.log('getAuthInfo error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('getAuthInfo exception = ' + JSON.stringify(e));
}
```
### getAuthInfo12+
getAuthInfo(options?: GetAuthInfoOptions): Promise<Array<EnrolledCredInfo>>
Obtains authentication information. This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.USE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ----------------------------------- | ---- | -------- |
| options | [GetAuthInfoOptions](#getauthinfooptions12) | No | Optional parameters for obtaining authentication information.|
**Return value**
| Type | Description |
| :------------------------------------------- | :----------------------------------------------------------------------- |
| Promise<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Promise used to return the information about all the enrolled credentials of the specified type.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid options. |
| 12300003 | Account not found. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
let options: osAccount.GetAuthInfoOptions = {
authType: osAccount.AuthType.PIN,
accountId: 100,
};
try {
userIDM.getAuthInfo(options).then((result: osAccount.EnrolledCredInfo[]) => {
console.log('getAuthInfo result = ' + JSON.stringify(result))
}).catch((err: BusinessError) => {
console.log('getAuthInfo error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('getAuthInfo exception = ' + JSON.stringify(e));
}
```
### getEnrolledId12+
getEnrolledId(authType: AuthType, accountId?: number): Promise<Uint8Array>
Obtains the ID of the enrolled credential based on the credential type and account ID (optional). This API uses a promise to return the result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Required permissions**: ohos.permission.USE_USER_IDM
**Parameters**
| Name | Type | Mandatory| Description |
| -------- | ---------------------- | ---- | -------- |
| authType | [AuthType](#authtype8) | Yes | Credential type.|
| accountId | number | No | System account ID, which is left blank by default.|
**Return value**
| Type | Description |
| :------------------------ | :----------------------------------------------------------------------- |
| Promise<Uint8Array> | Promise used to return the credential ID obtained.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 201 | Permission denied.|
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types. |
| 12300001 | The system service works abnormally. |
| 12300002 | Invalid authType. |
| 12300003 | Account not found. |
| 12300102 | Credential not enrolled. |
| 12300106 | The authentication type is not supported. |
**Example**
```ts
import { BusinessError } from '@kit.BasicServicesKit';
let userIDM = new osAccount.UserIdentityManager();
let authType: osAccount.AuthType = osAccount.AuthType.PIN;
let accountId = 100;
try {
userIDM.getEnrolledId(authType, accountId).then((enrolledId: Uint8Array) => {
console.info('getEnrolledId enrolledId = ' + JSON.stringify(enrolledId));
}).catch((err: BusinessError) => {
console.info('getEnrolledId error = ' + JSON.stringify(err));
});
} catch (e) {
console.log('getEnrolledId exception = ' + JSON.stringify(e));
}
```
## IInputData8+
Provides callbacks for PIN operations.
**System API**: This is a system API.
### onSetData8+
onSetData: (authSubType: AuthSubType, data: Uint8Array) => void;
**System API**: This is a system API.
Called to notify the caller the data is set.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | ---------------------------------------- | ---- | ----------------------------------------------- |
| authSubType | [AuthSubType](#authsubtype8) | Yes | Credential subtype. |
| data | Uint8Array | Yes | Data (credential) to set. The data is used for authentication and operations for adding and modifying credentials.|
**Error codes**
| ID| Error Message |
| -------- | ------------------- |
| 202 | Not system application.|
| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. |
| 12300002 | Invalid pinSubType. |
**Example**
```ts
let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]);
let passwordNumber: Uint8Array = new Uint8Array([1, 2, 3, 4]);
let inputer: osAccount.IInputer = {
onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => {
if (authSubType == osAccount.AuthSubType.PIN_NUMBER) {
callback.onSetData(authSubType, passwordNumber);
} else {
callback.onSetData(authSubType, password);
}
}
};
```
## IInputer8+
Provides callbacks for credential inputers.
**System API**: This is a system API.
### onGetData8+
onGetData: (authSubType: AuthSubType, callback: IInputData, options: GetInputDataOptions) => void;
Called to notify the caller that data is obtained.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| ---------- | --------------------------------------- | ---- | --------------- |
| authSubType | [AuthSubType](#authsubtype8) | Yes| Authentication credential subtype.|
| callback | [IInputData](#iinputdata8) | Yes | Callback used to return the PIN data.|
| options | [GetInputDataOptions](#getinputdataoptions-12) | Yes| Optional parameters for the callback function.|
**Example**
```ts
let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]);
let passwordNumber: Uint8Array = new Uint8Array([1, 2, 3, 4]);
let inputer: osAccount.IInputer = {
onGetData: (authSubType: osAccount.AuthSubType,
callback: osAccount.IInputData, options: osAccount.GetInputDataOptions) => {
if (authSubType == osAccount.AuthSubType.PIN_NUMBER) {
callback.onSetData(authSubType, passwordNumber);
} else {
callback.onSetData(authSubType, password);
}
}
};
let pinAuth: osAccount.PINAuth = new osAccount.PINAuth();
let result = pinAuth.registerInputer(inputer);
console.log('registerInputer result: ' + result);
```
## IUserAuthCallback8+
Provides callbacks for user authentication.
**System API**: This is a system API.
### onResult8+
onResult: (result: number, extraInfo: AuthResult) => void;
Called to return the result code and authentication result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | --------------------------------------- | ---- | ------------------- |
| result | number | Yes | Authentication result code.|
| extraInfo | [AuthResult](#authresult8) | Yes | Specific authentication result information. If the authentication is successful, the authentication token is returned in **extrainfo**. If the authentication fails, the remaining authentication time is returned. If the authentication executor is locked, the freezing time is returned.|
**Example**
```ts
let authCallback: osAccount.IUserAuthCallback = {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
console.log('auth result = ' + result);
console.log('auth extraInfo = ' + JSON.stringify(extraInfo));
}
};
```
### onAcquireInfo?8+
onAcquireInfo?: (module: number, acquire: number, extraInfo: Uint8Array) => void;
Called to acquire identity authentication information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------- | ---- | ----------------------------- |
| module | number | Yes | Type of authentication executor. |
| acquire | number | Yes | Tip code of the authentication executor.|
| extraInfo | Uint8Array | Yes | Reserved. |
**Example**
```ts
let authCallback: osAccount.IUserAuthCallback = {
onResult: (result: number, extraInfo: osAccount.AuthResult) => {
console.log('auth result = ' + result)
console.log('auth extraInfo = ' + JSON.stringify(extraInfo));
},
onAcquireInfo: (module: number, acquire: number, extraInfo: Uint8Array) => {
console.log('auth module = ' + module);
console.log('auth acquire = ' + acquire);
console.info('auth extraInfo = ' + JSON.stringify(extraInfo));
}
};
```
## IIdmCallback8+
Provides callbacks for IDM.
**System API**: This is a system API.
### onResult8+
onResult: (result: number, extraInfo: RequestResult) => void;
Called to return the result code and request result information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | --------------------------------------- | ---- | ----------------------- |
| result | number | Yes | Authentication result code. |
| extraInfo | [RequestResult](#requestresult8) | Yes | Specific information to be transferred.|
**Example**
```ts
let idmCallback: osAccount.IIdmCallback = {
onResult: (result: number, extraInfo: osAccount.RequestResult) => {
console.log('callback result = ' + result)
console.info('callback extraInfo = ' + JSON.stringify(extraInfo));
}
};
```
### onAcquireInfo?8+
onAcquireInfo?: (module: number, acquire: number, extraInfo: Uint8Array) => void;
Called to acquire IDM information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
**Parameters**
| Name | Type | Mandatory| Description |
| --------- | ------- | ---- | ----------------------------- |
| module | number | Yes | Type of authentication executor. |
| acquire | number | Yes | Tip code of the authentication executor.|
| extraInfo | Uint8Array | Yes | Reserved. |
**Example**
```ts
let idmCallback: osAccount.IIdmCallback = {
onResult: (result: number, extraInfo: Object) => {
console.log('callback result = ' + result)
console.log('callback onResult = ' + JSON.stringify(extraInfo));
},
onAcquireInfo: (module: number, acquire: number, extraInfo: Uint8Array) => {
console.log('callback module = ' + module);
console.log('callback acquire = ' + acquire);
console.log('callback onacquireinfo = ' + JSON.stringify(extraInfo));
}
};
```
## GetPropertyRequest8+
Defines the request for obtaining property information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| -------- | ------------------------------------------------------------- | ----- | ----------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| keys | Array<[GetPropertyType](#getpropertytype8)> | Yes | An array of the types of the properties to obtain.|
| accountId12+ | number | No| System account ID, which is **undefined** by default.|
## SetPropertyRequest8+
Defines the request for setting property information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| -------- | ------------------------------------------------ | ----- | -------------------- |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| key | [SetPropertyType](#setpropertytype8) | Yes | Type of the property to set.|
| setInfo | Uint8Array | Yes | Information to set. |
## ExecutorProperty8+
Defines the executor property.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Readable| Writable| Description |
| ------------ | ---------------------------- | ----- | -----|----------------- |
| result | number | Yes | Yes | Result. |
| authSubType | [AuthSubType](#authsubtype8) | Yes | Yes | Authentication credential subtype.|
| remainTimes | number | Yes | Yes | Number of remaining authentication times. |
| freezingTime | number | Yes | Yes | Freezing time. |
| enrollmentProgress10+ | string | Yes | Yes | Enrollment progress. By default, no value is passed in.|
| sensorInfo10+ | string | Yes | Yes | Sensor information. By default, no value is passed in.|
| nextPhaseFreezingTime12+ | number | Yes | Yes | Next freezing time, which is **undefined** by default.|
## AuthResult8+
Defines the authentication result information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| ------------ | ----------- | ----- | ----------------- |
| token | Uint8Array | No | Authentication token. By default, no value is passed in. |
| remainTimes | number | No | Number of remaining authentication times. By default, no value is passed in. |
| freezingTime | number | No | Freezing time. By default, no value is passed in. |
| nextPhaseFreezingTime12+ | number | No | Next freezing time, which is **undefined** by default.|
| credentialId12+ | Uint8Array | No | Credential ID, which is left blank by default.|
| accountId12+ | number | No | System account ID, which is **undefined** by default.|
| pinValidityPeriod12+ | number | No | Authentication validity period, which is **undefined** by default.|
## CredentialInfo8+
Defines the credential information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| ------------ | ---------------------------------------- | ----- | ----------------- |
| credType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| credSubType | [AuthSubType](#authsubtype8) | Yes | Authentication credential subtype. |
| token | Uint8Array | Yes | Authentication token. |
| accountId12+ | number | No | System account ID, which is **undefined** by default.|
## RequestResult8+
Defines the request result information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| ------------ | ----------- | ----- | ----------------- |
| credentialId | Uint8Array | No | Credential ID. By default, no value is passed in. |
## EnrolledCredInfo8+
Defines enrolled credential information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory | Description |
| ------------ | ---------------------------------------- | ----- | ------------------- |
| credentialId | Uint8Array | Yes | Credential ID. |
| authType | [AuthType](#authtype8) | Yes | Authentication credential type. |
| authSubType | [AuthSubType](#authsubtype8) | Yes | Credential subtype.|
| templateId | Uint8Array | Yes | Authentication credential template ID. |
## GetPropertyType8+
Enumerates the types of properties to obtain.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ------------- | ------ | --------- |
| AUTH_SUB_TYPE | 1 | Authentication credential subtype.|
| REMAIN_TIMES | 2 | Number of remaining times. |
| FREEZING_TIME | 3 | Freezing time. |
| ENROLLMENT_PROGRESS10+ | 4 | Enrollment progress. |
| SENSOR_INFO10+ | 5 | Sensor information. |
| NEXT_PHASE_FREEZING_TIME12+ | 6 | Next freezing time.|
## SetPropertyType8+
Enumerates the types of properties to set.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| -------------- | ----- | ----------- |
| INIT_ALGORITHM | 1 | Initialization algorithm.|
## AuthType8+
Enumerates the authentication credential types.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ----- | ----- | ---------------- |
| PIN | 1 | PIN authentication.|
| FACE | 2 | Facial authentication.|
| FINGERPRINT10+ | 4 | Fingerprint authentication.|
| RECOVERY_KEY12+ | 8 | Key recovery type.|
| DOMAIN9+ | 1024 | Domain authentication.|
## AuthSubType8+
Enumerates the authentication credential subtypes.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ---------- | ----- | ------------------ |
| PIN_SIX | 10000 | Six-digit PIN. |
| PIN_NUMBER | 10001 | Custom PIN.|
| PIN_MIXED | 10002 | Custom mixed credentials.|
| PIN_FOUR12+ | 10003 | 4-digit credential.|
| PIN_PATTERN12+ | 10004 | Pattern credential.|
| FACE_2D | 20000 | 2D face credential. |
| FACE_3D | 20001 | 3D face credential. |
| FINGERPRINT_CAPACITIVE10+ | 30000 | Capacitive fingerprint. |
| FINGERPRINT_OPTICAL10+ | 30001 | Optical fingerprint. |
| FINGERPRINT_ULTRASONIC10+ | 30002 | Ultrasonic fingerprint. |
| DOMAIN_MIXED9+ | 10240001 | Mixed domain authentication credentials. |
## AuthTrustLevel8+
Enumerates the trust levels of the authentication result.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ---- | ------ | ----------- |
| ATL1 | 10000 | Trust level 1.|
| ATL2 | 20000 | Trust level 2.|
| ATL3 | 30000 | Trust level 3.|
| ATL4 | 40000 | Trust level 4.|
## Module8+
Enumerates the modules from which information is obtained.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| --------- | ------ | ------------------------ |
| FACE_AUTH | 1 | Facial authentication module.|
## ResultCode8+
Enumerates the authentication result codes.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ----------------------- | ----- | ---------------------------------------- |
| SUCCESS | 0 | The authentication is successful or the authentication feature is supported. |
| FAIL | 1 | The authentication executor failed to identify the user. |
| GENERAL_ERROR | 2 | Other errors. |
| CANCELED | 3 | The authentication is canceled. |
| TIMEOUT | 4 | The authentication timed out. |
| TYPE_NOT_SUPPORT | 5 | The authentication credential type is not supported. |
| TRUST_LEVEL_NOT_SUPPORT | 6 | The authentication trust level is not supported. |
| BUSY | 7 | The authentication executor is busy. Try again after a few seconds.|
| INVALID_PARAMETERS | 8 | Incorrect parameters are detected. |
| LOCKED | 9 | The authentication executor is locked. |
| NOT_ENROLLED | 10 | The authentication executor is not enrolled. |
## FaceTipsCode8+
Enumerates the tip codes for facial authentication.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ----------------------------- | ----- | ---------------------------------------- |
| FACE_AUTH_TIP_TOO_BRIGHT | 1 | The obtained face image is too bright. |
| FACE_AUTH_TIP_TOO_DARK | 2 | The obtained face image is too dark. |
| FACE_AUTH_TIP_TOO_CLOSE | 3 | The face is too close to the device. |
| FACE_AUTH_TIP_TOO_FAR | 4 | The face is too far away from the device. |
| FACE_AUTH_TIP_TOO_HIGH | 5 | Only the upper part of the face is captured because the device is angled too high. |
| FACE_AUTH_TIP_TOO_LOW | 6 | Only the lower part of the face is captured because the device is angled too low. |
| FACE_AUTH_TIP_TOO_RIGHT | 7 | Only the right part of the face is captured because the device is angled too much to the right.|
| FACE_AUTH_TIP_TOO_LEFT | 8 | Only the left part of the face is captured because the device is angled too much to the left.|
| FACE_AUTH_TIP_TOO_MUCH_MOTION | 9 | The face moves too fast during facial information collection. |
| FACE_AUTH_TIP_POOR_GAZE | 10 | The face is not facing the device. |
| FACE_AUTH_TIP_NOT_DETECTED | 11 | No face is detected. |
## FingerprintTips8+
Enumerates the tip codes for fingerprint authentication.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ----------------------------- | ----- | ----------------------------------------------- |
| FINGERPRINT_TIP_GOOD | 0 | The captured image is clear. |
| FINGERPRINT_TIP_IMAGER_DIRTY | 1 | The fingerprint image has big noise due to dirt on the sensor.|
| FINGERPRINT_TIP_INSUFFICIENT | 2 | Failed to process the fingerprint image due to big noise. |
| FINGERPRINT_TIP_PARTIAL | 3 | Only part of the fingerprint image is detected. |
| FINGERPRINT_TIP_TOO_FAST | 4 | The fingerprint image is incomplete due to quick motion. |
| FINGERPRINT_TIP_TOO_SLOW | 5 | Failed to read the fingerprint image due to lack of motion. |
| FINGERPRINT_TIP_FINGER_DOWN10+ | 6 | Press your finger. |
| FINGERPRINT_TIP_FINGER_UP10+ | 7 | Lift your finger. |
## OsAccountInfo
Represents the system account information.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| shortName12+ | string | No | Short name of the system account.
**System API**: This is a system API and is left blank by default. |
| isLoggedIn12+ | boolean | No | Whether the system account is logged in.
**System API**: This is a system API. The default value is **false**. |
## OsAccountType
Enumerates the system account types.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ------ | ------ | ----------- |
| PRIVATE12+ | 1024 | Privacy account. Only one privacy account is allowed.
**System API**: This is a system API. |
## DomainAccountInfo8+
Represents domain account information.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| accountId10+ | string | No | Domain account ID.
**System API**: This is a system API and is **undefined** by default. |
| isAuthenticated11+| boolean | No| Whether the domain account has been authenticated.
**System API**: This is a system API. The default value is **false**. |
| serverConfigId12+| boolean | No| ID of the server to which the domain account belongs.
**System API**: This is a system API and is **undefined** by default. |
## ConstraintSourceTypeInfo9+
Defines the constraint source type.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| localId | number | Yes | ID of the target system account. |
| type | [ConstraintSourceType](#constraintsourcetype9) | Yes | Type of the constrain source.|
## ConstraintSourceType9+
Enumerates the constraint sources.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value| Description |
| ------ | ------ | ------------ |
| CONSTRAINT_NOT_EXIST | 0 | The constraint does not exist.|
| CONSTRAINT_TYPE_BASE | 1 | Constraint from system settings. |
| CONSTRAINT_TYPE_DEVICE_OWNER | 2 | Constraint from the device owners' settings. |
| CONSTRAINT_TYPE_PROFILE_OWNER | 3 | Constraint from the profile owners' settings. |
## AuthStatusInfo10+
Presents the authentication status information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| remainTimes | number | Yes | Number of remaining authentication times. |
| freezingTime | number | Yes | Freezing time.|
## GetDomainAccessTokenOptions10+
Defines the options for obtaining a domain access token.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. |
| domainAccountToken | Uint8Array | Yes | Token of the domain account.|
| businessParams | Record | Yes | Service parameters customized by the service party based on the request protocol.|
| callerUid | number | Yes | Unique identifier of the caller.|
## GetDomainAccountInfoOptions10+
Defines the options for obtaining domain account information.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| accountName | string | Yes | Domain account name.|
| domain | string | No | Domain name, which is **undefined** by default.|
| serverConfigId12+| boolean | No| ID of the server to which the domain account belongs. The default value is **undefined**.|
## GetDomainAccountInfoPluginOptions10+
Defines the options for the domain plug-in to obtain the domain account information. The **GetDomainAccountInfoPluginOptions** class inherits from [**GetDomainAccountInfoOptions**](#getdomainaccountinfooptions10).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| callerUid | number | Yes | Unique identifier of the caller.|
## OsAccountSwitchEventData12+
Defines the event that indicates the start or end of a foreground-background system account switchover.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| fromAccountId | number | Yes | System account ID before the switchover.|
| toAccountId | number | Yes | System account ID after the switchover.|
## CreateOsAccountOptions12+
Represents the optional parameter used to create a system account.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| shortName | string | Yes | Short name of the account (used as the name of the personal folder).
**The short name cannot**:
Contain any of the following characters: \< \>\| : " * ? / \\
Contain any of the following: . or ..
Exceed 255 characters. |
## CreateOsAccountForDomainOptions12+
Represents a set of optional parameters for creating a system account bound to the specified domain account. It inherits from [CreateOsAccountOptions](#createosaccountoptions12).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ----------- | ------ | ---- | ---------- |
| shortName | string | Yes | Short name of the account (used as the name of the personal folder).
**The short name cannot**:
Contain any of the following characters: \< \>\| : " * ? / \\
Contain any of the following: . or ..
Exceed 255 characters. |
## GetAuthInfoOptions12+
Represents a set of optional parameters for [GetAuthInfo](#getauthinfo12).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| --------- | ---------------------- | ---- | ---------- |
| authType | [AuthType](#authtype8) | No | Authentication type, which is **undefined** by default.|
| accountId | number | No | System account ID, which is **undefined** by default.|
## AuthIntent12+
Enumerates the authentication intents.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Value | Description |
| -------- | --- | ---------- |
| UNLOCK | 1 | Unlock.|
## RemoteAuthOptions12+
Represents a set of optional parameters for remote authentication.
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ------------------ | ------ | ---- | ---------- |
| verifierNetworkId | string | No | Network ID of the credential verifier, which is left blank by default.|
| collectorNetworkId | string | No | Network ID of the credential collector, which is left blank by default.|
| collectorTokenId | number | No | Token ID of the credential collector, which is **undefined** by default.|
## AuthOptions12+
Represents a set of optional parameters for [auth](#auth12).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ------------------ | ------ | ---- | ---------- |
| accountId | number | No | System account ID, which is **undefined** by default.|
| authIntent | [AuthIntent](#authintent12) | No | Authentication intent, which is **undefined** by default.|
| remoteAuthOptions | [RemoteAuthOptions](#remoteauthoptions12) | No | Remote authentication options, which is **undefined** by default.|
## GetInputDataOptions 12+
Represents a set of optional parameters for [onGetData](#ongetdata8).
**System API**: This is a system API.
**System capability**: SystemCapability.Account.OsAccount
| Name | Type | Mandatory| Description |
| ------------------ | ------ | ---- | ---------- |
| challenge | Uint8Array | No | Challenge value, which is **undefined** by default.|