1# @ohos.account.osAccount (System Account) (System API) 2 3<!--Kit: Basic Services Kit--> 4<!--Subsystem: Account--> 5<!--Owner: @steven-q--> 6<!--Designer: @JiDong-CS1--> 7<!--Tester: @zhaimengchao--> 8<!--Adviser: @zengyawen--> 9 10The **osAccount** module provides basic capabilities for managing system (OS) accounts, including adding, deleting, querying, setting, subscribing to, and enabling a system account. 11 12> **NOTE** 13> 14> - The initial APIs of this module are supported since API version 7. Newly added APIs will be marked with a superscript to indicate their earliest API version. 15> - This topic describes only the system APIs provided by the module. For details about its public APIs, see [ohos.account.osAccount (System Account Management)](js-apis-osAccount.md). 16 17## Modules to Import 18 19```ts 20import { osAccount } from '@kit.BasicServicesKit'; 21``` 22 23## AccountManager 24 25Provides APIs for managing system accounts. 26 27### activateOsAccount 28 29activateOsAccount(localId: number, callback: AsyncCallback<void>): void 30 31Activates a system account. This API uses an asynchronous callback to return the result. 32 33**System API**: This is a system API. 34 35**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 36 37**System capability**: SystemCapability.Account.OsAccount 38 39**Parameters** 40 41| Name | Type | Mandatory| Description | 42| -------- | ------------------------- | ---- | -------------------------------------------------- | 43| localId | number | Yes | ID of the target system account. | 44| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 45 46**Error codes** 47 48| ID| Error Message | 49| -------- | ------------------- | 50| 201 | Permission denied.| 51| 202 | Not system application.| 52| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 53| 12300001 | The system service works abnormally. | 54| 12300002 | Invalid localId. | 55| 12300003 | Account not found. | 56| 12300008 | Restricted Account. | 57| 12300010 | Service busy. Possible causes: The target account is being operated. | 58| 12300016 | The number of logged in accounts reaches the upper limit. | 59 60**Example**: Activate system account 100. 61 ```ts 62 import { BusinessError } from '@kit.BasicServicesKit'; 63 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 64 let localId: number = 100; 65 try { 66 accountManager.activateOsAccount(localId, (err: BusinessError)=>{ 67 if (err) { 68 console.error(`activateOsAccount failed, code is ${err.code}, message is ${err.message}`); 69 } else { 70 console.log('activateOsAccount successfully'); 71 } 72 }); 73 } catch (err) { 74 console.error('activateOsAccount failed, error:' + JSON.stringify(err)); 75 } 76 ``` 77 78### activateOsAccount 79 80activateOsAccount(localId: number): Promise<void> 81 82Activates a system account. This API uses a promise to return the result. 83 84**System API**: This is a system API. 85 86**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 87 88**System capability**: SystemCapability.Account.OsAccount 89 90**Parameters** 91 92| Name | Type | Mandatory| Description | 93| ------- | ------ | ---- | -------------------- | 94| localId | number | Yes | ID of the target system account.| 95 96**Return value** 97 98| Type | Description | 99| ------------------- | ------------------------------------ | 100| Promise<void> | Promise that returns no value.| 101 102**Error codes** 103 104| ID| Error Message | 105| -------- | ------------------- | 106| 201 | Permission denied.| 107| 202 | Not system application.| 108| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 109| 12300001 | The system service works abnormally. | 110| 12300002 | Invalid localId. | 111| 12300003 | Account not found. | 112| 12300008 | Restricted Account. | 113| 12300010 | Service busy. Possible causes: The target account is being operated. | 114| 12300016 | The number of logged in accounts reaches the upper limit. | 115 116**Example**: Activate system account 100. 117 ```ts 118 import { BusinessError } from '@kit.BasicServicesKit'; 119 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 120 let localId: number = 100; 121 try { 122 accountManager.activateOsAccount(localId).then(() => { 123 console.log('activateOsAccount successfully'); 124 }).catch((err: BusinessError) => { 125 console.error('activateOsAccount failed, err:' + JSON.stringify(err)); 126 }); 127 } catch (e) { 128 console.error('activateOsAccount exception: ' + JSON.stringify(e)); 129 } 130 ``` 131 132### deactivateOsAccount<sup>12+</sup> 133 134deactivateOsAccount(localId: number): Promise<void> 135 136Deactivates (logs out of) a system account. This API uses a promise to return the result. 137 138**System API**: This is a system API. 139 140**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 141 142**System capability**: SystemCapability.Account.OsAccount 143 144**Parameters** 145 146| Name | Type | Mandatory| Description | 147| ------- | ------ | ---- | -------------------- | 148| localId | number | Yes | ID of the target system account.| 149 150**Return value** 151 152| Type | Description | 153| ------------------- | ------------------------------------ | 154| Promise<void> | Promise that returns no value.| 155 156**Error codes** 157 158| ID| Error Message | 159| -------- | ------------------- | 160| 201 | Permission denied.| 161| 202 | Not system application.| 162| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 163| 12300001 | The system service works abnormally. | 164| 12300003 | Account not found. | 165| 12300008 | Restricted Account. | 166| 12300010 | Service busy. Possible causes: The target account is being operated. | 167 168**Example**: Deactivate system account 100. 169 ```ts 170 import { BusinessError } from '@kit.BasicServicesKit'; 171 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 172 let localId: number = 100; 173 try { 174 accountManager.deactivateOsAccount(localId).then(() => { 175 console.log('deactivateOsAccount successfully'); 176 }).catch((err: BusinessError) => { 177 console.error('deactivateOsAccount failed, err:' + JSON.stringify(err)); 178 }); 179 } catch (e) { 180 console.error('deactivateOsAccount exception: ' + JSON.stringify(e)); 181 } 182 ``` 183 184### isOsAccountActivated<sup>11+</sup> 185 186isOsAccountActivated(localId: number): Promise<boolean> 187 188Checks whether a system account is activated. This API uses a promise to return the result. 189 190**System API**: This is a system API. 191 192**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 193 194**System capability**: SystemCapability.Account.OsAccount 195 196**Parameters** 197 198| Name | Type | Mandatory| Description | 199| ------- | ------ | ---- | --------------------------------- | 200| localId | number | Yes | ID of the target system account.| 201 202**Return value** 203 204| Type | Description | 205| ---------------------- | ---------------------------------------------------------- | 206| Promise<boolean> | Promise used to return the result. The value **true** means the account is activated; the value **false** means the opposite.| 207 208**Error codes** 209 210| ID| Error Message | 211| -------- | ------------------- | 212| 201 | Permission denied.| 213| 202 | Not system application.| 214| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 215| 12300001 | The system service works abnormally. | 216| 12300003 | Account not found. | 217 218**Example**: Check whether system account 100 is activated. 219 220 ```ts 221 import { BusinessError } from '@kit.BasicServicesKit'; 222 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 223 let localId: number = 100; 224 try { 225 accountManager.isOsAccountActivated(localId).then((isActivated: boolean) => { 226 console.log('isOsAccountActivated successfully, isActivated: ' + isActivated); 227 }).catch((err: BusinessError) => { 228 console.error('isOsAccountActivated failed, error: ' + JSON.stringify(err)); 229 }); 230 } catch (err) { 231 console.error('isOsAccountActivated exception: ' + JSON.stringify(err)); 232 } 233 ``` 234 235### isOsAccountConstraintEnabled<sup>11+</sup> 236 237isOsAccountConstraintEnabled(localId: number, constraint: string): Promise<boolean> 238 239Checks whether a constraint is enabled for a system account. This API uses a promise to return the result. 240 241**System API**: This is a system API. 242 243**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 244 245**System capability**: SystemCapability.Account.OsAccount 246 247**Parameters** 248 249| Name | Type | Mandatory| Description | 250| ---------- | ------ | ---- | ---------------------------------- | 251| localId | number | Yes | ID of the target system account. | 252| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) to check.| 253 254**Return value** 255 256| Type | Description | 257| --------------------- | --------------------------------------------------------------------- | 258| Promise<boolean> | Promise used to return the result. The value **true** means the specified constraint is enabled; the value **false** means the opposite.| 259 260**Error codes** 261 262| ID| Error Message | 263| -------- | ------------------- | 264| 201 | Permission denied.| 265| 202 | Not system application.| 266| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 267| 12300001 | The system service works abnormally. | 268| 12300003 | Account not found. | 269 270**Example**: Check whether system account 100 is forbidden to use Wi-Fi. 271 272 ```ts 273 import { BusinessError } from '@kit.BasicServicesKit'; 274 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 275 let localId: number = 100; 276 let constraint: string = 'constraint.wifi'; 277 try { 278 accountManager.isOsAccountConstraintEnabled(localId, constraint).then((isEnabled: boolean) => { 279 console.log('isOsAccountConstraintEnabled successfully, isEnabled: ' + isEnabled); 280 }).catch((err: BusinessError) => { 281 console.error('isOsAccountConstraintEnabled failed, error: ' + JSON.stringify(err)); 282 }); 283 } catch (err) { 284 console.error('isOsAccountConstraintEnabled exception: ' + JSON.stringify(err)); 285 } 286 ``` 287 288### isOsAccountUnlocked<sup>11+</sup> 289 290isOsAccountUnlocked(localId: number): Promise<boolean> 291 292Checks whether a system account has been verified. This API uses a promise to return the result. 293 294**System API**: This is a system API. 295 296**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 297 298**System capability**: SystemCapability.Account.OsAccount 299 300**Parameters** 301 302| Name | Type | Mandatory| Description | 303| ------- | ------ | ---- | --------------------------------------------------------------- | 304| localId | number | Yes | ID of the target system account. If this parameter is not specified, this API checks whether the current system account has been verified.| 305 306**Return value** 307 308| Type | Description | 309| ---------------------- | ----------------------------------------------------------------- | 310| Promise<boolean> | Promise used to return the result. The value **true** means the system account has been verified; the value **false** means the opposite.| 311 312**Error codes** 313 314| ID| Error Message | 315| -------- | ------------------- | 316| 201 | Permission denied.| 317| 202 | Not system application.| 318| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 319| 12300001 | The system service works abnormally. | 320| 12300003 | Account not found. | 321 322**Example** 323 324 ```ts 325 import { BusinessError } from '@kit.BasicServicesKit'; 326 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 327 let localId: number = 100; 328 try { 329 accountManager.isOsAccountUnlocked(localId).then((isVerified: boolean) => { 330 console.log('isOsAccountUnlocked successfully, isVerified: ' + isVerified); 331 }).catch((err: BusinessError) => { 332 console.error('isOsAccountUnlocked failed, error: ' + JSON.stringify(err)); 333 }); 334 } catch (err) { 335 console.error('isOsAccountUnlocked exception: ' + JSON.stringify(err)); 336 } 337 ``` 338 339### removeOsAccount 340 341removeOsAccount(localId: number, callback: AsyncCallback<void>): void 342 343Removes a system account. This API uses an asynchronous callback to return the result. 344 345**System API**: This is a system API. 346 347**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 348 349**System capability**: SystemCapability.Account.OsAccount 350 351**Parameters** 352 353| Name | Type | Mandatory| Description | 354| -------- | ------------------------- | ---- | -------------------------------------------------- | 355| localId | number | Yes | ID of the target system account. | 356| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 357 358**Error codes** 359 360| ID| Error Message | 361| -------- | ------------------- | 362| 201 | Permission denied.| 363| 202 | Not system application.| 364| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 365| 12300001 | The system service works abnormally. | 366| 12300002 | Invalid localId. | 367| 12300003 | Account not found. | 368| 12300008 | Restricted Account. | 369| 12300010 | Service busy. Possible causes: The target account is being operated. | 370 371**Example** 372 373 ```ts 374 import { BusinessError } from '@kit.BasicServicesKit'; 375 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 376 let accountName: string = 'testAccountName'; 377 try { 378 accountManager.createOsAccount(accountName, osAccount.OsAccountType.NORMAL, 379 (err: BusinessError, osAccountInfo: osAccount.OsAccountInfo) => { 380 accountManager.removeOsAccount(osAccountInfo.localId, (err: BusinessError)=>{ 381 if (err) { 382 console.error('removeOsAccount failed, error: ' + JSON.stringify(err)); 383 } else { 384 console.log('removeOsAccount successfully'); 385 } 386 }); 387 }); 388 } catch (err) { 389 console.error('removeOsAccount exception: ' + JSON.stringify(err)); 390 } 391 ``` 392 393### removeOsAccount 394 395removeOsAccount(localId: number): Promise<void> 396 397Removes a system account. This API uses a promise to return the result. 398 399**System API**: This is a system API. 400 401**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 402 403**System capability**: SystemCapability.Account.OsAccount 404 405**Parameters** 406 407| Name | Type | Mandatory| Description | 408| ------- | ------ | ---- | --------------------------------- | 409| localId | number | Yes | ID of the target system account.| 410 411**Return value** 412 413| Type | Description | 414| ------------------- | ------------------------------------ | 415| Promise<void> | Promise that returns no value.| 416 417**Error codes** 418 419| ID| Error Message | 420| -------- | ------------------- | 421| 201 | Permission denied.| 422| 202 | Not system application.| 423| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 424| 12300001 | The system service works abnormally. | 425| 12300002 | Invalid localId. | 426| 12300003 | Account not found. | 427| 12300008 | Restricted Account. | 428| 12300010 | Service busy. Possible causes: The target account is being operated. | 429 430**Example** 431 432 ```ts 433 import { BusinessError } from '@kit.BasicServicesKit'; 434 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 435 let accountName: string = 'testAccountName'; 436 try { 437 accountManager.createOsAccount(accountName, osAccount.OsAccountType.NORMAL, 438 (err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{ 439 accountManager.removeOsAccount(osAccountInfo.localId).then(() => { 440 console.log('removeOsAccount successfully'); 441 }).catch((err: BusinessError) => { 442 console.error('removeOsAccount failed, error: ' + JSON.stringify(err)); 443 }); 444 }); 445 } catch (err) { 446 console.error('removeOsAccount exception: ' + JSON.stringify(err)); 447 } 448 ``` 449 450### setOsAccountConstraints 451 452setOsAccountConstraints(localId: number, constraints: Array<string>, enable: boolean,callback: AsyncCallback<void>): void 453 454Sets or removes constraints for a system account. This API uses an asynchronous callback to return the result. 455 456**System API**: This is a system API. 457 458**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 459 460**System capability**: SystemCapability.Account.OsAccount 461 462**Parameters** 463 464| Name | Type | Mandatory| Description | 465| ----------- | ------------------------- | ---- | ----------------------------------------------- | 466| localId | number | Yes | ID of the target system account. | 467| constraints | Array<string> | Yes | [Constraints](js-apis-osAccount.md#constraints) to set or remove. | 468| enable | boolean | Yes | Whether to set or remove constraints. The value **true** means to set constraints, and **false** means to remove constraints. | 469| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 470 471**Error codes** 472 473| ID| Error Message | 474| -------- | ------------------- | 475| 201 | Permission denied.| 476| 202 | Not system application.| 477| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 478| 12300001 | The system service works abnormally. | 479| 12300002 | Invalid localId or constraints. | 480| 12300003 | Account not found. | 481| 12300008 | Restricted Account. | 482 483**Example**: Disable Wi-Fi for system account 100. 484 485 ```ts 486 import { BusinessError } from '@kit.BasicServicesKit'; 487 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 488 let localId: number = 100; 489 let constraint: string = 'constraint.wifi'; 490 try { 491 accountManager.setOsAccountConstraints(localId, [constraint], true, (err: BusinessError) => { 492 if (err) { 493 console.error('setOsAccountConstraints failed, error: ' + JSON.stringify(err)); 494 } else { 495 console.log('setOsAccountConstraints successfully'); 496 } 497 }); 498 } catch (err) { 499 console.error('setOsAccountConstraints exception: ' + JSON.stringify(err)); 500 } 501 ``` 502 503### setOsAccountConstraints 504 505setOsAccountConstraints(localId: number, constraints: Array<string>, enable: boolean): Promise<void> 506 507Sets or removes constraints for a system account. This API uses a promise to return the result. 508 509**System API**: This is a system API. 510 511**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 512 513**System capability**: SystemCapability.Account.OsAccount 514 515**Parameters** 516 517| Name | Type | Mandatory| Description | 518| ----------- | ------------------- | ---- | -------------------------------------------- | 519| localId | number | Yes | ID of the target system account. | 520| constraints | Array<string> | Yes | [Constraints](js-apis-osAccount.md#constraints) to set or remove. | 521| enable | boolean | Yes | Set or remove constraints. The value **true** means to set constraints, and **false** means to remove constraints. | 522 523**Return value** 524 525| Type | Description | 526| :------------------ | :----------------------------------- | 527| Promise<void> | Promise that returns no value.| 528 529**Error codes** 530 531| ID| Error Message | 532| -------- | ------------------- | 533| 201 | Permission denied.| 534| 202 | Not system application.| 535| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 536| 12300001 | The system service works abnormally. | 537| 12300002 | Invalid localId or constraints. | 538| 12300003 | Account not found. | 539| 12300008 | Restricted Account. | 540 541**Example**: Remove the constraint on the use of Wi-Fi for system account 100. 542 543 ```ts 544 import { BusinessError } from '@kit.BasicServicesKit'; 545 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 546 let localId: number = 100; 547 try { 548 accountManager.setOsAccountConstraints(localId, ['constraint.location.set'], false).then(() => { 549 console.info('setOsAccountConstraints successfully'); 550 }).catch((err: BusinessError) => { 551 console.error('setOsAccountConstraints failed, error: ' + JSON.stringify(err)); 552 }); 553 } catch (err) { 554 console.error('setOsAccountConstraints exception: ' + JSON.stringify(err)); 555 } 556 ``` 557 558### setOsAccountName 559 560setOsAccountName(localId: number, localName: string, callback: AsyncCallback<void>): void 561 562Sets the name of a system account. This API uses an asynchronous callback to return the result. 563 564**System API**: This is a system API. 565 566**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 567 568**System capability**: SystemCapability.Account.OsAccount 569 570**Parameters** 571 572| Name | Type | Mandatory| Description | 573| :-------- | ------------------------- | ---- | ----------------------------------------------- | 574| localId | number | Yes | ID of the target system account. | 575| localName | string | Yes | Account name to set. The value cannot exceed 1024 characters. | 576| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 577 578**Error codes** 579 580| ID| Error Message | 581| -------- | ------------------- | 582| 201 | Permission denied.| 583| 202 | Not system application.| 584| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 585| 12300001 | The system service works abnormally. | 586| 12300002 | Invalid localId or localName. | 587| 12300003 | Account not found. | 588| 12300008 | Restricted Account. | 589 590**Example**: Set the name of system account 100 to **demoName**. 591 592 ```ts 593 import { BusinessError } from '@kit.BasicServicesKit'; 594 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 595 let localId: number = 100; 596 let name: string = 'demoName'; 597 try { 598 accountManager.setOsAccountName(localId, name, (err: BusinessError) => { 599 if (err) { 600 console.error('setOsAccountName failed, error: ' + JSON.stringify(err)); 601 } else { 602 console.log('setOsAccountName successfully'); 603 } 604 }); 605 } catch (err) { 606 console.error('setOsAccountName exception: ' + JSON.stringify(err)); 607 } 608 ``` 609 610### setOsAccountName 611 612setOsAccountName(localId: number, localName: string): Promise<void> 613 614Sets the name of a system account. This API uses a promise to return the result. 615 616**System API**: This is a system API. 617 618**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 619 620**System capability**: SystemCapability.Account.OsAccount 621 622**Parameters** 623 624| Name | Type | Mandatory| Description | 625| --------- | ------ | ---- | --------------------------------- | 626| localId | number | Yes | ID of the target system account.| 627| localName | string | Yes | Account name to set. The value cannot exceed 1024 characters. | 628 629**Return value** 630 631| Type | Description | 632| ------------------- | ------------------------------------ | 633| Promise<void> | Promise that returns no value.| 634 635**Error codes** 636 637| ID| Error Message | 638| -------- | ------------------- | 639| 201 | Permission denied.| 640| 202 | Not system application.| 641| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 642| 12300001 | The system service works abnormally. | 643| 12300002 | Invalid localId or localName. | 644| 12300003 | Account not found. | 645| 12300008 | Restricted Account. | 646 647**Example**: Set the name of system account 100 to **demoName**. 648 649 ```ts 650 import { BusinessError } from '@kit.BasicServicesKit'; 651 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 652 let localId: number = 100; 653 let name: string = 'testName'; 654 try { 655 accountManager.setOsAccountName(localId, name).then(() => { 656 console.log('setOsAccountName successfully'); 657 }).catch((err: BusinessError) => { 658 console.error('setOsAccountName failed, error: ' + JSON.stringify(err)); 659 }); 660 } catch (err) { 661 console.error('setOsAccountName exception: ' + JSON.stringify(err)); 662 } 663 ``` 664 665### queryMaxOsAccountNumber 666 667queryMaxOsAccountNumber(callback: AsyncCallback<number>): void 668 669Queries the maximum number of system accounts that can be created. This API uses an asynchronous callback to return the result. 670 671**System API**: This is a system API. 672 673**System capability**: SystemCapability.Account.OsAccount 674 675**Parameters** 676 677| Name | Type | Mandatory| Description | 678| -------- | --------------------------- | ---- | -------------------------------------------------------------------------------- | 679| callback | AsyncCallback<number> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the maximum number of system accounts that can be created. Otherwise, **err** is an error object.| 680 681**Error codes** 682 683| ID| Error Message | 684| -------- | ------------- | 685| 202 | Not system application.| 686| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 687| 12300001 | The system service works abnormally. | 688 689**Example** 690 691 ```ts 692 import { BusinessError } from '@kit.BasicServicesKit'; 693 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 694 try { 695 accountManager.queryMaxOsAccountNumber((err: BusinessError, maxCnt: number) => { 696 if (err) { 697 console.error('queryMaxOsAccountNumber failed, error:' + JSON.stringify(err)); 698 } else { 699 console.log('queryMaxOsAccountNumber successfully, maxCnt:' + maxCnt); 700 } 701 }); 702 } catch (err) { 703 console.error('queryMaxOsAccountNumber exception: ' + JSON.stringify(err)); 704 } 705 ``` 706 707### queryMaxOsAccountNumber 708 709queryMaxOsAccountNumber(): Promise<number> 710 711Queries the maximum number of system accounts that can be created. This API uses a promise to return the result. 712 713**System API**: This is a system API. 714 715**System capability**: SystemCapability.Account.OsAccount 716 717**Return value** 718 719| Type | Description | 720| --------------------- | ------------------------------------------- | 721| Promise<number> | Promise used to return the result.| 722 723**Error codes** 724 725| ID| Error Message | 726| -------- | ------------- | 727| 202 | Not system application.| 728| 12300001 | The system service works abnormally. | 729 730**Example** 731 732 ```ts 733 import { BusinessError } from '@kit.BasicServicesKit'; 734 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 735 try { 736 accountManager.queryMaxOsAccountNumber().then((maxCnt: number) => { 737 console.log('queryMaxOsAccountNumber successfully, maxCnt: ' + maxCnt); 738 }).catch((err: BusinessError) => { 739 console.error('queryMaxOsAccountNumber failed, error: ' + JSON.stringify(err)); 740 }); 741 } catch (err) { 742 console.error('queryMaxOsAccountNumber exception: ' + JSON.stringify(err)); 743 } 744 ``` 745 746### queryMaxLoggedInOsAccountNumber<sup>12+</sup> 747 748queryMaxLoggedInOsAccountNumber(): Promise<number> 749 750Queries the maximum number of system accounts allowed to log in to the system. This API uses a promise to return the result. 751 752**System API**: This is a system API. 753 754**System capability**: SystemCapability.Account.OsAccount 755 756**Return value** 757 758| Type | Description | 759| --------------------- | ------------------------------------------- | 760| Promise<number> | Promise used to return the result.| 761 762**Error codes** 763 764| ID| Error Message | 765| -------- | ------------- | 766| 202 | Not system application.| 767| 12300001 | The system service works abnormally. | 768 769**Example** 770 771 ```ts 772 import { BusinessError } from '@kit.BasicServicesKit'; 773 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 774 try { 775 accountManager.queryMaxLoggedInOsAccountNumber().then((maxNum: number) => { 776 console.log('queryMaxLoggedInOsAccountNumber successfully, maxNum: ' + maxNum); 777 }).catch((err: BusinessError) => { 778 console.error('queryMaxLoggedInOsAccountNumber failed, error: ' + JSON.stringify(err)); 779 }); 780 } catch (err) { 781 console.error('queryMaxLoggedInOsAccountNumber exception: ' + JSON.stringify(err)); 782 } 783 ``` 784 785### getEnabledOsAccountConstraints<sup>11+</sup> 786 787getEnabledOsAccountConstraints(localId: number): Promise<Array<string>> 788 789Obtains all the enabled constraints of a system account. This API uses a promise to return the result. 790 791**System API**: This is a system API. 792 793**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 794 795**System capability**: SystemCapability.Account.OsAccount 796 797**Parameters** 798 799| Name | Type | Mandatory| Description | 800| ------- | ------ | ---- | ------------ | 801| localId | number | Yes | ID of the target system account.| 802 803**Return value** 804 805| Type | Description | 806| ---------------------------------- | ---------------------------------------------------------- | 807| Promise<Array<string>> | Promise used to return all the enabled [constraints](js-apis-osAccount.md#constraints) of the system account.| 808 809**Error codes** 810 811| ID| Error Message | 812| -------- | ------------------- | 813| 201 | Permission denied.| 814| 202 | Not system application.| 815| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 816| 12300001 | The system service works abnormally. | 817| 12300003 | Account not found. | 818 819**Example**: Obtain all constraints of system account 100. 820 821 ```ts 822 import { BusinessError } from '@kit.BasicServicesKit'; 823 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 824 let localId: number = 100; 825 try { 826 accountManager.getEnabledOsAccountConstraints(localId).then((constraints: string[]) => { 827 console.log('getEnabledOsAccountConstraints, constraints: ' + constraints); 828 }).catch((err: BusinessError) => { 829 console.error('getEnabledOsAccountConstraints err: ' + JSON.stringify(err)); 830 }); 831 } catch (e) { 832 console.error('getEnabledOsAccountConstraints exception: ' + JSON.stringify(e)); 833 } 834 ``` 835 836### queryAllCreatedOsAccounts 837 838queryAllCreatedOsAccounts(callback: AsyncCallback<Array<OsAccountInfo>>): void 839 840Queries information about all the system accounts created. This API uses an asynchronous callback to return the result. 841 842**System API**: This is a system API. 843 844**System capability**: SystemCapability.Account.OsAccount 845 846**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 847 848**Parameters** 849 850| Name | Type | Mandatory| Description | 851| -------- | ------------------------------------------------------------ | ---- | -------------------------------------------------- | 852| callback | AsyncCallback<Array<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is a list of all created system accounts. Otherwise, **data** is an error object.| 853 854**Error codes** 855 856| ID| Error Message | 857| -------- | ------------- | 858| 201 | Permission denied.| 859| 202 | Not system application.| 860| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types.| 861| 12300001 | The system service works abnormally. | 862 863**Example** 864 865 ```ts 866 import { BusinessError } from '@kit.BasicServicesKit'; 867 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 868 try { 869 accountManager.queryAllCreatedOsAccounts((err: BusinessError, accountArr: osAccount.OsAccountInfo[])=>{ 870 if (err) { 871 console.error('queryAllCreatedOsAccounts exception:' + JSON.stringify(err)); 872 } else { 873 console.log('queryAllCreatedOsAccounts accountArr:' + JSON.stringify(accountArr)); 874 } 875 }); 876 } catch (e) { 877 console.error('queryAllCreatedOsAccounts exception: ' + JSON.stringify(e)); 878 } 879 ``` 880 881### queryAllCreatedOsAccounts 882 883queryAllCreatedOsAccounts(): Promise<Array<OsAccountInfo>> 884 885Queries information about all the system accounts created. This API uses a promise to return the result. 886 887**System API**: This is a system API. 888 889**System capability**: SystemCapability.Account.OsAccount 890 891**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 892 893**Return value** 894 895| Type | Description | 896| ----------------------------------------------------------- | --------------------------------------------- | 897| Promise<Array<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)>> | Promise used to return the information about all the system accounts created.| 898 899**Error codes** 900 901| ID| Error Message | 902| -------- | ------------- | 903| 201 | Permission denied.| 904| 202 | Not system application.| 905| 12300001 | The system service works abnormally. | 906 907**Example** 908 909 ```ts 910 import { BusinessError } from '@kit.BasicServicesKit'; 911 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 912 try { 913 accountManager.queryAllCreatedOsAccounts().then((accountArr: osAccount.OsAccountInfo[]) => { 914 console.log('queryAllCreatedOsAccounts, accountArr: ' + JSON.stringify(accountArr)); 915 }).catch((err: BusinessError) => { 916 console.error('queryAllCreatedOsAccounts err: ' + JSON.stringify(err)); 917 }); 918 } catch (e) { 919 console.error('queryAllCreatedOsAccounts exception: ' + JSON.stringify(e)); 920 } 921 ``` 922 923### createOsAccount 924 925createOsAccount(localName: string, type: OsAccountType, callback: AsyncCallback<OsAccountInfo>): void 926 927Creates a system account. This API uses an asynchronous callback to return the result. 928 929**System API**: This is a system API. 930 931**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 932 933**System capability**: SystemCapability.Account.OsAccount 934 935**Parameters** 936 937| Name | Type | Mandatory| Description | 938| :-------- | ---------------------------------------------------- | ---- | --------------------------------------------------------------------------- | 939| localName | string | Yes | Name of the system account to create. | 940| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create. | 941| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the created system account. Otherwise, **err** is an error object.| 942 943**Error codes** 944 945| ID | Error Message | 946| -------- | ------------------------- | 947| 201 | Permission denied.| 948| 202 | Not system application.| 949| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 950| 12300001 | The system service works abnormally. | 951| 12300002 | Invalid localName or type. | 952| 12300004 | Local name already exists. | 953| 12300005 | Multi-user not supported. | 954| 12300006 | Unsupported account type. | 955| 12300007 | The number of accounts has reached the upper limit. | 956 957**Example** 958 959 ```ts 960 import { BusinessError } from '@kit.BasicServicesKit'; 961 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 962 try { 963 accountManager.createOsAccount('testName', osAccount.OsAccountType.NORMAL, 964 (err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{ 965 if (err) { 966 console.error('createOsAccount exception:' + JSON.stringify(err)); 967 } else { 968 console.log('createOsAccount osAccountInfo:' + JSON.stringify(osAccountInfo)); 969 } 970 }); 971 } catch (e) { 972 console.error('createOsAccount exception: ' + JSON.stringify(e)); 973 } 974 ``` 975 976### createOsAccount 977 978createOsAccount(localName: string, type: OsAccountType, options?: CreateOsAccountOptions): Promise<OsAccountInfo> 979 980Creates a system account. This API uses a promise to return the result. 981 982**System API**: This is a system API. 983 984**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 985 986**System capability**: SystemCapability.Account.OsAccount 987 988**Parameters** 989 990| Name | Type | Mandatory| Description | 991| --------- | ------------------------------- | ---- | ---------------------- | 992| localName | string | Yes | Name of the system account to create.| 993| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create.| 994| options | [CreateOsAccountOptions](#createosaccountoptions12) | No | Options for creating a system account. By default, this parameter is left blank.<br>This parameter is supported since API version 12.| 995 996**Return value** 997 998| Type | Description | 999| ---------------------------------------------- | ------------------------------------- | 1000| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the information about the created system account.| 1001 1002**Error codes** 1003 1004| ID | Error Message | 1005| -------- | ------------------------- | 1006| 201 | Permission denied.| 1007| 202 | Not system application.| 1008| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1009| 12300001 | The system service works abnormally. | 1010| 12300002 | Invalid localName, type or options. | 1011| 12300004 | Local name already exists. | 1012| 12300005 | Multi-user not supported. | 1013| 12300006 | Unsupported account type. | 1014| 12300007 | The number of accounts has reached the upper limit. | 1015| 12300015 | The short name already exists. | 1016 1017**Example** 1018 1019 ```ts 1020 import { BusinessError } from '@kit.BasicServicesKit'; 1021 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1022 let options: osAccount.CreateOsAccountOptions = { 1023 shortName: 'myShortName', 1024 disallowedPreinstalledBundles: [], 1025 allowedPreinstalledBundles: [], 1026 } 1027 try { 1028 accountManager.createOsAccount('testAccountName', osAccount.OsAccountType.NORMAL, options).then( 1029 (accountInfo: osAccount.OsAccountInfo) => { 1030 console.log('createOsAccount, accountInfo: ' + JSON.stringify(accountInfo)); 1031 }).catch((err: BusinessError) => { 1032 console.error('createOsAccount err: ' + JSON.stringify(err)); 1033 }); 1034 } catch (e) { 1035 console.error('createOsAccount exception: ' + JSON.stringify(e)); 1036 } 1037 ``` 1038 1039### createOsAccountForDomain<sup>8+</sup> 1040 1041createOsAccountForDomain(type: OsAccountType, domainInfo: DomainAccountInfo, callback: AsyncCallback<OsAccountInfo>): void 1042 1043Creates a system account and associates it with the specified domain account. This API uses an asynchronous callback to return the result. 1044 1045**System API**: This is a system API. 1046 1047**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1048 1049**System capability**: SystemCapability.Account.OsAccount 1050 1051**Parameters** 1052 1053| Name | Type | Mandatory| Description | 1054| ---------- | ---------------------------------------------------- | ---- | -------------------------------------------------------------------------- | 1055| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create. | 1056| domainInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. | 1057| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the created system account. Otherwise, **err** is an error object.| 1058 1059**Error codes** 1060 1061| ID| Error Message | 1062| -------- | ------------------- | 1063| 201 | Permission denied.| 1064| 202 | Not system application.| 1065| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1066| 801 | Capability not supported.| 1067| 12300001 | The system service works abnormally. | 1068| 12300002 | Invalid type or domainInfo. | 1069| 12300004 | Account already exists. | 1070| 12300005 | Multi-user not supported. | 1071| 12300006 | Unsupported account type. | 1072| 12300007 | The number of accounts has reached the upper limit. | 1073 1074**Example** 1075 1076 ```ts 1077 import { BusinessError } from '@kit.BasicServicesKit'; 1078 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1079 let domainInfo: osAccount.DomainAccountInfo = 1080 {domain: 'testDomain', accountName: 'testAccountName'}; 1081 try { 1082 accountManager.createOsAccountForDomain(osAccount.OsAccountType.NORMAL, domainInfo, 1083 (err: BusinessError, osAccountInfo: osAccount.OsAccountInfo)=>{ 1084 if (err) { 1085 console.error('createOsAccountForDomain exception:' + JSON.stringify(err)); 1086 } else { 1087 console.log('createOsAccountForDomain osAccountInfo:' + JSON.stringify(osAccountInfo)); 1088 } 1089 }); 1090 } catch (e) { 1091 console.error('createOsAccountForDomain exception: ' + JSON.stringify(e)); 1092 } 1093 ``` 1094 1095### createOsAccountForDomain<sup>8+</sup> 1096 1097createOsAccountForDomain(type: OsAccountType, domainInfo: DomainAccountInfo, options?: CreateOsAccountForDomainOptions): Promise<OsAccountInfo> 1098 1099Creates a system account and associates it with the specified domain account. This API uses a promise to return the result. 1100 1101**System API**: This is a system API. 1102 1103**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1104 1105**System capability**: SystemCapability.Account.OsAccount 1106 1107**Parameters** 1108 1109| Name | Type | Mandatory| Description | 1110| ---------- | ---------------------------------------- | ---- | -------------------- | 1111| type | [OsAccountType](js-apis-osAccount.md#osaccounttype) | Yes | Type of the system account to create.| 1112| domainInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. | 1113| options | [CreateOsAccountForDomainOptions](#createosaccountfordomainoptions12) | No | Optional parameters for creating the account. By default, this parameter is left blank.<br>This parameter is supported since API version 12.| 1114 1115**Return value** 1116 1117| Type | Description | 1118| ---------------------------------------------- | -------------------------------------- | 1119| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the information about the created system account.| 1120 1121**Error codes** 1122 1123| ID| Error Message | 1124| -------- | ------------------- | 1125| 201 | Permission denied.| 1126| 202 | Not system application.| 1127| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1128| 801 | Capability not supported.| 1129| 12300001 | The system service works abnormally. | 1130| 12300002 | Invalid type, domainInfo or options. | 1131| 12300004 | Account already exists. | 1132| 12300005 | Multi-user not supported. | 1133| 12300006 | Unsupported account type. | 1134| 12300007 | The number of accounts has reached the upper limit. | 1135| 12300015 | The short name already exists. | 1136 1137**Example** 1138 1139 ```ts 1140 import { BusinessError } from '@kit.BasicServicesKit'; 1141 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1142 let domainInfo: osAccount.DomainAccountInfo = 1143 {domain: 'testDomain', accountName: 'testAccountName'}; 1144 let options: osAccount.CreateOsAccountForDomainOptions = { 1145 shortName: 'myShortName' 1146 } 1147 try { 1148 accountManager.createOsAccountForDomain(osAccount.OsAccountType.NORMAL, domainInfo, options).then( 1149 (accountInfo: osAccount.OsAccountInfo) => { 1150 console.log('createOsAccountForDomain, account info: ' + JSON.stringify(accountInfo)); 1151 }).catch((err: BusinessError) => { 1152 console.error('createOsAccountForDomain err: ' + JSON.stringify(err)); 1153 }); 1154 } catch (e) { 1155 console.error('createOsAccountForDomain exception: ' + JSON.stringify(e)); 1156 } 1157 ``` 1158 1159### queryOsAccount<sup>11+</sup> 1160 1161queryOsAccount(): Promise<OsAccountInfo> 1162 1163Obtains information about the system account to which the current process belongs. This API uses a promise to return the result. 1164 1165**System API**: This is a system API. 1166 1167**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.GET_LOCAL_ACCOUNTS 1168 1169**System capability**: SystemCapability.Account.OsAccount 1170 1171**Return value** 1172 1173| Type | Description | 1174| ---------------------------------------------- | ----------------------------------------- | 1175| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the system account information obtained.| 1176 1177**Error codes** 1178 1179| ID| Error Message | 1180| -------- | ------------------- | 1181| 201 | Permission denied.| 1182| 202 | Not system application.| 1183| 12300001 | The system service works abnormally. | 1184 1185**Example** 1186 1187 ```ts 1188 import { BusinessError } from '@kit.BasicServicesKit'; 1189 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1190 try { 1191 accountManager.queryOsAccount().then((accountInfo: osAccount.OsAccountInfo) => { 1192 console.log('queryOsAccount, accountInfo: ' + JSON.stringify(accountInfo)); 1193 }).catch((err: BusinessError) => { 1194 console.error('queryOsAccount err: ' + JSON.stringify(err)); 1195 }); 1196 } catch (e) { 1197 console.error('queryOsAccount exception: ' + JSON.stringify(e)); 1198 } 1199 ``` 1200 1201### queryOsAccountById 1202 1203queryOsAccountById(localId: number, callback: AsyncCallback<OsAccountInfo>): void 1204 1205Queries information about the system account of the given ID. This API uses an asynchronous callback to return the result. 1206 1207**System API**: This is a system API. 1208 1209**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 1210 1211**System capability**: SystemCapability.Account.OsAccount 1212 1213**Parameters** 1214 1215| Name | Type | Mandatory| Description | 1216| -------- | ---------------------------------------------------- | ---- | ------------------------------------------------------------------------ | 1217| localId | number | Yes | ID of the target system account. | 1218| callback | AsyncCallback<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the system account information obtained. Otherwise, **data** is an error object.| 1219 1220**Error codes** 1221 1222| ID| Error Message | 1223| -------- | ------------------- | 1224| 201 | Permission denied.| 1225| 202 | Not system application.| 1226| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1227| 12300001 | The system service works abnormally. | 1228| 12300002 | Invalid localId. | 1229| 12300003 | Account not found. | 1230 1231**Example**: Query information about system account 100. 1232 1233 ```ts 1234 import { BusinessError } from '@kit.BasicServicesKit'; 1235 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1236 let localId: number = 100; 1237 try { 1238 accountManager.queryOsAccountById(localId, (err: BusinessError, accountInfo: osAccount.OsAccountInfo)=>{ 1239 if (err) { 1240 console.error('queryOsAccountById exception:' + JSON.stringify(err)); 1241 } else { 1242 console.log('queryOsAccountById accountInfo:' + JSON.stringify(accountInfo)); 1243 } 1244 }); 1245 } catch (e) { 1246 console.error('queryOsAccountById exception: ' + JSON.stringify(e)); 1247 } 1248 ``` 1249 1250### queryOsAccountById 1251 1252queryOsAccountById(localId: number): Promise<OsAccountInfo> 1253 1254Queries information about the system account of the given ID. This API uses a promise to return the result. 1255 1256**System API**: This is a system API. 1257 1258**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 1259 1260**System capability**: SystemCapability.Account.OsAccount 1261 1262**Parameters** 1263 1264| Name | Type | Mandatory| Description | 1265| ------- | ------ | ---- | -------------------- | 1266| localId | number | Yes | ID of the target system account.| 1267 1268**Return value** 1269 1270| Type | Description | 1271| ---------------------------------------------- | ------------------------------------ | 1272| Promise<[OsAccountInfo](js-apis-osAccount.md#osaccountinfo)> | Promise used to return the system account information obtained.| 1273 1274**Error codes** 1275 1276| ID| Error Message | 1277| -------- | ------------------- | 1278| 201 | Permission denied.| 1279| 202 | Not system application.| 1280| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1281| 12300001 | The system service works abnormally. | 1282| 12300002 | Invalid localId. | 1283| 12300003 | Account not found. | 1284 1285**Example**: Query information about system account 100. 1286 1287 ```ts 1288 import { BusinessError } from '@kit.BasicServicesKit'; 1289 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1290 let localId: number = 100; 1291 try { 1292 accountManager.queryOsAccountById(localId).then((accountInfo: osAccount.OsAccountInfo) => { 1293 console.log('queryOsAccountById, accountInfo: ' + JSON.stringify(accountInfo)); 1294 }).catch((err: BusinessError) => { 1295 console.error('queryOsAccountById err: ' + JSON.stringify(err)); 1296 }); 1297 } catch (e) { 1298 console.error('queryOsAccountById exception: ' + JSON.stringify(e)); 1299 } 1300 ``` 1301 1302### getOsAccountProfilePhoto 1303 1304getOsAccountProfilePhoto(localId: number, callback: AsyncCallback<string>): void 1305 1306Obtains the profile photo of a system account. This API uses an asynchronous callback to return the result. 1307 1308**System API**: This is a system API. 1309 1310**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1311 1312**System capability**: SystemCapability.Account.OsAccount 1313 1314**Parameters** 1315 1316| Name | Type | Mandatory| Description | 1317| -------- | --------------------------- | ---- | -------------------------------------------------------------------------- | 1318| localId | number | Yes | ID of the target system account. | 1319| callback | AsyncCallback<string> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the profile photo information obtained. Otherwise, **err** is an error object.| 1320 1321**Error codes** 1322 1323| ID| Error Message | 1324| -------- | ------------------- | 1325| 201 | Permission denied.| 1326| 202 | Not system application.| 1327| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1328| 12300001 | The system service works abnormally. | 1329| 12300002 | Invalid localId. | 1330| 12300003 | Account not found. | 1331 1332**Example**: Obtain the profile photo of system account 100. 1333 1334 ```ts 1335 import { BusinessError } from '@kit.BasicServicesKit'; 1336 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1337 let localId: number = 100; 1338 try { 1339 accountManager.getOsAccountProfilePhoto(localId, (err: BusinessError, photo: string)=>{ 1340 if (err) { 1341 console.error('getOsAccountProfilePhoto exception:' + JSON.stringify(err)); 1342 } else { 1343 console.log('get photo:' + photo + ' by localId: ' + localId); 1344 } 1345 }); 1346 } catch (e) { 1347 console.error('getOsAccountProfilePhoto exception: ' + JSON.stringify(e)); 1348 } 1349 ``` 1350 1351### getOsAccountProfilePhoto 1352 1353getOsAccountProfilePhoto(localId: number): Promise<string> 1354 1355Obtains the profile photo of a system account. This API uses a promise to return the result. 1356 1357**System API**: This is a system API. 1358 1359**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1360 1361**System capability**: SystemCapability.Account.OsAccount 1362 1363**Parameters** 1364 1365| Name | Type | Mandatory| Description | 1366| ------- | ------ | ---- | ------------ | 1367| localId | number | Yes | ID of the target system account.| 1368 1369**Return value** 1370 1371| Type | Description | 1372| --------------------- | -------------------------------------- | 1373| Promise<string> | Promise used to return the profile photo information obtained.| 1374 1375**Error codes** 1376 1377| ID| Error Message | 1378| -------- | ------------------- | 1379| 201 | Permission denied.| 1380| 202 | Not system application.| 1381| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1382| 12300001 | The system service works abnormally. | 1383| 12300002 | Invalid localId. | 1384| 12300003 | Account not found. | 1385 1386**Example**: Obtain the profile photo of system account 100. 1387 1388 ```ts 1389 import { BusinessError } from '@kit.BasicServicesKit'; 1390 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1391 let localId: number = 100; 1392 try { 1393 accountManager.getOsAccountProfilePhoto(localId).then((photo: string) => { 1394 console.log('getOsAccountProfilePhoto: ' + photo); 1395 }).catch((err: BusinessError) => { 1396 console.error('getOsAccountProfilePhoto err: ' + JSON.stringify(err)); 1397 }); 1398 } catch (e) { 1399 console.error('getOsAccountProfilePhoto exception: ' + JSON.stringify(e)); 1400 } 1401 ``` 1402 1403### setOsAccountProfilePhoto 1404 1405setOsAccountProfilePhoto(localId: number, photo: string, callback: AsyncCallback<void>): void 1406 1407Sets a profile photo for a system account. This API uses an asynchronous callback to return the result. 1408 1409**System API**: This is a system API. 1410 1411**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1412 1413**System capability**: SystemCapability.Account.OsAccount 1414 1415**Parameters** 1416 1417| Name | Type | Mandatory| Description | 1418| -------- | ------------------------- | ---- | ------------ | 1419| localId | number | Yes | ID of the target system account.| 1420| photo | string | Yes | Profile photo information. | 1421| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object. | 1422 1423**Error codes** 1424 1425| ID| Error Message | 1426| -------- | ------------------- | 1427| 201 | Permission denied.| 1428| 202 | Not system application.| 1429| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1430| 12300001 | The system service works abnormally. | 1431| 12300002 | Invalid localId or photo. | 1432| 12300003 | Account not found. | 1433| 12300008 | Restricted Account. | 1434 1435**Example**: Set a profile photo for system account 100. 1436 1437 ```ts 1438 import { BusinessError } from '@kit.BasicServicesKit'; 1439 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1440 let localId: number = 100; 1441 let photo: string = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAAPCAYAAAA/I0V3AAAAAXNSR0IArs4c6QAAAARnQU1BAA'+ 1442 'Cxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAACwSURBVDhPvZLBDYMwDEV/ugsXRjAT0EHCOuFIBwkbdIRewi6unbiAyoGgSn1SFH85+Y'+ 1443 'q/4ljARW62X+LHS8uIzjm4dXUYF+utzBikB52Jo5e5iEPKqpACk7R9NM2RvWm5tIkD2czLCUFNKLD6IjdMHFHDzws285MgGrT0xCtp3WOKHo'+ 1444 '+7q0mP0DZW9pNmoEFUzrQjp5cCnaen2kSJXLFD8ghbXyZCMQf/8e8Ns1XVAG/XAgqKzVnJFAAAAABJRU5ErkJggg==' 1445 try { 1446 accountManager.setOsAccountProfilePhoto(localId, photo, (err: BusinessError)=>{ 1447 if (err) { 1448 console.error('setOsAccountProfilePhoto exception:' + JSON.stringify(err)); 1449 } else { 1450 console.log('setOsAccountProfilePhoto successful.'); 1451 } 1452 }); 1453 } catch (e) { 1454 console.error('setOsAccountProfilePhoto exception: ' + JSON.stringify(e)); 1455 } 1456 ``` 1457 1458### setOsAccountProfilePhoto 1459 1460setOsAccountProfilePhoto(localId: number, photo: string): Promise<void> 1461 1462Sets a profile photo for a system account. This API uses a promise to return the result. 1463 1464**System API**: This is a system API. 1465 1466**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1467 1468**System capability**: SystemCapability.Account.OsAccount 1469 1470**Parameters** 1471 1472| Name | Type | Mandatory| Description | 1473| ------- | ------ | ---- | ------------ | 1474| localId | number | Yes | ID of the target system account.| 1475| photo | string | Yes | Profile photo information. | 1476 1477**Return value** 1478 1479| Type | Description | 1480| ------------------- | ------------------------------------ | 1481| Promise<void> | Promise that returns no value.| 1482 1483**Error codes** 1484 1485| ID| Error Message | 1486| -------- | ------------------- | 1487| 201 | Permission denied.| 1488| 202 | Not system application.| 1489| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1490| 12300001 | The system service works abnormally. | 1491| 12300002 | Invalid localId or photo. | 1492| 12300003 | Account not found. | 1493| 12300008 | Restricted Account. | 1494 1495**Example**: Set a profile photo for system account 100. 1496 1497 ```ts 1498 import { BusinessError } from '@kit.BasicServicesKit'; 1499 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1500 let localId: number = 100; 1501 let photo: string = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAAPCAYAAAA/I0V3AAAAAXNSR0IArs4c6QAAAARnQU1BAA'+ 1502 'Cxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAACwSURBVDhPvZLBDYMwDEV/ugsXRjAT0EHCOuFIBwkbdIRewi6unbiAyoGgSn1SFH85+Y'+ 1503 'q/4ljARW62X+LHS8uIzjm4dXUYF+utzBikB52Jo5e5iEPKqpACk7R9NM2RvWm5tIkD2czLCUFNKLD6IjdMHFHDzws285MgGrT0xCtp3WOKHo'+ 1504 '+7q0mP0DZW9pNmoEFUzrQjp5cCnaen2kSJXLFD8ghbXyZCMQf/8e8Ns1XVAG/XAgqKzVnJFAAAAABJRU5ErkJggg==' 1505 try { 1506 accountManager.setOsAccountProfilePhoto(localId, photo).then(() => { 1507 console.log('setOsAccountProfilePhoto success'); 1508 }).catch((err: BusinessError) => { 1509 console.error('setOsAccountProfilePhoto err: ' + JSON.stringify(err)); 1510 }); 1511 } catch (e) { 1512 console.error('setOsAccountProfilePhoto exception: ' + JSON.stringify(e)); 1513 } 1514 ``` 1515 1516### on 1517 1518on(type: 'activate' | 'activating', name: string, callback: Callback<number>): void 1519 1520Subscribes to the system account activation states, including the states of the account being activated and the account with activation completed. This API uses an asynchronous callback to return the result. 1521 1522**System API**: This is a system API. 1523 1524**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 1525 1526**System capability**: SystemCapability.Account.OsAccount 1527 1528**Parameters** 1529 1530| Name | Type | Mandatory| Description | 1531| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1532| type | 'activate' \| 'activating' | Yes | Type of the event to subscribe to. The value **activate** indicates that a system account is activated, and **activating** indicates that a system account is being activated.| 1533| name | string | Yes | Subscription name, which can be customized. The value cannot be empty or exceed 1024 bytes. | 1534| callback | Callback<number> | Yes | Callback used to return the ID of the system account being activated or activated. | 1535 1536**Error codes** 1537 1538| ID| Error Message | 1539| -------- | ------------- | 1540| 201 | Permission denied.| 1541| 202 | Not system application.| 1542| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1543| 12300001 | The system service works abnormally. | 1544| 12300002 | Invalid type or name. | 1545 1546**Example** 1547 1548 ```ts 1549 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1550 function onCallback(receiveLocalId: number){ 1551 console.log('receive localId:' + receiveLocalId); 1552 } 1553 try { 1554 accountManager.on('activating', 'osAccountOnOffNameA', onCallback); 1555 } catch (e) { 1556 console.error('receive localId exception: ' + JSON.stringify(e)); 1557 } 1558 ``` 1559 1560### off 1561 1562off(type: 'activate' | 'activating', name: string, callback?: Callback<number>): void 1563 1564Unsubscribes from the system account activation states, including the states of the account being activated and the account with activation completed. This API uses an asynchronous callback to return the result. 1565 1566**System API**: This is a system API. 1567 1568**Required permissions**: ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION 1569 1570**System capability**: SystemCapability.Account.OsAccount 1571 1572**Parameters** 1573 1574| Name | Type | Mandatory| Description | 1575| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1576| type | 'activate' \| 'activating' | Yes | Type of the event to unsubscribe from. The value **activate** indicates that a system account is activated, and **activating** indicates that a system account is being activated.| 1577| name | string | Yes | Subscription name, which can be customized. The value cannot be empty or exceed 1024 bytes, and must be the same as the value passed by **on()**.| 1578| callback | Callback<number> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the system account activation states. | 1579 1580**Error codes** 1581 1582| ID| Error Message | 1583| -------- | ------------- | 1584| 201 | Permission denied.| 1585| 202 | Not system application.| 1586| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1587| 12300001 | The system service works abnormally. | 1588| 12300002 | Invalid type or name. | 1589 1590**Example** 1591 1592 ```ts 1593 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1594 function offCallback(){ 1595 console.log('off enter') 1596 } 1597 try { 1598 accountManager.off('activating', 'osAccountOnOffNameA', offCallback); 1599 } catch (e) { 1600 console.error('off exception: ' + JSON.stringify(e)); 1601 } 1602 ``` 1603 1604### on<sup>12+</sup> 1605 1606on(type: 'switching', callback: Callback<OsAccountSwitchEventData>): void 1607 1608Subscribes to the switchover between a foreground system account and a background system account in progress. This API uses an asynchronous callback to return the result. 1609 1610**System API**: This is a system API. 1611 1612**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1613 1614**System capability**: SystemCapability.Account.OsAccount 1615 1616**Parameters** 1617 1618| Name | Type | Mandatory| Description | 1619| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1620| type | 'switching' | Yes | Event type. The value **switching** indicates that the switchover between a foreground system account and a background account is being performed.| 1621| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | Yes | Callback used to return the system account IDs before and after the switchover. | 1622 1623**Error codes** 1624 1625| ID| Error Message | 1626| -------- | ------------- | 1627| 201 | Permission denied.| 1628| 202 | Not system application.| 1629| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1630| 12300001 | The system service works abnormally. | 1631| 12300002 | Invalid type. | 1632 1633**Example** 1634 1635 ```ts 1636 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1637 function onSwitchingCallback(eventData: osAccount.OsAccountSwitchEventData){ 1638 console.log('receive eventData:' + JSON.stringify(eventData)); 1639 } 1640 try { 1641 accountManager.on('switching', onSwitchingCallback); 1642 } catch (e) { 1643 console.error('receive eventData exception: ' + JSON.stringify(e)); 1644 } 1645 ``` 1646 1647### off<sup>12+</sup> 1648 1649off(type: 'switching', callback?: Callback<OsAccountSwitchEventData>): void 1650 1651Unsubscribes from the switchover between a foreground system account and a background system account in progress. This API uses an asynchronous callback to return the result. 1652 1653**System API**: This is a system API. 1654 1655**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1656 1657**System capability**: SystemCapability.Account.OsAccount 1658 1659**Parameters** 1660 1661| Name | Type | Mandatory| Description | 1662| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1663| type | 'switching' | Yes | Event type. The value **switching** indicates that the switchover between a foreground system account and a background account is being performed.| 1664| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the **switching** event. | 1665 1666**Error codes** 1667 1668| ID| Error Message | 1669| -------- | ------------- | 1670| 201 | Permission denied.| 1671| 202 | Not system application.| 1672| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1673| 12300001 | The system service works abnormally. | 1674| 12300002 | Invalid type. | 1675 1676**Example** 1677 1678 ```ts 1679 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1680 try { 1681 accountManager.off('switching'); 1682 } catch (e) { 1683 console.error('off exception: ' + JSON.stringify(e)); 1684 } 1685 ``` 1686 1687### on<sup>12+</sup> 1688 1689on(type: 'switched', callback: Callback<OsAccountSwitchEventData>): void 1690 1691Subscribes to the end of a switchover between a foreground system account and a background system account. This API uses an asynchronous callback to return the result. 1692 1693**System API**: This is a system API. 1694 1695**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1696 1697**System capability**: SystemCapability.Account.OsAccount 1698 1699**Parameters** 1700 1701| Name | Type | Mandatory| Description | 1702| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1703| type | 'switched' | Yes | Event type. The value **switched** indicates that the switchover between a foreground system account and a background system account is complete.| 1704| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | Yes | Callback used to return the system account IDs before and after the switchover. | 1705 1706**Error codes** 1707 1708| ID| Error Message | 1709| -------- | ------------- | 1710| 201 | Permission denied.| 1711| 202 | Not system application.| 1712| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1713| 12300001 | The system service works abnormally. | 1714| 12300002 | Invalid type. | 1715 1716**Example** 1717 1718 ```ts 1719 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1720 function onSwitchedCallback(eventData: osAccount.OsAccountSwitchEventData){ 1721 console.log('receive eventData:' + JSON.stringify(eventData)); 1722 } 1723 try { 1724 accountManager.on('switched', onSwitchedCallback); 1725 } catch (e) { 1726 console.error('receive eventData exception: ' + JSON.stringify(e)); 1727 } 1728 ``` 1729 1730### off<sup>12+</sup> 1731 1732off(type: 'switched', callback?: Callback<OsAccountSwitchEventData>): void 1733 1734Unsubscribes from the end of a switchover between a foreground system account and a background system account. This API uses an asynchronous callback to return the result. 1735 1736**System API**: This is a system API. 1737 1738**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1739 1740**System capability**: SystemCapability.Account.OsAccount 1741 1742**Parameters** 1743 1744| Name | Type | Mandatory| Description | 1745| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 1746| type | 'switched' | Yes | Event type. The value **switched** indicates that the switchover between a foreground system account and a background system account is complete.| 1747| callback | Callback<[OsAccountSwitchEventData](#osaccountswitcheventdata12)> | No | Callback to unregister. By default, this parameter is left empty, which unregisters all callbacks for the **switched** event. | 1748 1749**Error codes** 1750 1751| ID| Error Message | 1752| -------- | ------------- | 1753| 201 | Permission denied.| 1754| 202 | Not system application.| 1755| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1756| 12300001 | The system service works abnormally. | 1757| 12300002 | Invalid type. | 1758 1759**Example** 1760 1761 ```ts 1762 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1763 try { 1764 accountManager.off('switched'); 1765 } catch (e) { 1766 console.error('off exception: ' + JSON.stringify(e)); 1767 } 1768 ``` 1769 1770### getBundleIdForUid<sup>9+</sup> 1771 1772getBundleIdForUid(uid: number, callback: AsyncCallback<number>): void 1773 1774Obtains the bundle ID based on the UID. This API uses an asynchronous callback to return the result. 1775 1776**System API**: This is a system API. 1777 1778**System capability**: SystemCapability.Account.OsAccount 1779 1780**Parameters** 1781 1782| Name | Type | Mandatory| Description | 1783| -------- | --------------------------- | ---- | ------------------------------------------------------------------------ | 1784| uid | number | Yes | Process UID. | 1785| callback | AsyncCallback<number> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the bundle ID obtained. Otherwise, **data** is an error object.| 1786 1787**Error codes** 1788 1789| ID| Error Message | 1790| -------- | ------------- | 1791| 202 | Not system application.| 1792| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1793| 12300001 | The system service works abnormally. | 1794| 12300002 | Invalid uid. | 1795 1796**Example** 1797 1798 ```ts 1799 import { BusinessError } from '@kit.BasicServicesKit'; 1800 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1801 let testUid: number = 1000000; 1802 try { 1803 accountManager.getBundleIdForUid(testUid, (err: BusinessError, bundleId: number) => { 1804 if (err) { 1805 console.error('getBundleIdForUid errInfo:' + JSON.stringify(err)); 1806 } else { 1807 console.info('getBundleIdForUid bundleId:' + JSON.stringify(bundleId)); 1808 } 1809 }); 1810 } catch (e) { 1811 console.error('getBundleIdForUid exception: ' + JSON.stringify(e)); 1812 } 1813 ``` 1814 1815### getBundleIdForUid<sup>9+</sup> 1816 1817getBundleIdForUid(uid: number): Promise<number> 1818 1819Obtains the bundle ID based on the UID. This API uses a promise to return the result. 1820 1821**System API**: This is a system API. 1822 1823**System capability**: SystemCapability.Account.OsAccount 1824 1825**Parameters** 1826 1827| Name | Type | Mandatory| Description | 1828| ------- | ------ | ---- | ------------ | 1829| uid | number | Yes | Process UID.| 1830 1831**Return value** 1832 1833| Type | Description | 1834| --------------------- | ------------------------------------ | 1835| Promise<number> | Promise used to return the bundle ID obtained.| 1836 1837**Error codes** 1838 1839| ID| Error Message | 1840| -------- | ------------- | 1841| 202 | Not system application.| 1842| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1843| 12300001 | The system service works abnormally. | 1844| 12300002 | Invalid uid. | 1845 1846**Example** 1847 1848 ```ts 1849 import { BusinessError } from '@kit.BasicServicesKit'; 1850 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1851 let testUid: number = 1000000; 1852 try { 1853 accountManager.getBundleIdForUid(testUid).then((result: number) => { 1854 console.info('getBundleIdForUid bundleId:' + JSON.stringify(result)); 1855 }).catch((err: BusinessError) => { 1856 console.error('getBundleIdForUid errInfo:' + JSON.stringify(err)); 1857 }); 1858 } catch (e) { 1859 console.error('getBundleIdForUid exception: ' + JSON.stringify(e)); 1860 } 1861 ``` 1862 1863### getBundleIdForUidSync<sup>10+</sup> 1864 1865getBundleIdForUidSync(uid: number): number 1866 1867Obtains the bundle ID based on the specified UID. The API returns the result synchronously. 1868 1869**System API**: This is a system API. 1870 1871**System capability**: SystemCapability.Account.OsAccount 1872 1873**Parameters** 1874 1875| Name | Type | Mandatory| Description | 1876| ------- | ------ | ---- | ------------ | 1877| uid | number | Yes | Process UID.| 1878 1879**Return value** 1880 1881| Type | Description | 1882| ------ | ------------------------ | 1883| number | Bundle ID obtained.| 1884 1885**Error codes** 1886 1887| ID| Error Message | 1888| -------- | ------------- | 1889| 202 | Not system application.| 1890| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1891| 12300002 | Invalid uid. | 1892 1893**Example** 1894 1895 ```ts 1896 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1897 let testUid: number = 1000000; 1898 try { 1899 let bundleId : number = accountManager.getBundleIdForUidSync(testUid); 1900 console.info('getBundleIdForUidSync bundleId:' + bundleId); 1901 } catch (e) { 1902 console.error('getBundleIdForUidSync exception: ' + JSON.stringify(e)); 1903 } 1904 ``` 1905 1906### isMainOsAccount<sup>9+</sup> 1907 1908isMainOsAccount(callback: AsyncCallback<boolean>): void 1909 1910Checks whether the current process belongs to the main system account. This API uses an asynchronous callback to return the result. 1911 1912**System API**: This is a system API. 1913 1914**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1915 1916**System capability**: SystemCapability.Account.OsAccount 1917 1918**Parameters** 1919 1920| Name | Type | Mandatory| Description | 1921| -------- | ---------------------------- | ---- | ----------------------------------------------------------------- | 1922| callback | AsyncCallback<boolean> | Yes | Callback used to return the result. If **true** is returned, the current process belongs to the main system account. If **false** is returned, the current process does not belong to the main system account.| 1923 1924**Error codes** 1925 1926| ID| Error Message | 1927| -------- | ------------- | 1928| 201 | Permission denied.| 1929| 202 | Not system application.| 1930| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 1931| 12300001 | The system service works abnormally. | 1932 1933**Example** 1934 1935 ```ts 1936 import { BusinessError } from '@kit.BasicServicesKit'; 1937 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1938 try { 1939 accountManager.isMainOsAccount((err: BusinessError,result: boolean)=>{ 1940 if (err) { 1941 console.error('isMainOsAccount errInfo:' + JSON.stringify(err)); 1942 } else { 1943 console.info('isMainOsAccount result:' + JSON.stringify(result)); 1944 } 1945 }); 1946 } catch (e) { 1947 console.error('isMainOsAccount exception: ' + JSON.stringify(e)); 1948 } 1949 ``` 1950 1951### isMainOsAccount<sup>9+</sup> 1952 1953isMainOsAccount(): Promise<boolean>; 1954 1955Checks whether the current process belongs to the main system account. This API uses a promise to return the result. 1956 1957**System API**: This is a system API. 1958 1959**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 1960 1961**System capability**: SystemCapability.Account.OsAccount 1962 1963**Return value** 1964 1965| Type | Description | 1966| ---------------------- | --------------------------------------------------------------------- | 1967| Promise<boolean> | Promise used to return the result. If **true** is returned, the current process belongs to the main system account. If **false** is returned, the current process does not belong to the main system account.| 1968 1969**Error codes** 1970 1971| ID| Error Message | 1972| -------- | ------------- | 1973| 201 | Permission denied.| 1974| 202 | Not system application.| 1975| 12300001 | The system service works abnormally. | 1976 1977**Example** 1978 1979 ```ts 1980 import { BusinessError } from '@kit.BasicServicesKit'; 1981 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 1982 try { 1983 accountManager.isMainOsAccount().then((result: boolean) => { 1984 console.info('isMainOsAccount result:' + JSON.stringify(result)); 1985 }).catch((err: BusinessError) => { 1986 console.error('isMainOsAccount errInfo:' + JSON.stringify(err)); 1987 }); 1988 } catch (e) { 1989 console.error('isMainOsAccount exception: ' + JSON.stringify(e)); 1990 } 1991 ``` 1992 1993### getOsAccountConstraintSourceTypes<sup>9+</sup> 1994 1995getOsAccountConstraintSourceTypes(localId: number, constraint: string, callback: AsyncCallback<Array<ConstraintSourceTypeInfo>>): void 1996 1997Obtains the constraint source information of a system account. This API uses an asynchronous callback to return the result. 1998 1999**System API**: This is a system API. 2000 2001**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 2002 2003**System capability**: SystemCapability.Account.OsAccount 2004 2005**Parameters** 2006 2007| Name | Type | Mandatory| Description | 2008| -------- | -------------------------- | ---- | ------------------------------------------------------------ | 2009| localId | number | Yes | ID of the target system account.| 2010| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) whose source information is to be obtained.| 2011| callback | AsyncCallback<Array<[ConstraintSourceTypeInfo](#constraintsourcetypeinfo9)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the [constraint](js-apis-osAccount.md#constraints) source information obtained. Otherwise, **err** is an error object. | 2012 2013**Error codes** 2014 2015| ID| Error Message | 2016| -------- | ------------- | 2017| 201 | Permission denied.| 2018| 202 | Not system application.| 2019| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2020| 12300001 | The system service works abnormally. | 2021| 12300002 | Invalid name or constraint. | 2022| 12300003 | Account not found. | 2023 2024**Example** 2025 2026 ```ts 2027 import { BusinessError } from '@kit.BasicServicesKit'; 2028 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 2029 try { 2030 accountManager.getOsAccountConstraintSourceTypes(100, 'constraint.wifi', 2031 (err: BusinessError,sourceTypeInfos: osAccount.ConstraintSourceTypeInfo[])=>{ 2032 if (err) { 2033 console.error('getOsAccountConstraintSourceTypes errInfo:' + JSON.stringify(err)); 2034 } else { 2035 console.info('getOsAccountConstraintSourceTypes sourceTypeInfos:' + JSON.stringify(sourceTypeInfos)); 2036 } 2037 }); 2038 } catch (e) { 2039 console.error('getOsAccountConstraintSourceTypes exception: ' + JSON.stringify(e)); 2040 } 2041 ``` 2042 2043### getOsAccountConstraintSourceTypes<sup>9+</sup> 2044 2045getOsAccountConstraintSourceTypes(localId: number, constraint: string): Promise<Array<ConstraintSourceTypeInfo>>; 2046 2047Obtains the constraint source information of a system account. This API uses a promise to return the result. 2048 2049**System API**: This is a system API. 2050 2051**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 2052 2053**System capability**: SystemCapability.Account.OsAccount 2054 2055**Parameters** 2056 2057| Name | Type | Mandatory| Description | 2058| ------- | ------ | ---- | ------------ | 2059| localId | number | Yes | ID of the target system account.| 2060| constraint | string | Yes | [Constraint](js-apis-osAccount.md#constraints) whose source information is to be obtained.| 2061 2062**Return value** 2063 2064| Type | Description | 2065| --------------------- | ------------------------------------------------------------ | 2066| Promise<Array<[ConstraintSourceTypeInfo](#constraintsourcetypeinfo9)>> | Promise used to return the source information of the specified [constraint](js-apis-osAccount.md#constraints).| 2067 2068**Error codes** 2069 2070| ID| Error Message | 2071| -------- | ------------- | 2072| 201 | Permission denied.| 2073| 202 | Not system application.| 2074| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2075| 12300001 | The system service works abnormally. | 2076| 12300002 | Invalid name or constraint. | 2077| 12300003 | Account not found. | 2078 2079**Example** 2080 2081 ```ts 2082 import { BusinessError } from '@kit.BasicServicesKit'; 2083 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 2084 try { 2085 accountManager.getOsAccountConstraintSourceTypes(100, 'constraint.wifi').then( 2086 (result: osAccount.ConstraintSourceTypeInfo[]) => { 2087 console.info('getOsAccountConstraintSourceTypes sourceTypeInfos:' + JSON.stringify(result)); 2088 }).catch((err: BusinessError) => { 2089 console.error('getOsAccountConstraintSourceTypes errInfo:' + JSON.stringify(err)); 2090 }); 2091 } catch (e) { 2092 console.error('getOsAccountConstraintSourceTypes exception: ' + JSON.stringify(e)); 2093 } 2094 ``` 2095 2096### getOsAccountType<sup>12+</sup> 2097 2098getOsAccountType(localId: number): Promise<OsAccountType>; 2099 2100Obtains the type of a system account. This API uses a promise to return the result. 2101 2102**System API**: This is a system API. 2103 2104**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 2105 2106**System capability**: SystemCapability.Account.OsAccount 2107 2108**Parameters** 2109 2110| Name | Type | Mandatory| Description | 2111| ------- | ------ | ---- | ------------ | 2112| localId | number | Yes | ID of the target system account.| 2113 2114**Return value** 2115 2116| Type | Description | 2117| --------------------- | ------------------------------------------------------------ | 2118| Promise<[OsAccountType](js-apis-osAccount.md#osaccounttype)> | Promise used to return the type of the system account obtained.| 2119 2120**Error codes** 2121 2122| ID| Error Message | 2123| -------- | ------------- | 2124| 201 | Permission denied.| 2125| 202 | Not system application.| 2126| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2127| 12300001 | The system service works abnormally. | 2128| 12300003 | Account not found. | 2129 2130**Example** 2131 2132 ```ts 2133 import { BusinessError } from '@kit.BasicServicesKit'; 2134 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 2135 try { 2136 let localId: number = 100; 2137 accountManager.getOsAccountType(localId).then((type: osAccount.OsAccountType) => { 2138 console.info('getOsAccountType Type:' + type); 2139 }).catch((err: BusinessError) => { 2140 console.error('getOsAccountType errInfo:' + JSON.stringify(err)); 2141 }); 2142 } catch (e) { 2143 console.error('getOsAccountType exception: ' + JSON.stringify(e)); 2144 } 2145 ``` 2146 2147### bindDomainAccount<sup>20+</sup> 2148 2149bindDomainAccount(localId: number, domainAccountInfo: DomainAccountInfo): Promise<void> 2150 2151Binds a domain account to a system account. This API uses a promise to return the result. 2152 2153**System API**: This is a system API. 2154 2155**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 2156 2157**System capability**: SystemCapability.Account.OsAccount 2158 2159**Parameters** 2160 2161| Name | Type | Mandatory| Description | 2162| ------- | ------ | ---- | ------------ | 2163| localId | number | Yes | ID of the target system account.| 2164| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. | 2165 2166**Return value** 2167 2168| Type | Description | 2169| --------------------- | ------------------------------------------------------------ | 2170| Promise<void> | Promise that returns no value.| 2171 2172**Error codes** 2173 2174For details about the error codes, see [Universal Error Codes](../errorcode-universal.md) and [Account Management Error Codes](./errorcode-account.md). 2175 2176| ID| Error Message | 2177| -------- | ------------- | 2178| 201 | Permission denied.| 2179| 202 | Not system application.| 2180| 801 | Capability not supported.| 2181| 12300001 | The system service works abnormally. | 2182| 12300002 | Invalid domain account information. | 2183| 12300003 | The OS account not found. | 2184| 12300008 | Restricted OS account. Possible causes: The OS account cannot be bound. | 2185| 12300010 | Service busy. Possible causes: The target OS account or domain account is being operated. | 2186| 12300021 | The OS account is already bound. | 2187| 12300022 | The domain account is already bound. | 2188 2189**Example** 2190 2191 ```ts 2192 import { BusinessError } from '@kit.BasicServicesKit'; 2193 let accountManager: osAccount.AccountManager = osAccount.getAccountManager(); 2194 try { 2195 let localId: number = 100; 2196 let domainInfo: osAccount.DomainAccountInfo = 2197 {domain: 'testDomain', accountName: 'testAccountName'}; 2198 accountManager.bindDomainAccount(localId, domainInfo).then(() => { 2199 console.info('bindDomainAccount success.'); 2200 }).catch((error: BusinessError) => { 2201 console.error(`bindDomainAccount failed, errCode=${error.code}, errMsg=${error.message}`); 2202 }); 2203 } catch (e) { 2204 let error = e as BusinessError; 2205 console.error(`bindDomainAccount error, errCode=${error.code}, errMsg=${error.message}`); 2206 } 2207 ``` 2208 2209## UserAuth<sup>8+</sup> 2210 2211Provides APIs for user authentication. 2212 2213**System API**: This is a system API. 2214 2215### constructor<sup>8+</sup> 2216 2217 2218 2219A constructor used to create an instance for user authentication. 2220 2221**System API**: This is a system API. 2222 2223**System capability**: SystemCapability.Account.OsAccount 2224 2225**Error codes** 2226 2227| ID| Error Message | 2228| -------- | ------------- | 2229| 202 | Not system application.| 2230 2231**Example** 2232 ```ts 2233 let userAuth = new osAccount.UserAuth(); 2234 ``` 2235 2236### getVersion<sup>8+</sup> 2237 2238getVersion(): number; 2239 2240Obtains version information. 2241 2242**System API**: This is a system API. 2243 2244**System capability**: SystemCapability.Account.OsAccount 2245 2246**Return value** 2247 2248| Type | Description | 2249| :----- | :----------- | 2250| number | Version information obtained.| 2251 2252**Error codes** 2253 2254| ID| Error Message | 2255| -------- | ------------- | 2256| 202 | Not system application.| 2257 2258**Example** 2259 ```ts 2260 let userAuth = new osAccount.UserAuth(); 2261 let version: number = userAuth.getVersion(); 2262 console.log('getVersion version = ' + version); 2263 ``` 2264 2265### getAvailableStatus<sup>8+</sup> 2266 2267getAvailableStatus(authType: AuthType, authTrustLevel: AuthTrustLevel): number; 2268 2269Obtains the available status of the authentication capability corresponding to the specified authentication type and trust level. 2270 2271**System API**: This is a system API. 2272 2273**System capability**: SystemCapability.Account.OsAccount 2274 2275**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2276 2277**Parameters** 2278 2279| Name | Type | Mandatory| Description | 2280| --------------- | -----------------------------------| ---- | ------------------------- | 2281| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 2282| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication.| 2283 2284**Return value** 2285 2286| Type | Description | 2287| ------ | ----------------------------- | 2288| number | Available status of the authentication capability.| 2289 2290**Error codes** 2291 2292| ID| Error Message | 2293| -------- | --------------------------- | 2294| 201 | Permission denied.| 2295| 202 | Not system application.| 2296| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2297| 12300001 | The system service works abnormally. | 2298| 12300002 | Invalid authType or authTrustLevel. | 2299 2300**Example** 2301 ```ts 2302 let userAuth = new osAccount.UserAuth(); 2303 let authType: osAccount.AuthType = osAccount.AuthType.PIN; 2304 let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1; 2305 try { 2306 let status: number = userAuth.getAvailableStatus(authType, authTrustLevel); 2307 console.log('getAvailableStatus status = ' + status); 2308 } catch (e) { 2309 console.error('getAvailableStatus exception = ' + JSON.stringify(e)); 2310 } 2311 ``` 2312 2313### getProperty<sup>8+</sup> 2314 2315getProperty(request: GetPropertyRequest, callback: AsyncCallback<ExecutorProperty>): void 2316 2317Obtains the executor property based on the request. This API uses an asynchronous callback to return the result. 2318 2319**System API**: This is a system API. 2320 2321**System capability**: SystemCapability.Account.OsAccount 2322 2323**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2324 2325**Parameters** 2326 2327| Name | Type | Mandatory| Description | 2328| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------ | 2329| request | [GetPropertyRequest](#getpropertyrequest8) | Yes | Request information, including the authentication credential type and property list.| 2330| callback | AsyncCallback<[ExecutorProperty](#executorproperty8)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the executor property information obtained. Otherwise, **err** is an error object.| 2331 2332**Error codes** 2333 2334| ID| Error Message | 2335| -------- | --------------------------- | 2336| 201 | Permission denied.| 2337| 202 | Not system application.| 2338| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2339| 12300001 | The system service works abnormally. | 2340| 12300002 | Invalid request. | 2341| 12300003 | Account not found. | 2342 2343**Example** 2344 ```ts 2345 import { BusinessError } from '@kit.BasicServicesKit'; 2346 let userAuth = new osAccount.UserAuth(); 2347 let keys: Array<osAccount.GetPropertyType> = [ 2348 osAccount.GetPropertyType.AUTH_SUB_TYPE, 2349 osAccount.GetPropertyType.REMAIN_TIMES, 2350 osAccount.GetPropertyType.FREEZING_TIME 2351 ]; 2352 let request: osAccount.GetPropertyRequest = { 2353 authType: osAccount.AuthType.PIN, 2354 keys: keys 2355 }; 2356 try { 2357 userAuth.getProperty(request, (err: BusinessError, result: osAccount.ExecutorProperty) => { 2358 if (err) { 2359 console.error('getProperty exception = ' + JSON.stringify(err)); 2360 } else { 2361 console.log('getProperty result = ' + JSON.stringify(result)); 2362 } 2363 }); 2364 } catch (e) { 2365 console.error('getProperty exception = ' + JSON.stringify(e)); 2366 } 2367 ``` 2368 2369### getProperty<sup>8+</sup> 2370 2371getProperty(request: GetPropertyRequest): Promise<ExecutorProperty>; 2372 2373Obtains the executor property based on the request. This API uses a promise to return the result. 2374 2375**System API**: This is a system API. 2376 2377**System capability**: SystemCapability.Account.OsAccount 2378 2379**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2380 2381**Parameters** 2382 2383| Name | Type | Mandatory| Description | 2384| -------- | ------------------------------------------------------ | ---- | ---------------------------------- | 2385| request | [GetPropertyRequest](#getpropertyrequest8) | Yes | Request information, including the authentication credential type and property list.| 2386 2387**Return value** 2388 2389| Type | Description | 2390| :---------------------------------------------------------------- | :-------------------------------------------------- | 2391| Promise<[ExecutorProperty](#executorproperty8)> | Promise used to return the executor property.| 2392 2393**Error codes** 2394 2395| ID| Error Message | 2396| -------- | --------------------------- | 2397| 201 | Permission denied.| 2398| 202 | Not system application.| 2399| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2400| 12300001 | The system service works abnormally. | 2401| 12300002 | Invalid request. | 2402| 12300003 | Account not found. | 2403 2404**Example** 2405 ```ts 2406 import { BusinessError } from '@kit.BasicServicesKit'; 2407 let userAuth = new osAccount.UserAuth(); 2408 let keys: Array<osAccount.GetPropertyType> = [ 2409 osAccount.GetPropertyType.AUTH_SUB_TYPE, 2410 osAccount.GetPropertyType.REMAIN_TIMES, 2411 osAccount.GetPropertyType.FREEZING_TIME 2412 ]; 2413 let request: osAccount.GetPropertyRequest = { 2414 authType: osAccount.AuthType.PIN, 2415 keys: keys 2416 }; 2417 try { 2418 userAuth.getProperty(request).then((result: osAccount.ExecutorProperty) => { 2419 console.log('getProperty result = ' + JSON.stringify(result)); 2420 }).catch((err: BusinessError) => { 2421 console.error('getProperty error = ' + JSON.stringify(err)); 2422 }); 2423 } catch (e) { 2424 console.error('getProperty exception = ' + JSON.stringify(e)); 2425 } 2426 ``` 2427 2428### getPropertyByCredentialId<sup>14+</sup> 2429 2430getPropertyByCredentialId(credentialId: Uint8Array, keys: Array<GetPropertyType>): Promise<ExecutorProperty>; 2431 2432Obtains the specified property information of the associated executor based on the credential ID. This API uses a promise to return the result. 2433 2434**System API**: This is a system API. 2435 2436**System capability**: SystemCapability.Account.OsAccount 2437 2438**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2439 2440**Parameters** 2441 2442| Name | Type | Mandatory| Description | 2443| -------- | ------------------------------------------------------ | ---- | ---------------------------------- | 2444| credentialId | Uint8Array | Yes | Credential ID.| 2445| keys | Array<[GetPropertyType](#getpropertytype8)> | Yes | Property type array to be queried.| 2446 2447**Return value** 2448 2449| Type | Description | 2450| :---------------------------------------------------------------- | :-------------------------------------------------- | 2451| Promise<[ExecutorProperty](#executorproperty8)> | Promise used to return the executor attributes.| 2452 2453**Error codes** 2454 2455| ID| Error Message | 2456| -------- | --------------------------- | 2457| 201 | Permission denied.| 2458| 202 | Not system application.| 2459| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2460| 12300001 | The system service works abnormally. | 2461| 12300002 | Invalid keys. | 2462| 12300102 | The credential does not exist. | 2463 2464**Example** 2465 ```ts 2466 import { BusinessError } from '@kit.BasicServicesKit'; 2467 let userIDM = new osAccount.UserIdentityManager(); 2468 let credInfo: osAccount.EnrolledCredInfo[] = []; 2469 async function getProperty() { 2470 try { 2471 credInfo = await userIDM.getAuthInfo(osAccount.AuthType.PRIVATE_PIN); 2472 } catch (e) { 2473 console.error('getAuthInfo exception = ' + JSON.stringify(e)); 2474 return; 2475 } 2476 if (credInfo.length == 0) { 2477 console.log('no credential infos'); 2478 return; 2479 } 2480 let testCredentialId: Uint8Array = credInfo[0].credentialId; 2481 let keys: Array<osAccount.GetPropertyType> = [ 2482 osAccount.GetPropertyType.AUTH_SUB_TYPE, 2483 osAccount.GetPropertyType.REMAIN_TIMES, 2484 osAccount.GetPropertyType.FREEZING_TIME 2485 ]; 2486 try { 2487 let userAuth = new osAccount.UserAuth(); 2488 userAuth.getPropertyByCredentialId(testCredentialId, keys).then((result: osAccount.ExecutorProperty) => { 2489 console.log('getPropertyByCredentialId result = ' + JSON.stringify(result)); 2490 }).catch((err: BusinessError) => { 2491 console.error('getPropertyByCredentialId error = ' + JSON.stringify(err)); 2492 }); 2493 } catch (e) { 2494 console.error('getPropertyByCredentialId exception = ' + JSON.stringify(e)); 2495 } 2496 } 2497 ``` 2498 2499### setProperty<sup>8+</sup> 2500 2501setProperty(request: SetPropertyRequest, callback: AsyncCallback<void>): void 2502 2503Sets the property for the initialization algorithm. This API uses an asynchronous callback to return the result. 2504 2505**System API**: This is a system API. 2506 2507**System capability**: SystemCapability.Account.OsAccount 2508 2509**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2510 2511**Parameters** 2512 2513| Name | Type | Mandatory| Description | 2514| -------- | ----------------------------------------------------- | ---- | ---------------------------------------------------------------------- | 2515| request | [SetPropertyRequest](#setpropertyrequest8)| Yes | Request information, including the authentication credential type and the key value to set. | 2516| callback | AsyncCallback<void> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 2517 2518**Error codes** 2519 2520| ID| Error Message | 2521| -------- | --------------------------- | 2522| 201 | Permission denied.| 2523| 202 | Not system application.| 2524| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2525| 12300001 | The system service works abnormally. | 2526| 12300002 | Invalid request. | 2527 2528**Example** 2529 ```ts 2530 import { BusinessError } from '@kit.BasicServicesKit'; 2531 let userAuth = new osAccount.UserAuth(); 2532 let request: osAccount.SetPropertyRequest = { 2533 authType: osAccount.AuthType.PIN, 2534 key: osAccount.SetPropertyType.INIT_ALGORITHM, 2535 setInfo: new Uint8Array([0]) 2536 }; 2537 try { 2538 userAuth.setProperty(request, (err: BusinessError) => { 2539 if (err) { 2540 console.error('setProperty failed, error = ' + JSON.stringify(err)); 2541 } else { 2542 console.log('setProperty successfully'); 2543 } 2544 }); 2545 } catch (e) { 2546 console.error('setProperty exception = ' + JSON.stringify(e)); 2547 } 2548 ``` 2549 2550### setProperty<sup>8+</sup> 2551 2552setProperty(request: SetPropertyRequest): Promise<void>; 2553 2554Sets the property for the initialization algorithm. This API uses a promise to return the result. 2555 2556**System API**: This is a system API. 2557 2558**System capability**: SystemCapability.Account.OsAccount 2559 2560**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2561 2562**Parameters** 2563 2564| Name | Type | Mandatory| Description | 2565| -------- | ------------------------------------------ | ---- | ---------------------------------------- | 2566| request | [SetPropertyRequest](#setpropertyrequest8) | Yes | Request information, including the authentication credential type and the key value to set.| 2567 2568**Return value** 2569 2570| Type | Description | 2571| :-------------------- | :------------------------------------------------------------ | 2572| Promise<void> | Promise that returns no value.| 2573 2574**Error codes** 2575 2576| ID| Error Message | 2577| -------- | --------------------------- | 2578| 201 | Permission denied.| 2579| 202 | Not system application.| 2580| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2581| 12300001 | The system service works abnormally. | 2582| 12300002 | Invalid request. | 2583 2584**Example** 2585 ```ts 2586 import { BusinessError } from '@kit.BasicServicesKit'; 2587 let userAuth = new osAccount.UserAuth(); 2588 let request: osAccount.SetPropertyRequest = { 2589 authType: osAccount.AuthType.PIN, 2590 key: osAccount.SetPropertyType.INIT_ALGORITHM, 2591 setInfo: new Uint8Array([0]) 2592 }; 2593 try { 2594 userAuth.setProperty(request).then(() => { 2595 console.log('setProperty successfully'); 2596 }).catch((err: BusinessError) => { 2597 console.error('setProperty failed, error = ' + JSON.stringify(err)); 2598 }); 2599 } catch (e) { 2600 console.error('setProperty exception = ' + JSON.stringify(e)); 2601 } 2602 ``` 2603 2604### prepareRemoteAuth<sup>12+</sup> 2605 2606prepareRemoteAuth(remoteNetworkId: string): Promise<void>; 2607 2608Prepares for remote authentication. This API uses a promise to return the result. 2609 2610**System API**: This is a system API. 2611 2612**System capability**: SystemCapability.Account.OsAccount 2613 2614**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2615 2616**Parameters** 2617 2618| Name | Type | Mandatory| Description | 2619| -------- | ------ | ---- | --------------- | 2620| remoteNetworkId | string | Yes | Remote network ID. | 2621 2622**Return value** 2623 2624| Type | Description | 2625| :-------------------- | :------------------------------------------------------------ | 2626| Promise<void> | Promise that returns no value.| 2627 2628**Error codes** 2629 2630| ID| Error Message | 2631| -------- | --------------------------- | 2632| 201 | Permission denied.| 2633| 202 | Not system application.| 2634| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2635| 12300001 | System service exception. | 2636| 12300002 | Invalid remoteNetworkId. | 2637| 12300090 | Cross-device capability not supported. | 2638| 12300091 | Cross-device communication failed. | 2639| 12300111 | Operation timeout. | 2640 2641**Example** 2642 ```ts 2643 import { distributedDeviceManager } from '@kit.DistributedServiceKit'; 2644 import { BusinessError } from '@kit.BasicServicesKit'; 2645 2646 let userAuth = new osAccount.UserAuth(); 2647 let distributedDeviceMgr = distributedDeviceManager.createDeviceManager("com.example.bundleName"); 2648 distributedDeviceMgr.getAvailableDeviceList().then((data: Array<distributedDeviceManager.DeviceBasicInfo>) => { 2649 try { 2650 if (data.length > 0 && data[0].networkId != null) { 2651 userAuth.prepareRemoteAuth(data[0].networkId).then(() => { 2652 console.log('prepareRemoteAuth successfully'); 2653 }).catch((err: BusinessError) => { 2654 console.error('prepareRemoteAuth failed, error = ' + JSON.stringify(err)); 2655 }); 2656 } 2657 } catch (e) { 2658 console.error('prepareRemoteAuth exception = ' + JSON.stringify(e)); 2659 } 2660 } 2661 ) 2662 ``` 2663 2664### auth<sup>8+</sup> 2665 2666auth(challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): Uint8Array; 2667 2668Performs authentication of the current user. This API uses an asynchronous callback to return the result. 2669 2670**System API**: This is a system API. 2671 2672**System capability**: SystemCapability.Account.OsAccount 2673 2674**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2675 2676**Parameters** 2677 2678| Name | Type | Mandatory| Description | 2679| --------------- | ---------------------------------------- | --- | ------------------------------------ | 2680| challenge | Uint8Array | Yes | Challenge value, which is a random number used to improve security.| 2681| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 2682| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. | 2683| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. | 2684 2685**Return value** 2686 2687| Type | Description | 2688| ---------- | ------------------ | 2689| Uint8Array | ID of the context for canceling the authentication.| 2690 2691**Error codes** 2692 2693| ID| Error Message | 2694| -------- | --------------------- | 2695| 201 | Permission denied.| 2696| 202 | Not system application.| 2697| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2698| 12300001 | The system service works abnormally. | 2699| 12300002 | Invalid challenge, authType or authTrustLevel. | 2700| 12300013 | Network exception. | 2701| 12300020 | Device hardware abnormal. | 2702| 12300090 | Cross-device capability not supported. | 2703| 12300091 | Cross-device communication failed. | 2704| 12300101 | The credential is incorrect. | 2705| 12300102 | The credential does not exist. | 2706| 12300105 | The trust level is not supported. | 2707| 12300106 | The authentication type is not supported. | 2708| 12300109 | The authentication, enrollment, or update operation is canceled. | 2709| 12300110 | The authentication is locked. | 2710| 12300111 | The authentication time out. | 2711| 12300112 | The authentication service is busy. | 2712| 12300113 | The authentication service does not exist. | 2713| 12300114 | The authentication service works abnormally. | 2714| 12300117 | PIN is expired. | 2715| 12300119 | Multi-factor authentication failed. | 2716| 12300211 | Server unreachable. | 2717 2718**Example** 2719 ```ts 2720 let userAuth = new osAccount.UserAuth(); 2721 let challenge: Uint8Array = new Uint8Array([0]); 2722 let authType: osAccount.AuthType = osAccount.AuthType.PIN; 2723 let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1; 2724 try { 2725 userAuth.auth(challenge, authType, authTrustLevel, { 2726 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 2727 console.log('auth result = ' + result); 2728 console.log('auth extraInfo = ' + JSON.stringify(extraInfo)); 2729 } 2730 }); 2731 } catch (e) { 2732 console.error('auth exception = ' + JSON.stringify(e)); 2733 } 2734 ``` 2735 2736### auth<sup>12+</sup> 2737 2738auth(challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, options: AuthOptions, callback: IUserAuthCallback): Uint8Array 2739 2740Starts user authentication based on the specified challenge value, authentication type (PIN, facial, or fingerprint authentication), authentication trust level, and optional parameters (such as the account ID and authentication intent). This API uses an asynchronous callback to return the result. 2741 2742**System API**: This is a system API. 2743 2744**System capability**: SystemCapability.Account.OsAccount 2745 2746**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2747 2748**Parameters** 2749 2750| Name | Type | Mandatory| Description | 2751| --------------- | ---------------------------------------- | --- | ------------------------------------ | 2752| challenge | Uint8Array | Yes | Challenge value, which is a random number used to prevent replay attacks and improve security.| 2753| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 2754| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. | 2755| options | [AuthOptions](#authoptions12) | Yes| Optional parameters for the authentication.| 2756| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. | 2757 2758**Return value** 2759 2760| Type | Description | 2761| ---------- | ------------------ | 2762| Uint8Array | ID of the context for canceling the authentication.| 2763 2764**Error codes** 2765 2766| ID| Error Message | 2767| -------- | --------------------- | 2768| 201 | Permission denied.| 2769| 202 | Not system application.| 2770| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2771| 12300001 | The system service works abnormally. | 2772| 12300002 | Invalid challenge, authType, authTrustLevel or options. | 2773| 12300003 | Account not found. | 2774| 12300013 | Network exception. | 2775| 12300020 | Device hardware abnormal. | 2776| 12300090 | Cross-device capability not supported. | 2777| 12300091 | Cross-device communication failed. | 2778| 12300101 | The credential is incorrect. | 2779| 12300102 | The credential does not exist. | 2780| 12300105 | The trust level is not supported. | 2781| 12300106 | The authentication type is not supported. | 2782| 12300109 | The authentication, enrollment, or update operation is canceled. | 2783| 12300110 | The authentication is locked. | 2784| 12300111 | The authentication time out. | 2785| 12300112 | The authentication service is busy. | 2786| 12300113 | The authentication service does not exist. | 2787| 12300114 | The authentication service works abnormally. | 2788| 12300117 | PIN is expired. | 2789| 12300119 | Multi-factor authentication failed. | 2790| 12300211 | Server unreachable. | 2791 2792**Example** 2793 ```ts 2794 let userAuth = new osAccount.UserAuth(); 2795 let challenge: Uint8Array = new Uint8Array([0]); 2796 let authType: osAccount.AuthType = osAccount.AuthType.PIN; 2797 let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1; 2798 let options: osAccount.AuthOptions = { 2799 accountId: 100 2800 }; 2801 try { 2802 userAuth.auth(challenge, authType, authTrustLevel, options, { 2803 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 2804 console.log('auth result = ' + result); 2805 console.log('auth extraInfo = ' + JSON.stringify(extraInfo)); 2806 } 2807 }); 2808 } catch (e) { 2809 console.error('auth exception = ' + JSON.stringify(e)); 2810 } 2811 ``` 2812 2813### authUser<sup>8+</sup> 2814 2815authUser(userId: number, challenge: Uint8Array, authType: AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): Uint8Array; 2816 2817Performs authentication of the specified user. This API uses an asynchronous callback to return the result. 2818 2819**System API**: This is a system API. 2820 2821**System capability**: SystemCapability.Account.OsAccount 2822 2823**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2824 2825**Parameters** 2826 2827| Name | Type | Mandatory| Description | 2828| --------------- | ---------------------------------------------------- | --- | ------------------------------------ | 2829| userId | number | Yes | User ID. | 2830| challenge | Uint8Array | Yes | Challenge value, which is a random number used to improve security. | 2831| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 2832| authTrustLevel | [AuthTrustLevel](#authtrustlevel8) | Yes | Trust level of the authentication result. | 2833| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result. | 2834 2835**Return value** 2836 2837| Type | Description | 2838| ---------- | ------------------ | 2839| Uint8Array | ID of the context for canceling the authentication.| 2840 2841**Error codes** 2842 2843| ID| Error Message | 2844| -------- | --------------------- | 2845| 201 | Permission denied.| 2846| 202 | Not system application.| 2847| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2848| 12300001 | The system service works abnormally. | 2849| 12300002 | Invalid challenge, authType or authTrustLevel. | 2850| 12300003 | Account not found. | 2851| 12300013 | Network exception. | 2852| 12300020 | Device hardware abnormal. | 2853| 12300090 | Cross-device capability not supported. | 2854| 12300091 | Cross-device communication failed. | 2855| 12300101 | The credential is incorrect. | 2856| 12300102 | The credential does not exist. | 2857| 12300105 | The trust level is not supported. | 2858| 12300106 | The authentication type is not supported. | 2859| 12300109 | The authentication, enrollment, or update operation is canceled. | 2860| 12300110 | The authentication is locked. | 2861| 12300111 | The authentication time out. | 2862| 12300112 | The authentication service is busy. | 2863| 12300113 | The authentication service does not exist. | 2864| 12300114 | The authentication service works abnormally. | 2865| 12300117 | PIN is expired. | 2866| 12300119 | Multi-factor authentication failed. | 2867| 12300211 | Server unreachable. | 2868 2869**Example** 2870 ```ts 2871 let userAuth = new osAccount.UserAuth(); 2872 let userID: number = 100; 2873 let challenge: Uint8Array = new Uint8Array([0]); 2874 let authType: osAccount.AuthType = osAccount.AuthType.PIN; 2875 let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1; 2876 try { 2877 userAuth.authUser(userID, challenge, authType, authTrustLevel, { 2878 onResult: (result,extraInfo) => { 2879 console.log('authUser result = ' + result); 2880 console.log('authUser extraInfo = ' + JSON.stringify(extraInfo)); 2881 } 2882 }); 2883 } catch (e) { 2884 console.error('authUser exception = ' + JSON.stringify(e)); 2885 } 2886 ``` 2887 2888### cancelAuth<sup>8+</sup> 2889 2890cancelAuth(contextID: Uint8Array): void 2891 2892Cancels an authentication. 2893 2894**System API**: This is a system API. 2895 2896**System capability**: SystemCapability.Account.OsAccount 2897 2898**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 2899 2900**Parameters** 2901 2902| Name | Type | Mandatory | Description | 2903| ----------| ---------- | ---- | ------------------------------------------ | 2904| contextID | Uint8Array | Yes | ID of the authentication context. The context ID is dynamically generated.| 2905 2906**Error codes** 2907 2908| ID| Error Message | 2909| -------- | ------------------ | 2910| 201 | Permission denied.| 2911| 202 | Not system application.| 2912| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2913| 12300001 | The system service works abnormally. | 2914| 12300002 | Invalid contextId. | 2915 2916**Example** 2917 ```ts 2918 let userAuth = new osAccount.UserAuth(); 2919 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 2920 let challenge = new Uint8Array([0]); 2921 let contextId: Uint8Array = userAuth.auth(challenge, osAccount.AuthType.PIN, osAccount.AuthTrustLevel.ATL1, { 2922 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 2923 console.log('auth result = ' + result); 2924 console.log('auth extraInfo = ' + JSON.stringify(extraInfo)); 2925 } 2926 }); 2927 try { 2928 userAuth.cancelAuth(contextId); 2929 } catch (e) { 2930 console.error('cancelAuth exception = ' + JSON.stringify(e)); 2931 } 2932 ``` 2933 2934## PINAuth<sup>8+</sup> 2935 2936Provides APIs for PIN authentication. 2937 2938**System API**: This is a system API. 2939 2940### constructor<sup>8+</sup> 2941 2942 2943 2944Creates a PIN authentication instance. 2945 2946**System API**: This is a system API. 2947 2948**System capability**: SystemCapability.Account.OsAccount 2949 2950**Error codes** 2951 2952| ID| Error Message | 2953| -------- | ------------- | 2954| 202 | Not system application.| 2955 2956**Example** 2957 ```ts 2958 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 2959 ``` 2960 2961### registerInputer<sup>8+</sup> 2962 2963registerInputer(inputer: IInputer): void 2964 2965Registers a PIN inputer. 2966 2967**System API**: This is a system API. 2968 2969**System capability**: SystemCapability.Account.OsAccount 2970 2971**Required permissions**: ohos.permission.ACCESS_PIN_AUTH 2972 2973**Parameters** 2974 2975| Name | Type | Mandatory| Description | 2976| ----------| ----------------------- | --- | -------------------------- | 2977| inputer | [IInputer](#iinputer8) | Yes | PIN inputer, which is used to obtain the PIN.| 2978 2979**Error codes** 2980 2981| ID| Error Message | 2982| -------- | --------------------------- | 2983| 201 | Permission denied.| 2984| 202 | Not system application.| 2985| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 2986| 12300001 | The system service works abnormally. | 2987| 12300002 | Invalid inputer. | 2988| 12300103 | The credential inputer already exists. | 2989 2990**Example** 2991 ```ts 2992 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 2993 let password = new Uint8Array([0, 0, 0, 0, 0]); 2994 try { 2995 pinAuth.registerInputer({ 2996 onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => { 2997 callback.onSetData(authSubType, password); 2998 } 2999 }); 3000 console.log('registerInputer success.'); 3001 } catch (e) { 3002 console.error('registerInputer exception = ' + JSON.stringify(e)); 3003 } 3004 ``` 3005 3006### unregisterInputer<sup>8+</sup> 3007 3008unregisterInputer(): void 3009 3010Unregisters this PIN inputer. 3011 3012**System API**: This is a system API. 3013 3014**System capability**: SystemCapability.Account.OsAccount 3015 3016**Required permissions**: ohos.permission.ACCESS_PIN_AUTH 3017 3018**Error codes** 3019 3020| ID| Error Message | 3021| -------- | --------------------------- | 3022| 201 | Permission denied.| 3023| 202 | Not system application.| 3024 3025**Example** 3026 ```ts 3027 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 3028 pinAuth.unregisterInputer(); 3029 ``` 3030 3031## InputerManager <sup>9+</sup> 3032 3033Provides APIs for managing credential inputers. 3034 3035### registerInputer<sup>9+</sup> 3036 3037static registerInputer(authType: AuthType, inputer: IInputer): void 3038 3039Registers a credential inputer. 3040 3041**System API**: This is a system API. 3042 3043**System capability**: SystemCapability.Account.OsAccount 3044 3045**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL or ohos.permission.MANAGE_USER_IDM 3046 3047**Parameters** 3048 3049| Name | Type | Mandatory| Description | 3050| ----------| ----------------------- | --- | -------------------------- | 3051| authType | [AuthType](#authtype8) | Yes | Authentication credential type.| 3052| inputer | [IInputer](#iinputer8) | Yes | Credential inputer to register.| 3053 3054**Error codes** 3055 3056| ID| Error Message | 3057| -------- | --------------------------- | 3058| 201 | Permission denied.| 3059| 202 | Not system application.| 3060| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3061| 12300001 | The system service works abnormally. | 3062| 12300002 | Invalid authType or inputer. | 3063| 12300103 | The credential inputer already exists. | 3064| 12300106 | The authentication type is not supported. | 3065 3066**Example** 3067 ```ts 3068 let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN; 3069 let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0]); 3070 try { 3071 osAccount.InputerManager.registerInputer(authType, { 3072 onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => { 3073 callback.onSetData(authSubType, password); 3074 } 3075 }); 3076 console.log('registerInputer success.'); 3077 } catch (e) { 3078 console.error('registerInputer exception = ' + JSON.stringify(e)); 3079 } 3080 ``` 3081 3082### unregisterInputer<sup>9+</sup> 3083 3084static unregisterInputer(authType: AuthType): void 3085 3086Unregisters this credential inputer. 3087 3088**System API**: This is a system API. 3089 3090**System capability**: SystemCapability.Account.OsAccount 3091 3092**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL or ohos.permission.MANAGE_USER_IDM 3093 3094**Parameters** 3095 3096| Name | Type | Mandatory| Description | 3097| ----------| ----------------------- | --- | -------------------------- | 3098| authType | [AuthType](#authtype8) | Yes | Authentication credential type.| 3099 3100**Error codes** 3101 3102| ID| Error Message | 3103| -------- | --------------------------- | 3104| 201 | Permission denied.| 3105| 202 | Not system application.| 3106| 401 |Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3107| 12300002 | Invalid authType. | 3108 3109**Example** 3110 ```ts 3111 let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN; 3112 try { 3113 osAccount.InputerManager.unregisterInputer(authType); 3114 console.log('unregisterInputer success.'); 3115 } catch(err) { 3116 console.error('unregisterInputer err:' + JSON.stringify(err)); 3117 } 3118 ``` 3119 3120## DomainPlugin<sup>9+</sup> 3121 3122Provides APIs for domain account authentication. 3123 3124**System API**: This is a system API. 3125 3126### auth<sup>9+</sup> 3127 3128auth(domainAccountInfo: DomainAccountInfo, credential: Uint8Array, callback: IUserAuthCallback): void 3129 3130Authenticates a domain account. 3131 3132**System API**: This is a system API. 3133 3134**System capability**: SystemCapability.Account.OsAccount 3135 3136**Parameters** 3137 3138| Name | Type | Mandatory| Description | 3139| ---------- | --------------------------------------- | ---- | --------------- | 3140| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3141| credential | Uint8Array | Yes | Credentials of the domain account.| 3142| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3143 3144**Example** 3145 ```ts 3146 import { AsyncCallback } from '@kit.BasicServicesKit'; 3147 let plugin: osAccount.DomainPlugin = { 3148 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3149 callback: osAccount.IUserAuthCallback) => { 3150 // mock authentication 3151 // notify authentication result 3152 let result: osAccount.AuthResult = { 3153 token: new Uint8Array([0]), 3154 remainTimes: 5, 3155 freezingTime: 0 3156 }; 3157 callback.onResult(0, result); 3158 }, 3159 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3160 callback: osAccount.IUserAuthCallback) => {}, 3161 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3162 callback: osAccount.IUserAuthCallback) => {}, 3163 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3164 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3165 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3166 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3167 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3168 callback: AsyncCallback<void>) => {}, 3169 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3170 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3171 callback: AsyncCallback<boolean>) => {}, 3172 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3173 } 3174 osAccount.DomainAccountManager.registerPlugin(plugin); 3175 let userAuth = new osAccount.UserAuth(); 3176 let challenge: Uint8Array = new Uint8Array([0]); 3177 let authType: osAccount.AuthType = osAccount.AuthType.DOMAIN; 3178 let authTrustLevel: osAccount.AuthTrustLevel = osAccount.AuthTrustLevel.ATL1; 3179 try { 3180 userAuth.auth(challenge, authType, authTrustLevel, { 3181 onResult: (resultCode: number, authResult: osAccount.AuthResult) => { 3182 console.log('auth resultCode = ' + resultCode); 3183 console.log('auth authResult = ' + JSON.stringify(authResult)); 3184 } 3185 }); 3186 } catch (err) { 3187 console.error('auth exception = ' + JSON.stringify(err)); 3188 } 3189 ``` 3190 3191### authWithPopup<sup>10+</sup> 3192 3193authWithPopup(domainAccountInfo: DomainAccountInfo, callback: IUserAuthCallback): void 3194 3195Authenticates a domain account in a pop-up window. 3196 3197**System API**: This is a system API. 3198 3199**System capability**: SystemCapability.Account.OsAccount 3200 3201**Parameters** 3202 3203| Name | Type | Mandatory| Description | 3204| ---------- | --------------------------------------- | ---- | --------------- | 3205| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3206| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3207 3208**Example** 3209 ```ts 3210 import { AsyncCallback } from '@kit.BasicServicesKit'; 3211 let plugin: osAccount.DomainPlugin = { 3212 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3213 callback: osAccount.IUserAuthCallback) => {}, 3214 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3215 callback: osAccount.IUserAuthCallback) => { 3216 // mock authentication 3217 // notify authentication result 3218 let result: osAccount.AuthResult = { 3219 token: new Uint8Array([0]), 3220 remainTimes: 5, 3221 freezingTime: 0 3222 }; 3223 callback.onResult(0, result); 3224 }, 3225 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3226 callback: osAccount.IUserAuthCallback) => {}, 3227 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3228 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3229 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3230 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3231 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3232 callback: AsyncCallback<void>) => {}, 3233 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3234 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3235 callback: AsyncCallback<boolean>) => {}, 3236 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3237 } 3238 osAccount.DomainAccountManager.registerPlugin(plugin) 3239 ``` 3240 3241### authWithToken<sup>10+</sup> 3242 3243authWithToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: IUserAuthCallback): void 3244 3245Authenticates a domain account by the authorization token. 3246 3247**System API**: This is a system API. 3248 3249**System capability**: SystemCapability.Account.OsAccount 3250 3251**Parameters** 3252 3253| Name | Type | Mandatory| Description | 3254| ---------- | --------------------------------------- | ---- | --------------- | 3255| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3256| token | Uint8Array | Yes | Authorization token generated when the PIN or biometric authentication is successful.| 3257| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3258 3259**Example** 3260 ```ts 3261 import { AsyncCallback } from '@kit.BasicServicesKit'; 3262 let plugin: osAccount.DomainPlugin = { 3263 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3264 callback: osAccount.IUserAuthCallback) => {}, 3265 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3266 callback: osAccount.IUserAuthCallback) => {}, 3267 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3268 callback: osAccount.IUserAuthCallback) => { 3269 // mock authentication 3270 // notify authentication result 3271 let result: osAccount.AuthResult = { 3272 token: new Uint8Array([0]), 3273 remainTimes: 5, 3274 freezingTime: 0 3275 }; 3276 callback.onResult(0, result); 3277 }, 3278 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3279 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3280 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3281 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3282 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3283 callback: AsyncCallback<void>) => {}, 3284 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3285 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3286 callback: AsyncCallback<boolean>) => {}, 3287 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3288 } 3289 osAccount.DomainAccountManager.registerPlugin(plugin) 3290 ``` 3291 3292### getAccountInfo<sup>10+</sup> 3293 3294getAccountInfo(options: GetDomainAccountInfoPluginOptions, callback: AsyncCallback<DomainAccountInfo>): void 3295 3296Obtains information about a domain account. 3297 3298**System API**: This is a system API. 3299 3300**System capability**: SystemCapability.Account.OsAccount 3301 3302**Parameters** 3303 3304| Name | Type | Mandatory| Description | 3305| ---------- | --------------------------------------- | ---- | --------------- | 3306| options | [GetDomainAccountInfoPluginOptions](#getdomainaccountinfopluginoptions10) | Yes | Domain account information.| 3307| callback | AsyncCallback<[DomainAccountInfo](#domainaccountinfo8)> | Yes | Callback used to return the result.| 3308 3309**Example** 3310 ```ts 3311 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3312 let plugin: osAccount.DomainPlugin = { 3313 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3314 callback: osAccount.IUserAuthCallback) => {}, 3315 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3316 callback: osAccount.IUserAuthCallback) => {}, 3317 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3318 callback: osAccount.IUserAuthCallback) => {}, 3319 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3320 callback: AsyncCallback<osAccount.DomainAccountInfo>) => { 3321 // mock getting account information 3322 // notify result 3323 let code: BusinessError = { 3324 code: 0, 3325 name: "", 3326 message: "" 3327 }; 3328 let accountInfo: osAccount.DomainAccountInfo = { 3329 domain: options.domain ? options.domain : "", 3330 accountName: options.accountName, 3331 accountId: 'xxxx' 3332 }; 3333 callback(code, accountInfo); 3334 }, 3335 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3336 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3337 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3338 callback: AsyncCallback<void>) => {}, 3339 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3340 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3341 callback: AsyncCallback<boolean>) => {}, 3342 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3343 } 3344 osAccount.DomainAccountManager.registerPlugin(plugin) 3345 ``` 3346 3347### getAuthStatusInfo<sup>10+</sup> 3348 3349getAuthStatusInfo(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<AuthStatusInfo>): void 3350 3351Obtains the authentication status of a domain account. 3352 3353**System API**: This is a system API. 3354 3355**System capability**: SystemCapability.Account.OsAccount 3356 3357**Parameters** 3358 3359| Name | Type | Mandatory| Description | 3360| ---------- | --------------------------------------- | ---- | --------------- | 3361| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3362| callback | AsyncCallback<[AuthStatusInfo](#authstatusinfo10)> | Yes | Callback used to return the result.| 3363 3364**Example** 3365 ```ts 3366 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3367 let plugin: osAccount.DomainPlugin = { 3368 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3369 callback: osAccount.IUserAuthCallback) => {}, 3370 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3371 callback: osAccount.IUserAuthCallback) => {}, 3372 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3373 callback: osAccount.IUserAuthCallback) => {}, 3374 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3375 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3376 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3377 callback: AsyncCallback<osAccount.AuthStatusInfo>) => { 3378 let code: BusinessError = { 3379 code: 0, 3380 name: "", 3381 message: "" 3382 }; 3383 let statusInfo: osAccount.AuthStatusInfo = { 3384 remainTimes: 5, 3385 freezingTime: 0 3386 }; 3387 callback(code, statusInfo); 3388 }, 3389 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3390 callback: AsyncCallback<void>) => {}, 3391 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3392 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3393 callback: AsyncCallback<boolean>) => {}, 3394 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3395 } 3396 osAccount.DomainAccountManager.registerPlugin(plugin) 3397 ``` 3398 3399### bindAccount<sup>10+</sup> 3400 3401bindAccount(domainAccountInfo: DomainAccountInfo, localId: number, callback: AsyncCallback<void>): void 3402 3403Binds a domain account. 3404 3405**System API**: This is a system API. 3406 3407**System capability**: SystemCapability.Account.OsAccount 3408 3409**Parameters** 3410 3411| Name | Type | Mandatory| Description | 3412| ---------- | --------------------------------------- | ---- | --------------- | 3413| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3414| localId | number | Yes | ID of the target system account.| 3415| callback | AsyncCallback<void> | Yes | Callback used to return the result.| 3416 3417**Example** 3418 ```ts 3419 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3420 let plugin: osAccount.DomainPlugin = { 3421 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3422 callback: osAccount.IUserAuthCallback) => {}, 3423 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3424 callback: osAccount.IUserAuthCallback) => {}, 3425 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3426 callback: osAccount.IUserAuthCallback) => {}, 3427 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3428 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3429 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3430 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3431 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3432 callback: AsyncCallback<void>) => { 3433 // mock unbinding operation 3434 // notify binding result 3435 let code: BusinessError = { 3436 code: 0, 3437 name: "", 3438 message: "" 3439 }; 3440 callback(code); 3441 }, 3442 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3443 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3444 callback: AsyncCallback<boolean>) => {}, 3445 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3446 } 3447 osAccount.DomainAccountManager.registerPlugin(plugin) 3448 ``` 3449 3450### unbindAccount<sup>10+</sup> 3451 3452unbindAccount(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<void>): void 3453 3454Unbinds a domain account. 3455 3456**System API**: This is a system API. 3457 3458**System capability**: SystemCapability.Account.OsAccount 3459 3460**Parameters** 3461 3462| Name | Type | Mandatory| Description | 3463| ---------- | --------------------------------------- | ---- | --------------- | 3464| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3465| callback | AsyncCallback<void> | Yes | Callback used to return the result.| 3466 3467**Example** 3468 ```ts 3469 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3470 let plugin: osAccount.DomainPlugin = { 3471 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3472 callback: osAccount.IUserAuthCallback) => {}, 3473 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3474 callback: osAccount.IUserAuthCallback) => {}, 3475 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3476 callback: osAccount.IUserAuthCallback) => {}, 3477 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3478 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3479 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3480 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3481 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3482 callback: AsyncCallback<void>) => {}, 3483 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => { 3484 // mock unbinding operation 3485 // notify unbinding result 3486 let code: BusinessError = { 3487 code: 0, 3488 name: "", 3489 message: "" 3490 }; 3491 callback(code); 3492 }, 3493 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3494 callback: AsyncCallback<boolean>) => {}, 3495 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3496 } 3497 osAccount.DomainAccountManager.registerPlugin(plugin) 3498 ``` 3499 3500### isAccountTokenValid<sup>10+</sup> 3501 3502isAccountTokenValid(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: AsyncCallback<boolean>): void 3503 3504Checks whether the specified domain account token is valid. 3505 3506**System API**: This is a system API. 3507 3508**System capability**: SystemCapability.Account.OsAccount 3509 3510**Parameters** 3511 3512| Name | Type | Mandatory| Description | 3513| ---------- | --------------------------------------- | ---- | --------------- | 3514| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3515| token | Uint8Array | Yes| Domain account token to check.| 3516| callback | AsyncCallback<boolean> | Yes | Callback used to return the result. The value **true** means that the specified domain account token is valid; the value **false** means the opposite.| 3517 3518**Example** 3519 ```ts 3520 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3521 let plugin: osAccount.DomainPlugin = { 3522 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3523 callback: osAccount.IUserAuthCallback) => {}, 3524 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3525 callback: osAccount.IUserAuthCallback) => {}, 3526 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3527 callback: osAccount.IUserAuthCallback) => {}, 3528 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3529 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3530 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3531 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3532 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3533 callback: AsyncCallback<void>) => {}, 3534 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3535 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3536 callback: AsyncCallback<boolean>) => { 3537 // mock checking operation 3538 // notify checking result 3539 let code: BusinessError = { 3540 code: 0, 3541 name: "", 3542 message: "" 3543 }; 3544 callback(code, true); 3545 }, 3546 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3547 } 3548 osAccount.DomainAccountManager.registerPlugin(plugin) 3549 ``` 3550 3551### getAccessToken<sup>10+</sup> 3552 3553getAccessToken(options: GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>): void 3554 3555Obtains the domain access token based on the specified conditions. 3556 3557**System API**: This is a system API. 3558 3559**System capability**: SystemCapability.Account.OsAccount 3560 3561**Parameters** 3562 3563| Name | Type | Mandatory| Description | 3564| ---------- | --------------------------------------- | ---- | --------------- | 3565| options | [GetDomainAccessTokenOptions](#getdomainaccesstokenoptions10) | Yes | Options specified for obtaining the domain access token.| 3566| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result.| 3567 3568**Example** 3569 ```ts 3570 import { AsyncCallback, BusinessError } from '@kit.BasicServicesKit'; 3571 let plugin: osAccount.DomainPlugin = { 3572 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3573 callback: osAccount.IUserAuthCallback) => {}, 3574 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3575 callback: osAccount.IUserAuthCallback) => {}, 3576 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3577 callback: osAccount.IUserAuthCallback) => {}, 3578 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3579 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3580 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3581 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3582 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3583 callback: AsyncCallback<void>) => {}, 3584 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3585 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3586 callback: AsyncCallback<boolean>) => {}, 3587 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => { 3588 // mock getting operation 3589 // notify result 3590 let code: BusinessError = { 3591 code: 0, 3592 name: "", 3593 message: "" 3594 }; 3595 let token: Uint8Array = new Uint8Array([0]); 3596 callback(code, token); 3597 } 3598 } 3599 osAccount.DomainAccountManager.registerPlugin(plugin) 3600 ``` 3601 3602## DomainAccountManager <sup>9+</sup> 3603Provides APIs for domain account management. 3604 3605### registerPlugin<sup>9+</sup> 3606 3607static registerPlugin(plugin: DomainPlugin): void 3608 3609Registers a domain plug-in. 3610 3611**System API**: This is a system API. 3612 3613**System capability**: SystemCapability.Account.OsAccount 3614 3615**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 3616 3617**Parameters** 3618 3619| Name | Type | Mandatory| Description | 3620| ----------| ----------------------- | --- | -------------------------- | 3621| plugin | [DomainPlugin](#domainplugin9) | Yes | Domain plug-in to register.| 3622 3623**Error codes** 3624 3625| ID| Error Message | 3626| -------- | --------------------------- | 3627| 201 | Permission denied.| 3628| 202 | Not system application.| 3629| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3630| 801 | Capability not supported.| 3631| 12300201 | The domain plugin has been registered. | 3632 3633**Example** 3634 ```ts 3635 import { AsyncCallback } from '@kit.BasicServicesKit'; 3636 let plugin: osAccount.DomainPlugin = { 3637 auth: (domainAccountInfo: osAccount.DomainAccountInfo, credential: Uint8Array, 3638 callback: osAccount.IUserAuthCallback) => {}, 3639 authWithPopup: (domainAccountInfo: osAccount.DomainAccountInfo, 3640 callback: osAccount.IUserAuthCallback) => {}, 3641 authWithToken: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3642 callback: osAccount.IUserAuthCallback) => {}, 3643 getAccountInfo: (options: osAccount.GetDomainAccountInfoPluginOptions, 3644 callback: AsyncCallback<osAccount.DomainAccountInfo>) => {}, 3645 getAuthStatusInfo: (domainAccountInfo: osAccount.DomainAccountInfo, 3646 callback: AsyncCallback<osAccount.AuthStatusInfo>) => {}, 3647 bindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, localId: number, 3648 callback: AsyncCallback<void>) => {}, 3649 unbindAccount: (domainAccountInfo: osAccount.DomainAccountInfo, callback: AsyncCallback<void>) => {}, 3650 isAccountTokenValid: (domainAccountInfo: osAccount.DomainAccountInfo, token: Uint8Array, 3651 callback: AsyncCallback<boolean>) => {}, 3652 getAccessToken: (options: osAccount.GetDomainAccessTokenOptions, callback: AsyncCallback<Uint8Array>) => {} 3653 } 3654 try { 3655 osAccount.DomainAccountManager.registerPlugin(plugin); 3656 console.log('registerPlugin success.'); 3657 } catch(err) { 3658 console.error('registerPlugin err:' + JSON.stringify(err)); 3659 } 3660 ``` 3661 3662### unregisterPlugin<sup>9+</sup> 3663 3664static unregisterPlugin(): void 3665 3666Unregisters this domain plug-in. 3667 3668**System API**: This is a system API. 3669 3670**System capability**: SystemCapability.Account.OsAccount 3671 3672**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 3673 3674**Error codes** 3675 3676| ID| Error Message | 3677| -------- | --------------------------- | 3678| 201 | Permission denied.| 3679| 202 | Not system application.| 3680| 801 | Capability not supported.| 3681 3682**Example** 3683 ```ts 3684 try { 3685 osAccount.DomainAccountManager.unregisterPlugin(); 3686 console.log('unregisterPlugin success.'); 3687 } catch(err) { 3688 console.error('unregisterPlugin err:' + JSON.stringify(err)); 3689 } 3690 ``` 3691 3692### auth<sup>10+</sup> 3693 3694auth(domainAccountInfo: DomainAccountInfo, credential: Uint8Array, callback: IUserAuthCallback): void 3695 3696Authenticates a domain account. 3697 3698**System API**: This is a system API. 3699 3700**System capability**: SystemCapability.Account.OsAccount 3701 3702**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 3703 3704**Parameters** 3705 3706| Name | Type | Mandatory| Description | 3707| ---------- | --------------------------------------- | ---- | --------------- | 3708| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3709| credential | Uint8Array | Yes | Credentials of the domain account.| 3710| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3711 3712**Error codes** 3713 3714| ID| Error Message | 3715| -------- | --------------------------- | 3716| 201 | Permission denied.| 3717| 202 | Not system application.| 3718| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3719| 801 | Capability not supported.| 3720| 12300001 | The system service works abnormally. | 3721| 12300002 | Invalid domainAccountInfo or credential. | 3722| 12300003 | Domain account does not exist. | 3723| 12300013 | Network exception. | 3724| 12300101 | Authentication failed. | 3725| 12300109 | The authentication, enrollment, or update operation is canceled. | 3726| 12300110 | The authentication is locked. | 3727| 12300111 | The authentication time out. | 3728| 12300112 | The authentication service is busy. | 3729| 12300113 | The account authentication service does not exist. | 3730| 12300114 | The account authentication service works abnormally. | 3731| 12300211 | Server unreachable. | 3732 3733**Example** 3734 ```ts 3735 let domainAccountInfo: osAccount.DomainAccountInfo = { 3736 domain: 'CHINA', 3737 accountName: 'zhangsan' 3738 } 3739 let credential = new Uint8Array([0]) 3740 try { 3741 osAccount.DomainAccountManager.auth(domainAccountInfo, credential, { 3742 onResult: (resultCode: number, authResult: osAccount.AuthResult) => { 3743 console.log('auth resultCode = ' + resultCode); 3744 console.log('auth authResult = ' + JSON.stringify(authResult)); 3745 } 3746 }); 3747 } catch (err) { 3748 console.error('auth exception = ' + JSON.stringify(err)); 3749 } 3750 ``` 3751 3752### authWithPopup<sup>10+</sup> 3753 3754authWithPopup(callback: IUserAuthCallback): void 3755 3756Authenticates this domain account with a dialog box. 3757 3758**System API**: This is a system API. 3759 3760**System capability**: SystemCapability.Account.OsAccount 3761 3762**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 3763 3764No permission is required since API version 11. Use the SDK of the latest version. 3765 3766**Parameters** 3767 3768| Name | Type | Mandatory| Description | 3769| ---------- | --------------------------------------- | ---- | --------------- | 3770| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3771 3772**Error codes** 3773 3774| ID| Error Message | 3775| -------- | --------------------------- | 3776| 201 | Permission denied.| 3777| 202 | Not system application.| 3778| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3779| 801 | Capability not supported.| 3780| 12300001 | The system service works abnormally. | 3781| 12300003 | No domain account is bound. | 3782| 12300013 | Network exception. | 3783| 12300101 | Authentication failed. | 3784| 12300109 | The authentication, enrollment, or update operation is canceled. | 3785| 12300110 | The authentication is locked. | 3786| 12300111 | The authentication time out. | 3787| 12300112 | The authentication service is busy. | 3788| 12300113 | The account authentication service does not exist. | 3789| 12300114 | The account authentication service works abnormally. | 3790| 12300211 | Server unreachable. | 3791 3792**Example** 3793 ```ts 3794 try { 3795 osAccount.DomainAccountManager.authWithPopup({ 3796 onResult: (resultCode: number, authResult: osAccount.AuthResult) => { 3797 console.log('auth resultCode = ' + resultCode); 3798 console.log('auth authResult = ' + JSON.stringify(authResult)); 3799 } 3800 }) 3801 } catch (err) { 3802 console.error('auth exception = ' + JSON.stringify(err)); 3803 } 3804 ``` 3805 3806### authWithPopup<sup>10+</sup> 3807 3808authWithPopup(localId: number, callback: IUserAuthCallback): void 3809 3810Authenticates this domain account with a dialog box. 3811 3812**System API**: This is a system API. 3813 3814**System capability**: SystemCapability.Account.OsAccount 3815 3816**Required permissions**: ohos.permission.ACCESS_USER_AUTH_INTERNAL 3817 3818No permission is required since API version 11. Use the SDK of the latest version. 3819 3820**Parameters** 3821 3822| Name | Type | Mandatory| Description | 3823| ---------- | --------------------------------------- | ---- | --------------- | 3824| localId | number | Yes | Local ID of the system account bound to the domain account.| 3825| callback | [IUserAuthCallback](#iuserauthcallback8) | Yes | Callback used to return the authentication result.| 3826 3827**Error codes** 3828 3829| ID| Error Message | 3830| -------- | --------------------------- | 3831| 201 | Permission denied.| 3832| 202 | Not system application.| 3833| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3834| 801 | Capability not supported.| 3835| 12300001 | The system service works abnormally. | 3836| 12300002 | Invalid localId. | 3837| 12300003 | No domain account is bound. | 3838| 12300013 | Network exception. | 3839| 12300101 | Authentication failed. | 3840| 12300109 | The authentication, enrollment, or update operation is canceled. | 3841| 12300110 | The authentication is locked. | 3842| 12300111 | The authentication time out. | 3843| 12300112 | The authentication service is busy. | 3844| 12300113 | The account authentication service does not exist. | 3845| 12300114 | The account authentication service works abnormally. | 3846| 12300211 | Server unreachable. | 3847 3848**Example** 3849 ```ts 3850 try { 3851 osAccount.DomainAccountManager.authWithPopup(100, { 3852 onResult: (resultCode: number, authResult: osAccount.AuthResult) => { 3853 console.log('authWithPopup resultCode = ' + resultCode); 3854 console.log('authWithPopup authResult = ' + JSON.stringify(authResult)); 3855 } 3856 }) 3857 } catch (err) { 3858 console.error('authWithPopup exception = ' + JSON.stringify(err)); 3859 } 3860 ``` 3861 3862### hasAccount<sup>10+</sup> 3863 3864hasAccount(domainAccountInfo: DomainAccountInfo, callback: AsyncCallback<boolean>): void 3865 3866Checks whether a domain account exists. 3867 3868**System API**: This is a system API. 3869 3870**System capability**: SystemCapability.Account.OsAccount 3871 3872**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 3873 3874**Parameters** 3875 3876| Name | Type | Mandatory| Description | 3877| ---------- | --------------------------------------- | ---- | --------------- | 3878| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3879| callback | AsyncCallback<boolean> | Yes | Callback used to return the result. The value **true** means that the specified domain account exists; the value **false** means the opposite.| 3880 3881**Error codes** 3882 3883| ID| Error Message | 3884| -------- | --------------------------- | 3885| 201 | Permission denied.| 3886| 202 | Not system application.| 3887| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3888| 801 | Capability not supported.| 3889| 12300001 | The system service works abnormally. | 3890| 12300002 | Invalid domainAccountInfo. | 3891| 12300013 | Network exception. | 3892| 12300014 | Not authenticated. | 3893| 12300111 | The operation time out. | 3894| 12300114 | The authentication service works abnormally. | 3895| 12300211 | Server unreachable. | 3896 3897**Example** 3898 ```ts 3899 import { BusinessError } from '@kit.BasicServicesKit'; 3900 let domainAccountInfo: osAccount.DomainAccountInfo = { 3901 domain: 'CHINA', 3902 accountName: 'zhangsan' 3903 } 3904 try { 3905 osAccount.DomainAccountManager.hasAccount(domainAccountInfo, (err: BusinessError, result: boolean) => { 3906 if (err) { 3907 console.error('call hasAccount failed, error: ' + JSON.stringify(err)); 3908 } else { 3909 console.log('hasAccount result: ' + result); 3910 } 3911 }); 3912 } catch (err) { 3913 console.error('hasAccount exception = ' + JSON.stringify(err)); 3914 } 3915 ``` 3916 3917### hasAccount<sup>10+</sup> 3918 3919hasAccount(domainAccountInfo: DomainAccountInfo): Promise<boolean> 3920 3921Checks whether a domain account exists. 3922 3923**System API**: This is a system API. 3924 3925**System capability**: SystemCapability.Account.OsAccount 3926 3927**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 3928 3929**Parameters** 3930 3931| Name | Type | Mandatory| Description | 3932| ---------- | --------------------------------------- | ---- | --------------- | 3933| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3934 3935**Return value** 3936 3937| Type | Description | 3938| :------------------------ | ----------------------- | 3939| Promise<boolean> | Promise used to return the result. The value **true** means that the specified domain account exists; the value **false** means the opposite.| 3940 3941**Error codes** 3942 3943| ID| Error Message | 3944| -------- | --------------------------- | 3945| 201 | Permission denied.| 3946| 202 | Not system application.| 3947| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 3948| 801 | Capability not supported.| 3949| 12300001 | The system service works abnormally. | 3950| 12300002 | Invalid domainAccountInfo. | 3951| 12300013 | Network exception. | 3952| 12300014 | Not authenticated. | 3953| 12300111 | The operation time out. | 3954| 12300114 | The authentication service works abnormally. | 3955| 12300211 | Server unreachable. | 3956 3957**Example** 3958 ```ts 3959 import { BusinessError } from '@kit.BasicServicesKit'; 3960 let domainAccountInfo: osAccount.DomainAccountInfo = { 3961 domain: 'CHINA', 3962 accountName: 'zhangsan' 3963 } 3964 try { 3965 osAccount.DomainAccountManager.hasAccount(domainAccountInfo).then((result: boolean) => { 3966 console.log('hasAccount result: ' + result); 3967 }).catch((err: BusinessError) => { 3968 console.error('call hasAccount failed, error: ' + JSON.stringify(err)); 3969 }); 3970 } catch (err) { 3971 console.error('hasAccount exception = ' + JSON.stringify(err)); 3972 } 3973 ``` 3974 3975### updateAccountToken<sup>10+</sup> 3976 3977updateAccountToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array, callback: AsyncCallback<void>): void 3978 3979Updates the token of a domain account. An empty token means an invalid token. This API uses an asynchronous callback to return the result. 3980 3981**System API**: This is a system API. 3982 3983**System capability**: SystemCapability.Account.OsAccount 3984 3985**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 3986 3987**Parameters** 3988 3989| Name | Type | Mandatory| Description | 3990| ---------- | --------------------------------------- | ---- | --------------- | 3991| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 3992| token | Uint8Array | Yes | New domain account token.| 3993| callback | AsyncCallback<void> | Yes| Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, **err** is an error object.| 3994 3995**Error codes** 3996 3997| ID| Error Message | 3998| -------- | --------------------------- | 3999| 201 | Permission denied.| 4000| 202 | Not system application.| 4001| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4002| 12300001 | The system service works abnormally. | 4003| 12300002 | Invalid token. | 4004| 12300003 | Account not found. | 4005 4006**Example** 4007 ```ts 4008 import { BusinessError } from '@kit.BasicServicesKit'; 4009 let domainAccountInfo: osAccount.DomainAccountInfo = { 4010 domain: 'CHINA', 4011 accountName: 'zhangsan', 4012 accountId: '123456' 4013 } 4014 let token = new Uint8Array([0]) 4015 try { 4016 osAccount.DomainAccountManager.updateAccountToken(domainAccountInfo, token, (err: BusinessError) => { 4017 if (err != null) { 4018 console.error('updateAccountToken failed, error: ' + JSON.stringify(err)); 4019 } else { 4020 console.log('updateAccountToken successfully'); 4021 } 4022 }) 4023 } catch (err) { 4024 console.error('updateAccountToken exception = ' + JSON.stringify(err)); 4025 } 4026 ``` 4027 4028### updateAccountToken<sup>10+</sup> 4029 4030updateAccountToken(domainAccountInfo: DomainAccountInfo, token: Uint8Array): Promise<void> 4031 4032Updates the token of a domain account. An empty token means an invalid token. This API uses a promise to return the result. 4033 4034**System API**: This is a system API. 4035 4036**System capability**: SystemCapability.Account.OsAccount 4037 4038**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS 4039 4040**Parameters** 4041 4042| Name | Type | Mandatory| Description | 4043| ---------- | --------------------------------------- | ---- | --------------- | 4044| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 4045| token | Uint8Array | Yes | New domain account token.| 4046 4047**Return value** 4048 4049| Type | Description | 4050| :------------------------ | ----------------------- | 4051| Promise<void> | Promise that returns no value.| 4052 4053**Error codes** 4054 4055| ID| Error Message | 4056| -------- | --------------------------- | 4057| 201 | Permission denied.| 4058| 202 | Not system application.| 4059| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4060| 12300001 | The system service works abnormally. | 4061| 12300002 | Invalid token. | 4062| 12300003 | Account not found. | 4063 4064**Example** 4065 ```ts 4066 import { BusinessError } from '@kit.BasicServicesKit'; 4067 let domainAccountInfo: osAccount.DomainAccountInfo = { 4068 domain: 'CHINA', 4069 accountName: 'zhangsan', 4070 accountId: '123456' 4071 } 4072 let token = new Uint8Array([0]) 4073 try { 4074 osAccount.DomainAccountManager.updateAccountToken(domainAccountInfo, token).then(() => { 4075 console.log('updateAccountToken successfully'); 4076 }).catch((err: BusinessError) => { 4077 console.error('updateAccountToken failed, error: ' + JSON.stringify(err)); 4078 }); 4079 } catch (err) { 4080 console.error('updateAccountToken exception = ' + JSON.stringify(err)); 4081 } 4082 ``` 4083 4084### getAccountInfo<sup>10+</sup> 4085 4086getAccountInfo(options: GetDomainAccountInfoOptions, callback: AsyncCallback<DomainAccountInfo>): void 4087 4088Obtains information about a specified domain account. This API uses an asynchronous callback to return the result. 4089 4090**System API**: This is a system API. 4091 4092**System capability**: SystemCapability.Account.OsAccount 4093 4094**Required permissions**: ohos.permission.GET_DOMAIN_ACCOUNTS 4095 4096**Parameters** 4097 4098| Name | Type | Mandatory| Description | 4099| ---------- | --------------------------------------- | ---- | --------------- | 4100| options | [GetDomainAccountInfoOptions](#getdomainaccountinfooptions10) | Yes | Domain account information.| 4101| callback | AsyncCallback<DomainAccountInfo> | Yes | Callback used to return the result.| 4102 4103**Error codes** 4104 4105| ID| Error Message | 4106| -------- | --------------------------- | 4107| 201 | Permission denied.| 4108| 202 | Not system application.| 4109| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4110| 801 | Capability not supported.| 4111| 12300001 | The system service works abnormally. | 4112| 12300003 | Account not found. | 4113| 12300013 | Network exception. | 4114| 12300014 | Not authenticated. | 4115| 12300111 | The operation time out. | 4116| 12300114 | The authentication service works abnormally. | 4117| 12300211 | Server unreachable. | 4118 4119**Example** 4120 ```ts 4121 import { BusinessError } from '@kit.BasicServicesKit'; 4122 let domainAccountInfo: osAccount.GetDomainAccountInfoOptions = { 4123 domain: 'CHINA', 4124 accountName: 'zhangsan' 4125 } 4126 try { 4127 osAccount.DomainAccountManager.getAccountInfo(domainAccountInfo, 4128 (err: BusinessError, result: osAccount.DomainAccountInfo) => { 4129 if (err) { 4130 console.error('call getAccountInfo failed, error: ' + JSON.stringify(err)); 4131 } else { 4132 console.log('getAccountInfo result: ' + result); 4133 } 4134 }); 4135 } catch (err) { 4136 console.error('getAccountInfo exception = ' + JSON.stringify(err)); 4137 } 4138 ``` 4139 4140### getAccountInfo<sup>10+</sup> 4141 4142getAccountInfo(options: GetDomainAccountInfoOptions): Promise<DomainAccountInfo> 4143 4144Obtains information about a specified domain account. This API uses a promise to return the result. 4145 4146**System API**: This is a system API. 4147 4148**System capability**: SystemCapability.Account.OsAccount 4149 4150**Required permissions**: ohos.permission.GET_DOMAIN_ACCOUNTS 4151 4152**Parameters** 4153 4154| Name | Type | Mandatory| Description | 4155| ---------- | --------------------------------------- | ---- | --------------- | 4156| options | [GetDomainAccountInfoOptions](#getdomainaccountinfooptions10) | Yes | Domain account information.| 4157 4158**Return value** 4159 4160| Type | Description | 4161| :------------------------ | ----------------------- | 4162| Promise<DomainAccountInfo> | Promise used to return the domain account information obtained.| 4163 4164**Error codes** 4165 4166| ID| Error Message | 4167| -------- | --------------------------- | 4168| 201 | Permission denied.| 4169| 202 | Not system application.| 4170| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4171| 801 | Capability not supported.| 4172| 12300001 | The system service works abnormally. | 4173| 12300003 | Account not found. | 4174| 12300013 | Network exception. | 4175| 12300014 | Not authenticated. | 4176| 12300111 | The operation time out. | 4177| 12300114 | The authentication service works abnormally. | 4178| 12300211 | Server unreachable. | 4179 4180**Example** 4181 ```ts 4182 import { BusinessError } from '@kit.BasicServicesKit'; 4183 let domainAccountInfo: osAccount.GetDomainAccountInfoOptions = { 4184 domain: 'CHINA', 4185 accountName: 'zhangsan' 4186 } 4187 try { 4188 osAccount.DomainAccountManager.getAccountInfo(domainAccountInfo) 4189 .then((result: osAccount.DomainAccountInfo) => { 4190 console.log('getAccountInfo result: ' + result); 4191 }).catch((err: BusinessError) => { 4192 console.error('call getAccountInfo failed, error: ' + JSON.stringify(err)); 4193 }); 4194 } catch (err) { 4195 console.error('getAccountInfo exception = ' + JSON.stringify(err)); 4196 } 4197 ``` 4198 4199### getAccessToken<sup>11+</sup> 4200 4201getAccessToken(businessParams: Record<string, Object>, callback: AsyncCallback<Uint8Array>): void 4202 4203Obtains the service access token of this domain account. This API uses an asynchronous callback to return the result. 4204 4205**System API**: This is a system API. 4206 4207**System capability**: SystemCapability.Account.OsAccount 4208 4209**Parameters** 4210 4211| Name | Type | Mandatory| Description | 4212| ---------- | --------------------------------------- | ---- | --------------- | 4213| businessParams | Record<string, Object> | Yes | Service parameters. The specific formats vary depending on the domain plug-in.| 4214| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result. If the operation is successful, **err** is **null**. Otherwise, an error object is returned.| 4215 4216**Error codes** 4217 4218| ID| Error Message | 4219| -------- | --------------------------- | 4220| 202 | Not system application.| 4221| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4222| 801 | Capability not supported.| 4223| 12300001 | The system service works abnormally. | 4224| 12300002 | Invalid business parameters. | 4225| 12300003 | Domain account not found. | 4226| 12300013 | Network exception. | 4227| 12300014 | The domain account is not authenticated. | 4228| 12300111 | The operation time out. | 4229| 12300114 | The authentication service works abnormally. | 4230| 12300211 | Server unreachable. | 4231 4232**Example** 4233 ```ts 4234 import { BusinessError } from '@kit.BasicServicesKit'; 4235 let businessParams: Record<string, Object> = { 4236 'clientId': 'xxx', 4237 'secretId': 'yyy' 4238 }; // depends on the implementation of the domain plugin 4239 try { 4240 osAccount.DomainAccountManager.getAccessToken(businessParams, 4241 (err: BusinessError, result: Uint8Array) => { 4242 if (err) { 4243 console.error('getAccessToken failed, error: ' + JSON.stringify(err)); 4244 } else { 4245 console.log('getAccessToken result: ' + result); 4246 } 4247 }); 4248 } catch (err) { 4249 console.error('getAccessToken exception = ' + JSON.stringify(err)); 4250 } 4251 ``` 4252 4253### getAccessToken<sup>11+</sup> 4254 4255getAccessToken(businessParams: Record<string, Object>): Promise<Uint8Array> 4256 4257Obtains the service access token of this domain account. This API uses a promise to return the result. 4258 4259**System API**: This is a system API. 4260 4261**System capability**: SystemCapability.Account.OsAccount 4262 4263**Parameters** 4264 4265| Name | Type | Mandatory| Description | 4266| ---------- | --------------------------------------- | ---- | --------------- | 4267| businessParams | Record<string, Object> | Yes | Service parameters. The specific formats vary depending on the domain plug-in.| 4268 4269**Return value** 4270 4271| Type | Description | 4272| :------------------------ | ----------------------- | 4273| Promise<Uint8Array> | Promise used to return the service access token obtained.| 4274 4275**Error codes** 4276 4277| ID| Error Message | 4278| -------- | --------------------------- | 4279| 202 | Not system application.| 4280| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4281| 801 | Capability not supported.| 4282| 12300001 | The system service works abnormally. | 4283| 12300002 | Invalid business parameters. | 4284| 12300003 | Domain account not found. | 4285| 12300013 | Network exception. | 4286| 12300014 | The domain account is not authenticated. | 4287| 12300111 | The operation time out. | 4288| 12300114 | The authentication service works abnormally. | 4289| 12300211 | Server unreachable. | 4290 4291**Example** 4292 ```ts 4293 import { BusinessError } from '@kit.BasicServicesKit'; 4294 let businessParams: Record<string, Object> = { 4295 'clientId': 'xxx', 4296 'secretId': 'yyy' 4297 }; // depends on the implementation of the domain plugin 4298 try { 4299 osAccount.DomainAccountManager.getAccessToken(businessParams) 4300 .then((result: Uint8Array) => { 4301 console.log('getAccessToken result: ' + result); 4302 }).catch((err: BusinessError) => { 4303 console.error('getAccessToken failed, error: ' + JSON.stringify(err)); 4304 }); 4305 } catch (err) { 4306 console.error('getAccessToken exception = ' + JSON.stringify(err)); 4307 } 4308 ``` 4309 4310### isAuthenticationExpired<sup>12+</sup> 4311 4312isAuthenticationExpired(domainAccountInfo: DomainAccountInfo): Promise<boolean>; 4313 4314Checks whether the authentication of a domain account has expired. This API uses a promise to return the result. 4315 4316**System API**: This is a system API. 4317 4318**Required permissions**: ohos.permission.MANAGE_LOCAL_ACCOUNTS or ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS 4319 4320**System capability**: SystemCapability.Account.OsAccount 4321 4322**Parameters** 4323 4324| Name | Type | Mandatory| Description | 4325| ---------- | --------------------------------------- | ---- | --------------- | 4326| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information.| 4327 4328**Return value** 4329 4330| Type | Description | 4331| :------------------------ | ----------------------- | 4332| Promise<boolean> | Promise used to return the result. The value **true** means that the specified domain account has expired; the value **false** means the opposite.| 4333 4334**Error codes** 4335 4336| ID| Error Message | 4337| -------- | --------------------------- | 4338| 201 | Permission denied.| 4339| 202 | Not system application.| 4340| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4341| 801 | Capability not supported.| 4342| 12300001 | The system service works abnormally. | 4343| 12300003 | Domain account not found. | 4344 4345**Example** 4346 ```ts 4347 import { BusinessError } from '@kit.BasicServicesKit'; 4348 let domainInfo: osAccount.DomainAccountInfo = 4349 {domain: 'testDomain', accountName: 'testAccountName'}; 4350 try { 4351 osAccount.DomainAccountManager.isAuthenticationExpired(domainInfo).then((result: boolean) => { 4352 console.log('isAuthenticationExpired, result: ' + result); 4353 }).catch((err: BusinessError) => { 4354 console.error('isAuthenticationExpired err: ' + err); 4355 }); 4356 } catch (e) { 4357 console.error('isAuthenticationExpired exception: ' + e); 4358 } 4359 ``` 4360 4361## UserIdentityManager<sup>8+</sup> 4362 4363Provides APIs for user IDM. 4364 4365**System API**: This is a system API. 4366 4367### constructor<sup>8+</sup> 4368 4369 4370 4371A **constructor()** used to create an instance for user IDM. 4372 4373**System API**: This is a system API. 4374 4375**System capability**: SystemCapability.Account.OsAccount 4376 4377**Error codes** 4378 4379| ID| Error Message | 4380| -------- | --------------------------- | 4381| 202 | Not system application.| 4382 4383**Example** 4384 ```ts 4385 let userIDM = new osAccount.UserIdentityManager(); 4386 ``` 4387 4388### openSession<sup>8+</sup> 4389 4390openSession(callback: AsyncCallback<Uint8Array>): void 4391 4392Opens a session to obtain the challenge value. This API uses an asynchronous callback to return the result. 4393 4394**System API**: This is a system API. 4395 4396**System capability**: SystemCapability.Account.OsAccount 4397 4398**Required permissions**: ohos.permission.MANAGE_USER_IDM 4399 4400**Parameters** 4401 4402| Name | Type | Mandatory| Description | 4403| -------- | -------------------------------- | ---- | -------------------------------------------------------------- | 4404| callback | AsyncCallback<Uint8Array> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the challenge value obtained. Otherwise, **err** is an error object.| 4405 4406**Error codes** 4407 4408| ID| Error Message | 4409| -------- | --------------------------- | 4410| 201 | Permission denied.| 4411| 202 | Not system application.| 4412| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4413| 12300001 | The system service works abnormally. | 4414 4415**Example** 4416 ```ts 4417 import { BusinessError } from '@kit.BasicServicesKit'; 4418 let userIDM = new osAccount.UserIdentityManager(); 4419 try { 4420 userIDM.openSession((err: BusinessError, challenge: Uint8Array) => { 4421 if (err) { 4422 console.error('openSession exception = ' + JSON.stringify(err)); 4423 } else { 4424 console.log('openSession challenge = ' + JSON.stringify(challenge)); 4425 } 4426 }); 4427 } catch (e) { 4428 console.error('openSession exception = ' + JSON.stringify(e)); 4429 } 4430 ``` 4431 4432### openSession<sup>8+</sup> 4433 4434openSession(accountId?: number): Promise<Uint8Array> 4435 4436Opens a session. This API returns a challenge value, which can be used to determine whether the subsequent identity authentication is in this session. This can prevent replay attacks. This API uses a promise to return the result. 4437 4438**System API**: This is a system API. 4439 4440**System capability**: SystemCapability.Account.OsAccount 4441 4442**Required permissions**: ohos.permission.MANAGE_USER_IDM 4443 4444**Parameters** 4445 4446| Name | Type | Mandatory| Description | 4447| --------- | ------- | ---- | ----------- | 4448| accountId<sup>12+</sup> | number | No | System account ID, which is left blank by default.| 4449 4450**Return value** 4451 4452| Type | Description | 4453| :------------------------ | ----------------------- | 4454| Promise<Uint8Array> | Promise used to return the challenge value obtained.| 4455 4456**Error codes** 4457 4458| ID| Error Message | 4459| -------- | --------------------------- | 4460| 201 | Permission denied.| 4461| 202 | Not system application.| 4462| 401 | Parameter error. Possible causes: Incorrect parameter types. | 4463| 12300001 | The system service works abnormally. | 4464| 12300003 | Account not found. | 4465| 12300008 | Restricted account. | 4466 4467**Example** 4468 ```ts 4469 import { BusinessError } from '@kit.BasicServicesKit'; 4470 let userIDM = new osAccount.UserIdentityManager(); 4471 let accountId = 100; 4472 try { 4473 userIDM.openSession(accountId).then((challenge: Uint8Array) => { 4474 console.info('openSession challenge = ' + JSON.stringify(challenge)); 4475 }).catch((err: BusinessError) => { 4476 console.error('openSession error = ' + JSON.stringify(err)); 4477 }); 4478 } catch (e) { 4479 console.error('openSession exception = ' + JSON.stringify(e)); 4480 } 4481 ``` 4482 4483### addCredential<sup>8+</sup> 4484 4485addCredential(credentialInfo: CredentialInfo, callback: IIdmCallback): void 4486 4487Adds credential information, including the credential type, subtype, and token (if a non-PIN credential is added). 4488 4489**System API**: This is a system API. 4490 4491**System capability**: SystemCapability.Account.OsAccount 4492 4493**Required permissions**: ohos.permission.MANAGE_USER_IDM 4494 4495**Parameters** 4496 4497| Name | Type | Mandatory| Description | 4498| --------------- | ------------------------------------ | --- | ---------------------------- | 4499| credentialInfo | [CredentialInfo](#credentialinfo8) | Yes | Credential information to add. | 4500| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result. | 4501 4502**Error codes** 4503 4504| ID| Error Message | 4505| -------- | ------------------- | 4506| 201 | Permission denied.| 4507| 202 | Not system application.| 4508| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4509| 12300001 | The system service works abnormally. | 4510| 12300002 | Invalid credentialInfo, i.e. authType or authSubType. | 4511| 12300003 | Account not found. | 4512| 12300008 | Restricted account. | 4513| 12300101 | The token is invalid. | 4514| 12300106 | The authentication type is not supported. | 4515| 12300109 | The authentication, enrollment, or update operation is canceled. | 4516| 12300111 | The operation time out. | 4517| 12300115 | The number of credentials reaches the upper limit. | 4518| 12300116 | Credential complexity verification failed. | 4519 4520**Example** 4521 ```ts 4522 import { BusinessError } from '@kit.BasicServicesKit'; 4523 let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]); 4524 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 4525 pinAuth.registerInputer({ 4526 onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => { 4527 callback.onSetData(authSubType, password); 4528 } 4529 }); 4530 let credentialInfo: osAccount.CredentialInfo = { 4531 credType: osAccount.AuthType.PIN, 4532 credSubType: osAccount.AuthSubType.PIN_SIX, 4533 token: new Uint8Array([]), 4534 }; 4535 let userIDM = new osAccount.UserIdentityManager(); 4536 userIDM.openSession((err: BusinessError, challenge: Uint8Array) => { 4537 try { 4538 userIDM.addCredential(credentialInfo, { 4539 onResult: (result: number, extraInfo: osAccount.RequestResult) => { 4540 console.log('addCredential result = ' + result); 4541 console.log('addCredential extraInfo = ' + extraInfo); 4542 } 4543 }); 4544 } catch (e) { 4545 console.error('addCredential exception = ' + JSON.stringify(e)); 4546 } 4547 }); 4548 ``` 4549 4550### updateCredential<sup>8+</sup> 4551 4552updateCredential(credentialInfo: CredentialInfo, callback: IIdmCallback): void 4553 4554Updates credential information. This API uses an asynchronous callback to return the result. 4555 4556**System API**: This is a system API. 4557 4558**System capability**: SystemCapability.Account.OsAccount 4559 4560**Required permissions**: ohos.permission.MANAGE_USER_IDM 4561 4562**Parameters** 4563 4564| Name | Type | Mandatory| Description | 4565| --------------- | ------------------------------------- | --- | ------------------------- | 4566| credentialInfo | [CredentialInfo](#credentialinfo8) | Yes | Credential information to add. | 4567| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.| 4568 4569**Error codes** 4570 4571| ID| Error Message | 4572| -------- | ------------------- | 4573| 201 | Permission denied.| 4574| 202 | Not system application.| 4575| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4576| 12300001 | The system service works abnormally. | 4577| 12300002 | Invalid credentialInfo, i.e. authType or authSubType. | 4578| 12300003 | Account not found. | 4579| 12300101 | The token is invalid. | 4580| 12300102 | The credential does not exist. | 4581| 12300106 | The authentication type is not supported. | 4582| 12300109 | The authentication, enrollment, or update operation is canceled. | 4583| 12300111 | The operation time out. | 4584| 12300116 | Credential complexity verification failed. | 4585 4586**Example** 4587 ```ts 4588 import { BusinessError } from '@kit.BasicServicesKit'; 4589 let userIDM = new osAccount.UserIdentityManager(); 4590 let userAuth: osAccount.UserAuth = new osAccount.UserAuth(); 4591 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 4592 let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]); 4593 let credentialInfo: osAccount.CredentialInfo = { 4594 credType: osAccount.AuthType.PIN, 4595 credSubType: osAccount.AuthSubType.PIN_SIX, 4596 token: new Uint8Array([]), 4597 }; 4598 pinAuth.registerInputer({ 4599 onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => { 4600 callback.onSetData(authSubType, password); 4601 } 4602 }); 4603 userIDM.openSession((err: BusinessError, challenge: Uint8Array) => { 4604 userAuth.auth(challenge, credentialInfo.credType, osAccount.AuthTrustLevel.ATL1, { 4605 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 4606 if (result != osAccount.ResultCode.SUCCESS) { 4607 return; 4608 } 4609 if (extraInfo.token != null) { 4610 credentialInfo.token = extraInfo.token; 4611 } 4612 try { 4613 userIDM.updateCredential(credentialInfo, { 4614 onResult: (result: number, extraInfo: osAccount.RequestResult) => { 4615 console.log('updateCredential result = ' + result); 4616 console.log('updateCredential extraInfo = ' + extraInfo); 4617 } 4618 }); 4619 } catch (e) { 4620 console.error('updateCredential exception = ' + JSON.stringify(e)); 4621 } 4622 } 4623 }); 4624 }); 4625 ``` 4626 4627### closeSession<sup>8+</sup> 4628 4629closeSession(accountId?: number): void 4630 4631Closes this session to terminate IDM. 4632 4633**System API**: This is a system API. 4634 4635**System capability**: SystemCapability.Account.OsAccount 4636 4637**Required permissions**: ohos.permission.MANAGE_USER_IDM 4638 4639**Parameters** 4640 4641| Name | Type | Mandatory| Description | 4642| --------- | ------- | ---- | ----------- | 4643| accountId<sup>12+</sup> | number | No | System account ID, which is left blank by default.| 4644 4645**Error codes** 4646 4647| ID| Error Message | 4648| -------- | --------------------------- | 4649| 201 | Permission denied.| 4650| 202 | Not system application.| 4651| 401 | Parameter error. Possible causes: Incorrect parameter types. | 4652| 12300001 | The system service works abnormally. | 4653| 12300003 | Account not found. | 4654| 12300008 | Restricted account. | 4655 4656**Example** 4657 ```ts 4658 let userIDM = new osAccount.UserIdentityManager(); 4659 let accountId = 100; 4660 userIDM.closeSession(accountId); 4661 ``` 4662 4663### cancel<sup>8+</sup> 4664 4665cancel(challenge: Uint8Array): void 4666 4667Cancels an entry based on the challenge value. 4668 4669**System API**: This is a system API. 4670 4671**System capability**: SystemCapability.Account.OsAccount 4672 4673**Required permissions**: ohos.permission.MANAGE_USER_IDM 4674 4675**Parameters** 4676 4677| Name | Type | Mandatory| Description | 4678| -------- | ----------- | ---- | ----- | 4679| challenge | Uint8Array | Yes | Challenge value.| 4680 4681**Error codes** 4682 4683| ID| Error Message | 4684| -------- | ------------------- | 4685| 201 | Permission denied.| 4686| 202 | Not system application.| 4687| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4688| 12300001 | The system service works abnormally. | 4689| 12300002 | Invalid challenge. | 4690 4691**Example** 4692 ```ts 4693 let userIDM = new osAccount.UserIdentityManager(); 4694 let challenge: Uint8Array = new Uint8Array([0]); 4695 try { 4696 userIDM.cancel(challenge); 4697 } catch(err) { 4698 console.error('cancel err:' + JSON.stringify(err)); 4699 } 4700 ``` 4701 4702### delUser<sup>8+</sup> 4703 4704delUser(token: Uint8Array, callback: IIdmCallback): void 4705 4706Deletes a user based on the authentication token. This API uses a callback to return the result. 4707 4708**System API**: This is a system API. 4709 4710**System capability**: SystemCapability.Account.OsAccount 4711 4712**Required permissions**: ohos.permission.MANAGE_USER_IDM 4713 4714**Parameters** 4715 4716| Name | Type | Mandatory| Description | 4717| -------- | ------------------------------ | --- | ------------------------- | 4718| token | Uint8Array | Yes | Authentication token. | 4719| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.| 4720 4721**Error codes** 4722 4723| ID| Error Message | 4724| -------- | ------------------- | 4725| 201 | Permission denied.| 4726| 202 | Not system application.| 4727| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4728| 12300001 | The system service works abnormally. | 4729| 12300101 | The token is invalid. | 4730 4731**Example** 4732 ```ts 4733 let userIDM = new osAccount.UserIdentityManager(); 4734 let token: Uint8Array = new Uint8Array([0]); 4735 try { 4736 userIDM.delUser(token, { 4737 onResult: (result: number, extraInfo: osAccount.RequestResult) => { 4738 console.log('delUser result = ' + result); 4739 console.log('delUser extraInfo = ' + JSON.stringify(extraInfo)); 4740 } 4741 }); 4742 } catch (e) { 4743 console.error('delUser exception = ' + JSON.stringify(e)); 4744 } 4745 ``` 4746 4747### delCred<sup>8+</sup> 4748 4749delCred(credentialId: Uint8Array, token: Uint8Array, callback: IIdmCallback): void 4750 4751Deletes user credential information. 4752 4753**System API**: This is a system API. 4754 4755**System capability**: SystemCapability.Account.OsAccount 4756 4757**Required permissions**: ohos.permission.MANAGE_USER_IDM 4758 4759**Parameters** 4760 4761| Name | Type | Mandatory| Description | 4762| --------------- | ----------------------------------- | --- | ---------------------------| 4763| credentialId | Uint8Array | Yes | Credential ID. | 4764| token | Uint8Array | Yes | Authentication token. | 4765| callback | [IIdmCallback](#iidmcallback8) | Yes | Callback used to return the result.| 4766 4767**Error codes** 4768 4769| ID| Error Message | 4770| -------- | ------------------- | 4771| 201 | Permission denied.| 4772| 202 | Not system application.| 4773| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4774| 12300001 | The system service works abnormally. | 4775| 12300002 | Invalid credentialId. | 4776| 12300101 | The token is invalid. | 4777| 12300102 | The credential does not exist. | 4778 4779**Example** 4780 ```ts 4781 let userIDM = new osAccount.UserIdentityManager(); 4782 let credentialId: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0]); 4783 let token: Uint8Array = new Uint8Array([0]); 4784 try { 4785 userIDM.delCred(credentialId, token, { 4786 onResult: (result: number, extraInfo: osAccount.RequestResult) => { 4787 console.log('delCred result = ' + result); 4788 console.log('delCred extraInfo = ' + JSON.stringify(extraInfo)); 4789 } 4790 }); 4791 } catch (e) { 4792 console.error('delCred exception = ' + JSON.stringify(e)); 4793 } 4794 ``` 4795 4796### getAuthInfo<sup>8+</sup> 4797 4798getAuthInfo(callback: AsyncCallback<Array<EnrolledCredInfo>>): void 4799 4800Obtains authentication information. This API uses an asynchronous callback to return the result. 4801 4802**System API**: This is a system API. 4803 4804**System capability**: SystemCapability.Account.OsAccount 4805 4806**Required permissions**: ohos.permission.USE_USER_IDM 4807 4808**Parameters** 4809 4810| Name | Type | Mandatory| Description | 4811| -------- | ------------------------------------------------------------------------ | ---- | --------------------------------------------- | 4812| callback | AsyncCallback<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is information about all registered credentials of the user. Otherwise, **err** is an error object.| 4813 4814**Error codes** 4815 4816| ID| Error Message | 4817| -------- | --------------------- | 4818| 201 | Permission denied.| 4819| 202 | Not system application.| 4820| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4821| 12300001 | The system service works abnormally. | 4822 4823**Example** 4824 ```ts 4825 import { BusinessError } from '@kit.BasicServicesKit'; 4826 let userIDM = new osAccount.UserIdentityManager(); 4827 try { 4828 userIDM.getAuthInfo((err: BusinessError, result: osAccount.EnrolledCredInfo[]) => { 4829 if (err) { 4830 console.error('getAuthInfo exception = ' + JSON.stringify(err)); 4831 } else { 4832 console.log('getAuthInfo result = ' + JSON.stringify(result)); 4833 } 4834 }); 4835 } catch (e) { 4836 console.error('getAuthInfo exception = ' + JSON.stringify(e)); 4837 } 4838 ``` 4839 4840### getAuthInfo<sup>8+</sup> 4841 4842getAuthInfo(authType: AuthType, callback: AsyncCallback<Array<EnrolledCredInfo>>): void 4843 4844Obtains authentication information of the specified type. This API uses an asynchronous callback to return the result. 4845 4846**System API**: This is a system API. 4847 4848**System capability**: SystemCapability.Account.OsAccount 4849 4850**Required permissions**: ohos.permission.USE_USER_IDM 4851 4852**Parameters** 4853 4854| Name | Type | Mandatory| Description | 4855| -------- | -------------------------------------------------- | ---- | -------------------------------------------------- | 4856| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 4857| callback | AsyncCallback<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is the information about all enrolled credentials of the specified type. Otherwise, **err** is an error object.| 4858 4859**Error codes** 4860 4861| ID| Error Message | 4862| -------- | ------------------- | 4863| 201 | Permission denied.| 4864| 202 | Not system application.| 4865| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 4866| 12300001 | The system service works abnormally. | 4867| 12300002 | Invalid authType. | 4868 4869**Example** 4870 ```ts 4871 import { BusinessError } from '@kit.BasicServicesKit'; 4872 let userIDM = new osAccount.UserIdentityManager(); 4873 try { 4874 userIDM.getAuthInfo(osAccount.AuthType.PIN, 4875 (err: BusinessError, result: osAccount.EnrolledCredInfo[]) => { 4876 if (err) { 4877 console.error('getAuthInfo exception = ' + JSON.stringify(err)); 4878 } else { 4879 console.log('getAuthInfo result = ' + JSON.stringify(result)); 4880 } 4881 }); 4882 } catch (e) { 4883 console.error('getAuthInfo exception = ' + JSON.stringify(e)); 4884 } 4885 ``` 4886 4887### getAuthInfo<sup>8+</sup> 4888 4889getAuthInfo(authType?: AuthType): Promise<Array<EnrolledCredInfo>>; 4890 4891Obtains authentication information. This API uses a promise to return the result. 4892 4893**System API**: This is a system API. 4894 4895**System capability**: SystemCapability.Account.OsAccount 4896 4897**Required permissions**: ohos.permission.USE_USER_IDM 4898 4899**Parameters** 4900 4901| Name | Type | Mandatory| Description | 4902| -------- | ----------------------------------- | ---- | -------- | 4903| authType | [AuthType](#authtype8) | No | Authentication type. By default, this parameter is left blank, which means to obtain information about all authentication types.| 4904 4905**Return value** 4906 4907| Type | Description | 4908| :------------------------------------------- | :----------------------------------------------------------------------- | 4909| Promise<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Promise used to return the information about all the enrolled credentials of the specified type.| 4910 4911**Error codes** 4912 4913| ID| Error Message | 4914| -------- | ------------------- | 4915| 201 | Permission denied.| 4916| 202 | Not system application.| 4917| 401 | Parameter error. Possible causes: Incorrect parameter types. | 4918| 12300001 | The system service works abnormally. | 4919| 12300002 | Invalid authType. | 4920 4921**Example** 4922 ```ts 4923 import { BusinessError } from '@kit.BasicServicesKit'; 4924 let userIDM = new osAccount.UserIdentityManager(); 4925 try { 4926 userIDM.getAuthInfo(osAccount.AuthType.PIN).then((result: osAccount.EnrolledCredInfo[]) => { 4927 console.log('getAuthInfo result = ' + JSON.stringify(result)) 4928 }).catch((err: BusinessError) => { 4929 console.error('getAuthInfo error = ' + JSON.stringify(err)); 4930 }); 4931 } catch (e) { 4932 console.error('getAuthInfo exception = ' + JSON.stringify(e)); 4933 } 4934 ``` 4935 4936### getAuthInfo<sup>12+</sup> 4937 4938getAuthInfo(options?: GetAuthInfoOptions): Promise<Array<EnrolledCredInfo>> 4939 4940Obtains authentication information. This API uses a promise to return the result. 4941 4942**System API**: This is a system API. 4943 4944**System capability**: SystemCapability.Account.OsAccount 4945 4946**Required permissions**: ohos.permission.USE_USER_IDM 4947 4948**Parameters** 4949 4950| Name | Type | Mandatory| Description | 4951| -------- | ----------------------------------- | ---- | -------- | 4952| options | [GetAuthInfoOptions](#getauthinfooptions12) | No | Optional parameters for obtaining authentication information. This parameter is left empty by default, indicating that all enrolled credential information of the current user is obtained.| 4953 4954**Return value** 4955 4956| Type | Description | 4957| :------------------------------------------- | :----------------------------------------------------------------------- | 4958| Promise<Array<[EnrolledCredInfo](#enrolledcredinfo8)>> | Promise used to return the information about all the enrolled credentials of the specified type.| 4959 4960**Error codes** 4961 4962| ID| Error Message | 4963| -------- | ------------------- | 4964| 201 | Permission denied.| 4965| 202 | Not system application.| 4966| 401 | Parameter error. Possible causes: Incorrect parameter types. | 4967| 12300001 | The system service works abnormally. | 4968| 12300002 | Invalid options. | 4969| 12300003 | Account not found. | 4970 4971**Example** 4972 ```ts 4973 import { BusinessError } from '@kit.BasicServicesKit'; 4974 let userIDM = new osAccount.UserIdentityManager(); 4975 let options: osAccount.GetAuthInfoOptions = { 4976 authType: osAccount.AuthType.PIN, 4977 accountId: 100, 4978 }; 4979 try { 4980 userIDM.getAuthInfo(options).then((result: osAccount.EnrolledCredInfo[]) => { 4981 console.log('getAuthInfo result = ' + JSON.stringify(result)) 4982 }).catch((err: BusinessError) => { 4983 console.error('getAuthInfo error = ' + JSON.stringify(err)); 4984 }); 4985 } catch (e) { 4986 console.error('getAuthInfo exception = ' + JSON.stringify(e)); 4987 } 4988 ``` 4989 4990### getEnrolledId<sup>12+</sup> 4991 4992getEnrolledId(authType: AuthType, accountId?: number): Promise<Uint8Array> 4993 4994Obtains the ID of the enrolled credential based on the credential type and account ID (optional). This API uses a promise to return the result. 4995 4996**System API**: This is a system API. 4997 4998**System capability**: SystemCapability.Account.OsAccount 4999 5000**Required permissions**: ohos.permission.USE_USER_IDM 5001 5002**Parameters** 5003 5004| Name | Type | Mandatory| Description | 5005| -------- | ---------------------- | ---- | -------- | 5006| authType | [AuthType](#authtype8) | Yes | Credential type.| 5007| accountId | number | No | System account ID, which is left blank by default.| 5008 5009**Return value** 5010 5011| Type | Description | 5012| :------------------------ | :----------------------------------------------------------------------- | 5013| Promise<Uint8Array> | Promise used to return the credential ID obtained.| 5014 5015**Error codes** 5016 5017| ID| Error Message | 5018| -------- | ------------------- | 5019| 201 | Permission denied.| 5020| 202 | Not system application.| 5021| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types. | 5022| 12300001 | The system service works abnormally. | 5023| 12300002 | Invalid authType. | 5024| 12300003 | Account not found. | 5025| 12300102 | The credential does not exist. | 5026| 12300106 | The authentication type is not supported. | 5027 5028**Example** 5029 ```ts 5030 import { BusinessError } from '@kit.BasicServicesKit'; 5031 let userIDM = new osAccount.UserIdentityManager(); 5032 let authType: osAccount.AuthType = osAccount.AuthType.PIN; 5033 let accountId = 100; 5034 try { 5035 userIDM.getEnrolledId(authType, accountId).then((enrolledId: Uint8Array) => { 5036 console.info('getEnrolledId enrolledId = ' + JSON.stringify(enrolledId)); 5037 }).catch((err: BusinessError) => { 5038 console.error('getEnrolledId error = ' + JSON.stringify(err)); 5039 }); 5040 } catch (e) { 5041 console.error('getEnrolledId exception = ' + JSON.stringify(e)); 5042 } 5043 ``` 5044 5045## IInputData<sup>8+</sup> 5046 5047Provides callbacks for PIN operations. 5048 5049**System API**: This is a system API. 5050 5051### onSetData<sup>8+</sup> 5052 5053onSetData: (authSubType: AuthSubType, data: Uint8Array) => void; 5054 5055**System API**: This is a system API. 5056 5057Called to notify the caller the data is set. 5058 5059**System capability**: SystemCapability.Account.OsAccount 5060 5061**Parameters** 5062 5063| Name | Type | Mandatory| Description | 5064| ---------- | ---------------------------------------- | ---- | ----------------------------------------------- | 5065| authSubType | [AuthSubType](#authsubtype8) | Yes | Credential subtype. | 5066| data | Uint8Array | Yes | Data (credential) to set. The data is used for authentication and operations for adding and modifying credentials.| 5067 5068**Error codes** 5069 5070| ID| Error Message | 5071| -------- | ------------------- | 5072| 202 | Not system application.| 5073| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 2. Incorrect parameter types. | 5074| 12300002 | Invalid pinSubType. | 5075 5076**Example** 5077 ```ts 5078 let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]); 5079 let passwordNumber: Uint8Array = new Uint8Array([1, 2, 3, 4]); 5080 let inputer: osAccount.IInputer = { 5081 onGetData: (authSubType: osAccount.AuthSubType, callback: osAccount.IInputData) => { 5082 if (authSubType == osAccount.AuthSubType.PIN_NUMBER) { 5083 callback.onSetData(authSubType, passwordNumber); 5084 } else { 5085 callback.onSetData(authSubType, password); 5086 } 5087 } 5088 }; 5089 ``` 5090 5091## IInputer<sup>8+</sup> 5092 5093Provides callbacks for credential inputers. 5094 5095**System API**: This is a system API. 5096 5097### onGetData<sup>8+</sup> 5098 5099onGetData: (authSubType: AuthSubType, callback: IInputData, options: GetInputDataOptions) => void; 5100 5101Called to notify the caller that data is obtained. 5102 5103**System API**: This is a system API. 5104 5105**System capability**: SystemCapability.Account.OsAccount 5106 5107**Parameters** 5108 5109| Name | Type | Mandatory| Description | 5110| ---------- | --------------------------------------- | ---- | --------------- | 5111| authSubType | [AuthSubType](#authsubtype8) | Yes| Authentication credential subtype.| 5112| callback | [IInputData](#iinputdata8) | Yes | Callback used to return the PIN data.| 5113| options | [GetInputDataOptions](#getinputdataoptions-12) | Yes| Optional parameters for the callback function.| 5114 5115**Example** 5116 ```ts 5117 let password: Uint8Array = new Uint8Array([0, 0, 0, 0, 0, 0]); 5118 let passwordNumber: Uint8Array = new Uint8Array([1, 2, 3, 4]); 5119 let inputer: osAccount.IInputer = { 5120 onGetData: (authSubType: osAccount.AuthSubType, 5121 callback: osAccount.IInputData, options: osAccount.GetInputDataOptions) => { 5122 if (authSubType == osAccount.AuthSubType.PIN_NUMBER) { 5123 callback.onSetData(authSubType, passwordNumber); 5124 } else { 5125 callback.onSetData(authSubType, password); 5126 } 5127 } 5128 }; 5129 let pinAuth: osAccount.PINAuth = new osAccount.PINAuth(); 5130 let result = pinAuth.registerInputer(inputer); 5131 console.log('registerInputer result: ' + result); 5132 ``` 5133 5134## IUserAuthCallback<sup>8+</sup> 5135 5136Provides callbacks for user authentication. 5137 5138**System API**: This is a system API. 5139 5140### onResult<sup>8+</sup> 5141 5142onResult: (result: number, extraInfo: AuthResult) => void; 5143 5144Called to return the result code and authentication result. 5145 5146**System API**: This is a system API. 5147 5148**System capability**: SystemCapability.Account.OsAccount 5149 5150**Parameters** 5151 5152| Name | Type | Mandatory| Description | 5153| --------- | --------------------------------------- | ---- | ------------------- | 5154| result | number | Yes | Authentication result code.| 5155| extraInfo | [AuthResult](#authresult8) | Yes | Specific authentication result information. If the authentication is successful, the authentication token is returned in **extrainfo**. If the authentication fails, the remaining authentication time is returned. If the authentication executor is locked, the freezing time is returned.| 5156 5157**Example** 5158 ```ts 5159 let authCallback: osAccount.IUserAuthCallback = { 5160 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 5161 console.log('auth result = ' + result); 5162 console.log('auth extraInfo = ' + JSON.stringify(extraInfo)); 5163 } 5164 }; 5165 ``` 5166 5167### onAcquireInfo?<sup>8+</sup> 5168 5169onAcquireInfo?: (module: number, acquire: number, extraInfo: Uint8Array) => void; 5170 5171Called to acquire identity authentication information. 5172 5173**System API**: This is a system API. 5174 5175**System capability**: SystemCapability.Account.OsAccount 5176 5177**Parameters** 5178 5179| Name | Type | Mandatory| Description | 5180| --------- | ------- | ---- | ----------------------------- | 5181| module | number | Yes | Type of authentication executor. | 5182| acquire | number | Yes | Tip code of the authentication executor.| 5183| extraInfo | Uint8Array | Yes | Reserved. | 5184 5185**Example** 5186 ```ts 5187 let authCallback: osAccount.IUserAuthCallback = { 5188 onResult: (result: number, extraInfo: osAccount.AuthResult) => { 5189 console.log('auth result = ' + result) 5190 console.log('auth extraInfo = ' + JSON.stringify(extraInfo)); 5191 }, 5192 onAcquireInfo: (module: number, acquire: number, extraInfo: Uint8Array) => { 5193 console.log('auth module = ' + module); 5194 console.log('auth acquire = ' + acquire); 5195 console.info('auth extraInfo = ' + JSON.stringify(extraInfo)); 5196 } 5197 }; 5198 ``` 5199 5200## IIdmCallback<sup>8+</sup> 5201 5202Provides callbacks for IDM. 5203 5204**System API**: This is a system API. 5205 5206### onResult<sup>8+</sup> 5207 5208onResult: (result: number, extraInfo: RequestResult) => void; 5209 5210Called to return the result code and request result information. 5211 5212**System API**: This is a system API. 5213 5214**System capability**: SystemCapability.Account.OsAccount 5215 5216**Parameters** 5217 5218| Name | Type | Mandatory| Description | 5219| --------- | --------------------------------------- | ---- | ----------------------- | 5220| result | number | Yes | Authentication result code. | 5221| extraInfo | [RequestResult](#requestresult8) | Yes | Specific information to be transferred.| 5222 5223**Example** 5224 ```ts 5225 let idmCallback: osAccount.IIdmCallback = { 5226 onResult: (result: number, extraInfo: osAccount.RequestResult) => { 5227 console.log('callback result = ' + result) 5228 console.info('callback extraInfo = ' + JSON.stringify(extraInfo)); 5229 } 5230 }; 5231 ``` 5232 5233### onAcquireInfo?<sup>8+</sup> 5234 5235onAcquireInfo?: (module: number, acquire: number, extraInfo: Uint8Array) => void; 5236 5237Called to acquire IDM information. 5238 5239**System API**: This is a system API. 5240 5241**System capability**: SystemCapability.Account.OsAccount 5242 5243**Parameters** 5244 5245| Name | Type | Mandatory| Description | 5246| --------- | ------- | ---- | ----------------------------- | 5247| module | number | Yes | Type of authentication executor. | 5248| acquire | number | Yes | Tip code of the authentication executor.| 5249| extraInfo | Uint8Array | Yes | Reserved. | 5250 5251**Example** 5252 ```ts 5253 let idmCallback: osAccount.IIdmCallback = { 5254 onResult: (result: number, extraInfo: Object) => { 5255 console.log('callback result = ' + result) 5256 console.log('callback onResult = ' + JSON.stringify(extraInfo)); 5257 }, 5258 onAcquireInfo: (module: number, acquire: number, extraInfo: Uint8Array) => { 5259 console.log('callback module = ' + module); 5260 console.log('callback acquire = ' + acquire); 5261 console.log('callback onacquireinfo = ' + JSON.stringify(extraInfo)); 5262 } 5263 }; 5264 ``` 5265 5266## GetPropertyRequest<sup>8+</sup> 5267 5268Defines the request for obtaining property information. 5269 5270**System API**: This is a system API. 5271 5272**System capability**: SystemCapability.Account.OsAccount 5273 5274| Name | Type | Mandatory | Description | 5275| -------- | ------------------------------------------------------------- | ----- | ----------------------- | 5276| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 5277| keys | Array<[GetPropertyType](#getpropertytype8)> | Yes | An array of the types of the properties to obtain.| 5278| accountId<sup>12+</sup> | number | No| System account ID, which is **undefined** by default.| 5279 5280## SetPropertyRequest<sup>8+</sup> 5281 5282Defines the request for setting property information. 5283 5284**System API**: This is a system API. 5285 5286**System capability**: SystemCapability.Account.OsAccount 5287 5288| Name | Type | Mandatory | Description | 5289| -------- | ------------------------------------------------ | ----- | -------------------- | 5290| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 5291| key | [SetPropertyType](#setpropertytype8) | Yes | Type of the property to set.| 5292| setInfo | Uint8Array | Yes | Information to set. | 5293 5294## ExecutorProperty<sup>8+</sup> 5295 5296Defines the executor property. 5297 5298**System API**: This is a system API. 5299 5300**System capability**: SystemCapability.Account.OsAccount 5301 5302| Name | Type | Read-Only| Optional| Description | 5303| ------------ | ---------------------------- | ----- | -----|----------------- | 5304| result | number | No | No | Result. | 5305| authSubType | [AuthSubType](#authsubtype8) | No | No | Authentication credential subtype.| 5306| remainTimes | number | No | Yes | Number of remaining authentication times, which is **-1** by default. | 5307| freezingTime | number | No | Yes | Freezing time, which is **-1** by default. | 5308| enrollmentProgress<sup>10+</sup> | string | No | Yes | Enrollment progress, which is left blank by default.| 5309| sensorInfo<sup>10+</sup> | string | No | Yes | Sensor information, which is left blank by default.| 5310| nextPhaseFreezingTime<sup>12+</sup> | number | No | Yes | Next freezing time, which is **undefined** by default.| 5311| credentialLength<sup>20+</sup> | number | No | Yes | Credential length, which is **undefined** by default. When credentials with indefinite-length attributes such as biometric information are queried, **undefined** is returned.| 5312 5313## AuthResult<sup>8+</sup> 5314 5315Defines the authentication result information. 5316 5317**System API**: This is a system API. 5318 5319**System capability**: SystemCapability.Account.OsAccount 5320 5321| Name | Type | Mandatory | Description | 5322| ------------ | ----------- | ----- | ----------------- | 5323| token | Uint8Array | No | Authentication token, which is left blank by default. | 5324| remainTimes | number | No | Number of remaining authentication times, which is left blank by default. | 5325| freezingTime | number | No | Freezing time. By default, no value is passed in. | 5326| nextPhaseFreezingTime<sup>12+</sup> | number | No | Next freezing time, which is **undefined** by default.| 5327| credentialId<sup>12+</sup> | Uint8Array | No | Credential ID, which is left blank by default.| 5328| accountId<sup>12+</sup> | number | No | System account ID, which is **undefined** by default.| 5329| pinValidityPeriod<sup>12+</sup> | number | No | Authentication validity period, which is **undefined** by default.| 5330 5331## CredentialInfo<sup>8+</sup> 5332 5333Defines the credential information. 5334 5335**System API**: This is a system API. 5336 5337**System capability**: SystemCapability.Account.OsAccount 5338 5339| Name | Type | Mandatory | Description | 5340| ------------ | ---------------------------------------- | ----- | ----------------- | 5341| credType | [AuthType](#authtype8) | Yes | Authentication credential type. | 5342| credSubType | [AuthSubType](#authsubtype8) | Yes | Authentication credential subtype. | 5343| token | Uint8Array | Yes | Authentication token. | 5344| accountId<sup>12+</sup> | number | No | System account ID, which is **undefined** by default.| 5345 5346## RequestResult<sup>8+</sup> 5347 5348Defines the request result information. 5349 5350**System API**: This is a system API. 5351 5352**System capability**: SystemCapability.Account.OsAccount 5353 5354| Name | Type | Mandatory | Description | 5355| ------------ | ----------- | ----- | ----------------- | 5356| credentialId | Uint8Array | No | Credential ID, which is left blank by default. | 5357 5358## EnrolledCredInfo<sup>8+</sup> 5359 5360Defines enrolled credential information. 5361 5362**System API**: This is a system API. 5363 5364**System capability**: SystemCapability.Account.OsAccount 5365 5366| Name | Type | Mandatory | Description | 5367| ------------ | ---------------------------------------- | ----- | ------------------- | 5368| credentialId | Uint8Array | Yes | Credential ID. | 5369| authType | [AuthType](#authtype8) | Yes | Authentication credential type. | 5370| authSubType | [AuthSubType](#authsubtype8) | Yes | Credential subtype.| 5371| templateId | Uint8Array | Yes | Authentication credential template ID. | 5372| isAbandoned<sup>20+</sup> | boolean | No | Whether the credential is abandoned, which is **undefined** by default. The abandoned credential may be stored as a backup credential for a period of time. | 5373| validityPeriod<sup>20+</sup> | number | No | Validity period of the credential. The default value is **undefined**. | 5374 5375## GetPropertyType<sup>8+</sup> 5376 5377Enumerates the types of properties to obtain. 5378 5379**System API**: This is a system API. 5380 5381**System capability**: SystemCapability.Account.OsAccount 5382 5383| Name | Value| Description | 5384| ------------- | ------ | --------- | 5385| AUTH_SUB_TYPE | 1 | Authentication credential subtype.| 5386| REMAIN_TIMES | 2 | Number of remaining times. | 5387| FREEZING_TIME | 3 | Freezing time. | 5388| ENROLLMENT_PROGRESS<sup>10+</sup> | 4 | Enrollment progress. | 5389| SENSOR_INFO<sup>10+</sup> | 5 | Sensor information. | 5390| NEXT_PHASE_FREEZING_TIME<sup>12+</sup> | 6 | Next freezing time.| 5391| CREDENTIAL_LENGTH<sup>20+</sup> | 7 | Credential length.| 5392 5393## SetPropertyType<sup>8+</sup> 5394 5395Enumerates the types of properties to set. 5396 5397**System API**: This is a system API. 5398 5399**System capability**: SystemCapability.Account.OsAccount 5400 5401| Name | Value| Description | 5402| -------------- | ----- | ----------- | 5403| INIT_ALGORITHM | 1 | Initialization algorithm.| 5404 5405## AuthType<sup>8+</sup> 5406 5407Enumerates the authentication credential types. 5408 5409**System API**: This is a system API. 5410 5411**System capability**: SystemCapability.Account.OsAccount 5412 5413| Name | Value| Description | 5414| ----- | ----- | ---------------- | 5415| PIN | 1 | PIN authentication.| 5416| FACE | 2 | Facial authentication.| 5417| FINGERPRINT<sup>10+</sup> | 4 | Fingerprint authentication.| 5418| RECOVERY_KEY<sup>12+</sup> | 8 | Key recovery type.| 5419| PRIVATE_PIN<sup>14+</sup> | 16 | Private PIN type.| 5420| DOMAIN<sup>9+</sup> | 1024 | Domain authentication.| 5421 5422## AuthSubType<sup>8+</sup> 5423 5424Enumerates the authentication credential subtypes. 5425 5426**System API**: This is a system API. 5427 5428**System capability**: SystemCapability.Account.OsAccount 5429 5430| Name | Value| Description | 5431| ---------- | ----- | ------------------ | 5432| PIN_SIX | 10000 | Six-digit PIN. | 5433| PIN_NUMBER | 10001 | Custom PIN.| 5434| PIN_MIXED | 10002 | Custom mixed credentials.| 5435| PIN_FOUR<sup>12+</sup> | 10003 | 4-digit credential.| 5436| PIN_PATTERN<sup>12+</sup> | 10004 | Pattern credential.| 5437| PIN_QUESTION<sup>14+</sup> | 10005 | Security question credential.| 5438| FACE_2D | 20000 | 2D face credential. | 5439| FACE_3D | 20001 | 3D face credential. | 5440| FINGERPRINT_CAPACITIVE<sup>10+</sup> | 30000 | Capacitive fingerprint. | 5441| FINGERPRINT_OPTICAL<sup>10+</sup> | 30001 | Optical fingerprint. | 5442| FINGERPRINT_ULTRASONIC<sup>10+</sup> | 30002 | Ultrasonic fingerprint. | 5443| DOMAIN_MIXED<sup>9+</sup> | 10240001 | Mixed domain authentication credentials. | 5444 5445## AuthTrustLevel<sup>8+</sup> 5446 5447Enumerates the trust levels of the authentication result. 5448 5449**System API**: This is a system API. 5450 5451**System capability**: SystemCapability.Account.OsAccount 5452 5453| Name | Value| Description | 5454| ---- | ------ | ----------- | 5455| ATL1 | 10000 | Trust level 1.| 5456| ATL2 | 20000 | Trust level 2.| 5457| ATL3 | 30000 | Trust level 3.| 5458| ATL4 | 40000 | Trust level 4.| 5459 5460## Module<sup>8+</sup> 5461 5462Enumerates the modules from which information is obtained. 5463 5464**System API**: This is a system API. 5465 5466**System capability**: SystemCapability.Account.OsAccount 5467 5468| Name | Value| Description | 5469| --------- | ------ | ------------------------ | 5470| FACE_AUTH | 1 | Facial authentication module.| 5471 5472## ResultCode<sup>8+</sup> 5473 5474Enumerates the authentication result codes. 5475 5476**System API**: This is a system API. 5477 5478**System capability**: SystemCapability.Account.OsAccount 5479 5480| Name | Value| Description | 5481| ----------------------- | ----- | ---------------------------------------- | 5482| SUCCESS | 0 | The authentication is successful or the authentication feature is supported. | 5483| FAIL | 1 | The authentication executor failed to identify the user. | 5484| GENERAL_ERROR | 2 | Other errors. | 5485| CANCELED | 3 | The authentication is canceled. | 5486| TIMEOUT | 4 | The authentication timed out. | 5487| TYPE_NOT_SUPPORT | 5 | The authentication credential type is not supported. | 5488| TRUST_LEVEL_NOT_SUPPORT | 6 | The authentication trust level is not supported. | 5489| BUSY | 7 | The authentication executor is busy. Try again after a few seconds.| 5490| INVALID_PARAMETERS | 8 | Incorrect parameters are detected. | 5491| LOCKED | 9 | The authentication executor is locked. | 5492| NOT_ENROLLED | 10 | The authentication executor is not enrolled. | 5493 5494## FaceTipsCode<sup>8+</sup> 5495 5496Enumerates the tip codes for facial authentication. 5497 5498**System API**: This is a system API. 5499 5500**System capability**: SystemCapability.Account.OsAccount 5501 5502| Name | Value| Description | 5503| ----------------------------- | ----- | ---------------------------------------- | 5504| FACE_AUTH_TIP_TOO_BRIGHT | 1 | The obtained face image is too bright. | 5505| FACE_AUTH_TIP_TOO_DARK | 2 | The obtained face image is too dark. | 5506| FACE_AUTH_TIP_TOO_CLOSE | 3 | The face is too close to the device. | 5507| FACE_AUTH_TIP_TOO_FAR | 4 | The face is too far away from the device. | 5508| FACE_AUTH_TIP_TOO_HIGH | 5 | Only the upper part of the face is captured because the device is angled too high. | 5509| FACE_AUTH_TIP_TOO_LOW | 6 | Only the lower part of the face is captured because the device is angled too low. | 5510| FACE_AUTH_TIP_TOO_RIGHT | 7 | Only the right part of the face is captured because the device is angled too much to the right.| 5511| FACE_AUTH_TIP_TOO_LEFT | 8 | Only the left part of the face is captured because the device is angled too much to the left.| 5512| FACE_AUTH_TIP_TOO_MUCH_MOTION | 9 | The face moves too fast during facial information collection. | 5513| FACE_AUTH_TIP_POOR_GAZE | 10 | The face is not facing the device. | 5514| FACE_AUTH_TIP_NOT_DETECTED | 11 | No face is detected. | 5515 5516## FingerprintTips<sup>8+</sup> 5517 5518Enumerates the tip codes for fingerprint authentication. 5519 5520**System API**: This is a system API. 5521 5522**System capability**: SystemCapability.Account.OsAccount 5523 5524| Name | Value| Description | 5525| ----------------------------- | ----- | ----------------------------------------------- | 5526| FINGERPRINT_TIP_GOOD | 0 | The captured image is clear. | 5527| FINGERPRINT_TIP_IMAGER_DIRTY | 1 | The fingerprint image has big noise due to dirt on the sensor.| 5528| FINGERPRINT_TIP_INSUFFICIENT | 2 | Failed to process the fingerprint image due to big noise. | 5529| FINGERPRINT_TIP_PARTIAL | 3 | Only part of the fingerprint image is detected. | 5530| FINGERPRINT_TIP_TOO_FAST | 4 | The fingerprint image is incomplete due to quick motion. | 5531| FINGERPRINT_TIP_TOO_SLOW | 5 | Failed to read the fingerprint image due to lack of motion. | 5532| FINGERPRINT_TIP_FINGER_DOWN<sup>10+</sup> | 6 | Press your finger. | 5533| FINGERPRINT_TIP_FINGER_UP<sup>10+</sup> | 7 | Lift your finger. | 5534 5535## OsAccountInfo 5536 5537Represents the system account information. 5538 5539**System capability**: SystemCapability.Account.OsAccount 5540 5541| Name | Type | Mandatory| Description | 5542| ----------- | ------ | ---- | ---------- | 5543| shortName<sup>12+</sup> | string | No | Short name of the system account.<br>**System API**: This is a system API and is left blank by default.| 5544| isLoggedIn<sup>12+</sup> | boolean | No | Whether the system account is logged in. The value **true** means that the system account has logged in; the value **false** means the opposite.<br>**System API**: This is a system API. The default value is **false**.| 5545 5546## OsAccountType 5547 5548Enumerates the system account types. 5549 5550**System capability**: SystemCapability.Account.OsAccount 5551 5552| Name | Value| Description | 5553| ------ | ------ | ----------- | 5554| PRIVATE<sup>12+</sup> | 1024 | Privacy account. Only one privacy account is allowed.<br>**System API**: This is a system API. | 5555 5556## DomainAccountInfo<sup>8+</sup> 5557 5558Represents domain account information. 5559 5560**System capability**: SystemCapability.Account.OsAccount 5561 5562| Name | Type | Mandatory| Description | 5563| ----------- | ------ | ---- | ---------- | 5564| accountId<sup>10+</sup> | string | No | Domain account ID.<br>**System API**: This is a system API and is **undefined** by default.| 5565| isAuthenticated<sup>11+</sup>| boolean | No| Whether the domain account has been authenticated. The value **true** means that the specified domain account has been authenticated; the value **false** means the opposite.<br>**System API**: This is a system API. The default value is **false**.| 5566 5567## ConstraintSourceTypeInfo<sup>9+</sup> 5568 5569Defines the constraint source type. 5570 5571**System API**: This is a system API. 5572 5573**System capability**: SystemCapability.Account.OsAccount 5574 5575| Name | Type | Mandatory| Description | 5576| ----------- | ------ | ---- | ---------- | 5577| localId | number | Yes | ID of the target system account. | 5578| type | [ConstraintSourceType](#constraintsourcetype9) | Yes | Type of the constrain source.| 5579 5580## ConstraintSourceType<sup>9+</sup> 5581 5582Enumerates the constraint sources. 5583 5584**System API**: This is a system API. 5585 5586**System capability**: SystemCapability.Account.OsAccount 5587 5588| Name | Value| Description | 5589| ------ | ------ | ------------ | 5590| CONSTRAINT_NOT_EXIST | 0 | The constraint does not exist.| 5591| CONSTRAINT_TYPE_BASE | 1 | Constraint from system settings. | 5592| CONSTRAINT_TYPE_DEVICE_OWNER | 2 | Constraint from the device owners' settings. | 5593| CONSTRAINT_TYPE_PROFILE_OWNER | 3 | Constraint from the profile owners' settings. | 5594 5595## AuthStatusInfo<sup>10+</sup> 5596 5597Presents the authentication status information. 5598 5599**System API**: This is a system API. 5600 5601**System capability**: SystemCapability.Account.OsAccount 5602 5603| Name | Type | Mandatory| Description | 5604| ----------- | ------ | ---- | ---------- | 5605| remainTimes | number | Yes | Number of remaining times. | 5606| freezingTime | number | Yes | Freezing time.| 5607 5608## GetDomainAccessTokenOptions<sup>10+</sup> 5609 5610Defines the options for obtaining a domain access token. 5611 5612**System API**: This is a system API. 5613 5614**System capability**: SystemCapability.Account.OsAccount 5615 5616| Name | Type | Mandatory| Description | 5617| ----------- | ------ | ---- | ---------- | 5618| domainAccountInfo | [DomainAccountInfo](#domainaccountinfo8) | Yes | Domain account information. | 5619| domainAccountToken | Uint8Array | Yes | Token of the domain account.| 5620| businessParams | Record<string, Object> | Yes | Service parameters customized by the service party based on the request protocol.| 5621| callerUid | number | Yes | Unique identifier of the caller.| 5622 5623## GetDomainAccountInfoOptions<sup>10+</sup> 5624 5625Defines the options for obtaining domain account information. 5626 5627**System API**: This is a system API. 5628 5629**System capability**: SystemCapability.Account.OsAccount 5630 5631| Name | Type | Mandatory| Description | 5632| ----------- | ------ | ---- | ---------- | 5633| accountName | string | Yes | Domain account name.| 5634| domain | string | No | Domain name, which is **undefined** by default.| 5635| serverConfigId<sup>12+</sup>| string | No| ID of the server to which the domain account belongs, which is **undefined** by default.| 5636 5637## GetDomainAccountInfoPluginOptions<sup>10+</sup> 5638 5639Defines the options for the domain plug-in to obtain the domain account information. The **GetDomainAccountInfoPluginOptions** class inherits from [**GetDomainAccountInfoOptions**](#getdomainaccountinfooptions10). 5640 5641**System API**: This is a system API. 5642 5643**System capability**: SystemCapability.Account.OsAccount 5644 5645| Name | Type | Mandatory| Description | 5646| ----------- | ------ | ---- | ---------- | 5647| callerUid | number | Yes | Unique identifier of the caller.| 5648 5649## OsAccountSwitchEventData<sup>12+</sup> 5650 5651Defines the event that indicates the start or end of a foreground-background system account switchover. 5652 5653**System API**: This is a system API. 5654 5655**System capability**: SystemCapability.Account.OsAccount 5656 5657| Name | Type | Mandatory| Description | 5658| ----------- | ------ | ---- | ---------- | 5659| fromAccountId | number | Yes | System account ID before the switchover.| 5660| toAccountId | number | Yes | System account ID after the switchover.| 5661 5662## CreateOsAccountOptions<sup>12+</sup> 5663 5664Represents the optional parameter used to create a system account. 5665 5666**System API**: This is a system API. 5667 5668**System capability**: SystemCapability.Account.OsAccount 5669 5670| Name | Type | Mandatory| Description | 5671| ----------- | ------ | ---- | ---------- | 5672| shortName | string | Yes | Short name of the account (used as the name of the personal folder).<br>**The short name cannot**:<br>Contain any of the following characters: \< \>\| : " * ? / \\<br>Contain any of the following: . or ..<br>Exceed 255 characters.| 5673| disallowedPreinstalledBundles<sup>19+</sup> | Array<string> | No | Forbidden list of the preinstalled applications, which cannot be installed on the device. The value is empty by default.| 5674| allowedPreinstalledBundles<sup>19+</sup> | Array<string> | No | Trustlist of the preinstalled applications, which can be installed on the device. The default value is **std::nullopt**.| 5675 5676## CreateOsAccountForDomainOptions<sup>12+</sup> 5677 5678Represents a set of optional parameters for creating a system account bound to the specified domain account. It inherits from [CreateOsAccountOptions](#createosaccountoptions12). 5679 5680**System API**: This is a system API. 5681 5682**System capability**: SystemCapability.Account.OsAccount 5683 5684| Name | Type | Mandatory| Description | 5685| ----------- | ------ | ---- | ---------- | 5686| shortName | string | Yes | Short name of the account (used as the name of the personal folder).<br>**The short name cannot**:<br>Contain any of the following characters: \< \>\| : " * ? / \\<br>Contain any of the following: . or ..<br>Exceed 255 characters.| 5687 5688## GetAuthInfoOptions<sup>12+</sup> 5689 5690Represents a set of optional parameters for [GetAuthInfo](#getauthinfo12). 5691 5692**System API**: This is a system API. 5693 5694**System capability**: SystemCapability.Account.OsAccount 5695 5696| Name | Type | Mandatory| Description | 5697| --------- | ---------------------- | ---- | ---------- | 5698| authType | [AuthType](#authtype8) | No | Authentication type, which is **undefined** by default.| 5699| accountId | number | No | System account ID, which is **undefined** by default.| 5700 5701## AuthIntent<sup>12+</sup> 5702 5703Enumerates the authentication intents. 5704 5705**System API**: This is a system API. 5706 5707**System capability**: SystemCapability.Account.OsAccount 5708 5709| Name | Value | Description | 5710| -------- | --- | ---------- | 5711| UNLOCK | 1 | Unlock.| 5712| SILENT_AUTH<sup>14+</sup> | 2 | Silent authentication.| 5713| QUESTION_AUTH<sup>14+</sup> | 3 | Security question authentication.| 5714| ABANDONED_PIN_AUTH<sup>20+</sup> | 4 | Abandoned PIN authentication. After a user changes the lock screen password, the old PIN is abandoned. If a user forgets the current password, the user can reset the lock screen password after passing the authentication with the abandoned PIN.| 5715 5716## RemoteAuthOptions<sup>12+</sup> 5717 5718Represents a set of optional parameters for remote authentication. 5719 5720**System API**: This is a system API. 5721 5722**System capability**: SystemCapability.Account.OsAccount 5723 5724| Name | Type | Mandatory| Description | 5725| ------------------ | ------ | ---- | ---------- | 5726| verifierNetworkId | string | No | Network ID of the credential verifier, which is left blank by default.| 5727| collectorNetworkId | string | No | Network ID of the credential collector, which is left blank by default.| 5728| collectorTokenId | number | No | Token ID of the credential collector, which is **undefined** by default.| 5729 5730## AuthOptions<sup>12+</sup> 5731 5732Represents a set of optional parameters for [auth](#auth12). 5733 5734**System API**: This is a system API. 5735 5736**System capability**: SystemCapability.Account.OsAccount 5737 5738| Name | Type | Mandatory| Description | 5739| ------------------ | ------ | ---- | ---------- | 5740| accountId | number | No | System account ID, which is **undefined** by default.| 5741| authIntent | [AuthIntent](#authintent12) | No | Authentication intent, which is **undefined** by default.| 5742| remoteAuthOptions | [RemoteAuthOptions](#remoteauthoptions12) | No | Remote authentication options, which is **undefined** by default.| 5743 5744## GetInputDataOptions <sup>12+</sup> 5745 5746Represents a set of optional parameters for [onGetData](#ongetdata8). 5747 5748**System API**: This is a system API. 5749 5750**System capability**: SystemCapability.Account.OsAccount 5751 5752| Name | Type | Mandatory| Description | 5753| ------------------ | ------ | ---- | ---------- | 5754| challenge | Uint8Array | No | Challenge value, which is **undefined** by default.| 5755