• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# @ohos.enterprise.accountManager (Account Management)
2
3The **accountManager** module provides APIs for account management of enterprise devices.
4
5> **NOTE**
6>
7> - The initial APIs of this module are supported since API version 12. Newly added APIs will be marked with a superscript to indicate their earliest API version.
8>
9> - The APIs of this module can be used only in the stage model.
10>
11> - The APIs of this module can be called only by a [device administrator application](../../mdm/mdm-kit-guide.md#introduction) that is enabled.
12
13## Modules to Import
14
15```ts
16import { accountManager } from '@kit.MDMKit';
17```
18
19## accountManager.disallowOsAccountAddition
20
21disallowOsAccountAddition(admin: Want, disallow: boolean, accountId?: number): void
22
23Disallows a user to add system accounts through the specified device administrator application.
24
25**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
26
27**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
28
29
30
31**Parameters**
32
33| Name   | Type                                                   | Mandatory| Description                                                        |
34| --------- | ------------------------------------------------------- | ---- | ------------------------------------------------------------ |
35| admin     | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes  | EnterpriseAdminExtensionAbility.                                      |
36| disallow  | boolean                                                 | Yes  | Whether to forbid the creation of local user accounts. The value **true** means the creation of local user accounts is forbidden, and the value **false** means the opposite. |
37| accountId | number                                                  | No  | User ID, which specifies a user. If this parameter is not specified, all users are not allowed to add accounts. If this parameter is specified, specified users are not allowed to add accounts. The value must be greater than or equal to 0.<br>You can call the [getOsAccountLocalId](../apis-basic-services-kit/js-apis-osAccount.md#getosaccountlocalid9) API to obtain the user ID.|
38
39**Error codes**
40
41For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md).
42
43| ID| Error Message                                                    |
44| -------- | ------------------------------------------------------------ |
45| 9200001  | The application is not an administrator application of the device. |
46| 9200002  | The administrator application does not have permission to manage the device. |
47| 201      | Permission verification failed. The application does not have the permission required to call the API. |
48| 401      | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
49
50**Example**
51
52```ts
53import { Want } from '@kit.AbilityKit';
54let wantTemp: Want = {
55  bundleName: 'com.example.myapplication',
56  abilityName: 'EntryAbility',
57};
58
59try {
60  accountManager.disallowOsAccountAddition(wantTemp, true, 100);
61  console.info('Succeeded in disallowing os account addition.');
62} catch (err) {
63  console.error(`Failed to disallow os account addition. Code: ${err.code}, message: ${err.message}`);
64}
65```
66
67## accountManager.isOsAccountAdditionDisallowed
68
69isOsAccountAdditionDisallowed(admin: Want, accountId?: number): boolean
70
71Checks whether a user is not allowed to add system accounts through the specified device administrator application.
72
73**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
74
75**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
76
77
78
79**Parameters**
80
81| Name   | Type                                                   | Mandatory| Description                                                        |
82| --------- | ------------------------------------------------------- | ---- | ------------------------------------------------------------ |
83| admin     | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes  | EnterpriseAdminExtensionAbility.                                      |
84| accountId | number                                                  | No  | User ID, which specifies a user. If this parameter is not specified, the system queries whether all users are not allowed to add accounts. If this parameter is specified, the system queries whether specified users are not allowed to add accounts. The value must be greater than or equal to 0.<br>You can call the [getOsAccountLocalId](../apis-basic-services-kit/js-apis-osAccount.md#getosaccountlocalid9) API to obtain the user ID.|
85
86**Return value**
87
88| Type   | Description                                                      |
89| ------- | ---------------------------------------------------------- |
90| boolean | If **true** is returned, accounts cannot be added.<br>If **false** is returned, the account can be added.|
91
92**Error codes**
93
94For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md).
95
96| ID| Error Message                                                    |
97| -------- | ------------------------------------------------------------ |
98| 9200001  | The application is not an administrator application of the device. |
99| 9200002  | The administrator application does not have permission to manage the device. |
100| 201      | Permission verification failed. The application does not have the permission required to call the API. |
101| 401      | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
102
103**Example**
104
105```ts
106import { Want } from '@kit.AbilityKit';
107let wantTemp: Want = {
108  bundleName: 'com.example.myapplication',
109  abilityName: 'EntryAbility',
110};
111
112try {
113  let isDisallowed: boolean = accountManager.isOsAccountAdditionDisallowed(wantTemp, 100);
114  console.info(`Succeeded in querying the os account addition or not: ${isDisallowed}`);
115} catch (err) {
116  console.error(`Failed to query the os account addition or not. Code: ${err.code}, message: ${err.message}`);
117}
118```
119
120## accountManager.addOsAccountAsync
121
122addOsAccountAsync(admin: Want, name: string, type: osAccount.OsAccountType): Promise&lt;osAccount.OsAccountInfo&gt;
123
124Adds an account in the background. This API uses a promise to return the result.
125
126**Required permissions**: ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY
127
128**System capability**: SystemCapability.Customization.EnterpriseDeviceManager
129
130
131
132**Parameters**
133
134| Name| Type                                                        | Mandatory| Description                                                        |
135| ------ | ------------------------------------------------------------ | ---- | ------------------------------------------------------------ |
136| admin  | [Want](../apis-ability-kit/js-apis-app-ability-want.md)      | Yes  | EnterpriseAdminExtensionAbility.                                      |
137| name   | string                                                       | Yes  | Account name, which is the name of the account to be added. An account with the same name or an empty name cannot be created.|
138| type   | [osAccount.OsAccountType](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | Yes  | Type of the account to add.<br>The value can be any of the following:<br>· **ADMIN**: administrator account.<br>· **NORMAL**: normal account.<br>· **GUEST**: guest account.|
139
140**Return value**
141
142| Type                                                        | Description                |
143| ------------------------------------------------------------ | -------------------- |
144| [osAccount.OsAccountInfo](../apis-basic-services-kit/js-apis-osAccount.md#osaccounttype) | Information about the account added.|
145
146**Error codes**
147
148For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md).
149
150| ID| Error Message                                                    |
151| -------- | ------------------------------------------------------------ |
152| 9200001  | The application is not an administrator application of the device. |
153| 9200002  | The administrator application does not have permission to manage the device. |
154| 9201003  | Failed to add an OS account.                                 |
155| 201      | Permission verification failed. The application does not have the permission required to call the API. |
156| 401      | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
157
158**Example**
159
160```ts
161import { Want } from '@kit.AbilityKit';
162import { BusinessError, osAccount } from '@kit.BasicServicesKit';
163let wantTemp: Want = {
164  bundleName: 'com.example.myapplication',
165  abilityName: 'EntryAbility',
166};
167
168accountManager.addOsAccountAsync(wantTemp, "TestAccountName", osAccount.OsAccountType.NORMAL).then((info) => {
169  console.info(`Succeeded in creating os account: ${JSON.stringify(info)}`);
170}).catch((err: BusinessError) => {
171  console.error(`Failed to creating os account. Code: ${err.code}, message: ${err.message}`);
172});
173```
174