# @ohos.enterprise.usbManager (USB Management) The **usbManager** module provides APIs for USB management. > **NOTE** > > The initial APIs of this module are supported since API version 12. Newly added APIs will be marked with a superscript to indicate their earliest API version. > > The APIs of this module can be used only in the stage model. > > The APIs of this module can be called only by a [device administrator application](../../mdm/mdm-kit-guide.md#introduction) that is enabled. > > The global restriction policy is provided by **restrictions**. To disable USB globally, see [@ohos.enterprise.restrictions (restriction policy)](js-apis-enterprise-restrictions.md). ## Modules to Import ```ts import { usbManager } from '@kit.MDMKit'; ``` ## usbManager.addAllowedUsbDevices addAllowedUsbDevices(admin: Want, usbDeviceIds: Array\): void Adds allowed USB devices through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name | Type | Mandatory| Description | | ------------ | ------------------------------------------------------- | ---- | ------------------------------------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | | usbDeviceIds | Array<[UsbDeviceId](#usbdeviceid)> | Yes | IDs of the allowed USB devices to add. This array can hold a maximum of 1000 USB device IDs.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 9200010 | A conflict policy has been configured. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let usbDeviceIds: Array = [{ vendorId: 1, productId: 1 }]; usbManager.addAllowedUsbDevices(wantTemp, usbDeviceIds); console.info(`Succeeded in adding allowed USB devices.`); } catch (err) { console.error(`Failed to add allowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.removeAllowedUsbDevices removeAllowedUsbDevices(admin: Want, usbDeviceIds: Array\): void Removes allowed USB devices through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name | Type | Mandatory| Description | | ------------ | ------------------------------------------------------- | ---- | --------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | | usbDeviceIds | Array<[UsbDeviceId](#usbdeviceid)> | Yes | IDs of the allowed USB devices to remove.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let usbDeviceIds: Array = [{ vendorId: 1, productId: 1 }]; usbManager.removeAllowedUsbDevices(wantTemp, usbDeviceIds); console.info(`Succeeded in removing allowed USB devices.`); } catch (err) { console.error(`Failed to remove allowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.getAllowedUsbDevices getAllowedUsbDevices(admin: Want): Array\ Obtains allowed USB devices through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name| Type | Mandatory| Description | | ------ | ------------------------------------------------------- | ---- | -------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application.| **Return value** | Type | Description | | ---------------------------------- | ------------------------- | | Array<[UsbDeviceId](#usbdeviceid)> | Allowed USB devices obtained.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let result: Array = usbManager.getAllowedUsbDevices(wantTemp); console.info(`Succeeded in getting allowed USB devices. Result: ${JSON.stringify(result)}`); } catch (err) { console.error(`Failed to get allowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.setUsbStorageDeviceAccessPolicy setUsbStorageDeviceAccessPolicy(admin: Want, usbPolicy: UsbPolicy): void Sets the USB storage device access policy through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name | Type | Mandatory| Description | | --------- | ------------------------------------------------------- | ---- | --------------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | | usbPolicy | [UsbPolicy](#usbpolicy) | Yes | USB storage device access policy.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 9200010 | A conflict policy has been configured. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let policy: usbManager.UsbPolicy = usbManager.UsbPolicy.DISABLED; usbManager.setUsbStorageDeviceAccessPolicy(wantTemp, policy); console.info(`Succeeded in setting USB storage device access policy.`); } catch (err) { console.error(`Failed to setting USB storage device access policy. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.getUsbStorageDeviceAccessPolicy getUsbStorageDeviceAccessPolicy(admin: Want): UsbPolicy Obtains the USB storage device access policy through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name| Type | Mandatory| Description | | ------ | ------------------------------------------------------- | ---- | -------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application.| **Return value** | Type | Description | | ----------------------- | --------------------- | | [UsbPolicy](#usbpolicy) | USB storage device access policy obtained.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let result: usbManager.UsbPolicy = usbManager.getUsbStorageDeviceAccessPolicy(wantTemp); console.info(`Succeeded in getting USB storage device access policy. Result: ${JSON.stringify(result)}`); } catch (err) { console.error(`Failed togetting USB storage device access policy. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.addDisallowedUsbDevices14+ addDisallowedUsbDevices(admin: Want, usbDevices: Array\): void Adds disallowed USB device types through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name | Type | Mandatory| Description | | ---------- | ------------------------------------------------------- | ---- | ------------------------------------------------------ | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | | usbDevices | Array<[UsbDeviceType](#usbdevicetype14)> | Yes | USB device types to add, which cannot exceed 200 USB device types.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 9200010 | A conflict policy has been configured. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let usbDevices: Array = [{ baseClass: 8, subClass: 0, protocol: 0, descriptor: usbManager.Descriptor.INTERFACE }]; usbManager.addDisallowedUsbDevices(wantTemp, usbDevices); console.info(`Succeeded in adding disallowed USB devices.`); } catch (err) { console.error(`Failed to add disallowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.removeDisallowedUsbDevices14+ removeDisallowedUsbDevices(admin: Want, usbDevices: Array\): void Removes disallowed USB device types through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name | Type | Mandatory| Description | | ---------- | ------------------------------------------------------- | ---- | --------------------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | | usbDevices | Array<[UsbDeviceType](#usbdevicetype14)> | Yes | USB device types to remove.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let usbDevices: Array = [{ baseClass: 8, subClass: 0, protocol: 0, descriptor: usbManager.Descriptor.INTERFACE }]; usbManager.removeDisallowedUsbDevices(wantTemp, usbDevices); console.info(`Succeeded in removing disallowed USB devices.`); } catch (err) { console.error(`Failed to remove disallowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## usbManager.getDisallowedUsbDevices14+ getDisallowedUsbDevices(admin: Want): Array\ Obtains disallowed USB device types through the specified device administrator application. Required permissions: ohos.permission.ENTERPRISE_MANAGE_USB **System capability**: SystemCapability.Customization.EnterpriseDeviceManager **Parameters** | Name| Type | Mandatory| Description | | ------ | ------------------------------------------------------- | ---- | -------------- | | admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application.| **Return value** | Type | Description | | ---------------------------------------- | ----------------------- | | Array<[UsbDeviceType](#usbdevicetype14)> | Disallowed USB device types obtained.| **Error codes** For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). | ID| Error Message | | -------- | ------------------------------------------------------------ | | 9200001 | The application is not an administrator application of the device. | | 9200002 | The administrator application does not have permission to manage the device. | | 201 | Permission verification failed. The application does not have the permission required to call the API. | | 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | **Example** ```ts import { Want } from '@kit.AbilityKit'; let wantTemp: Want = { bundleName: 'com.example.myapplication', abilityName: 'EntryAbility', }; try { let result: Array = usbManager.getDisallowedUsbDevices(wantTemp); console.info(`Succeeded in getting disallowed USB devices. Result: ${JSON.stringify(result)}`); } catch (err) { console.error(`Failed to get disallowed USB devices. Code: ${err.code}, message: ${err.message}`); } ``` ## UsbDeviceId Represents the USB device identity information. **System capability**: SystemCapability.Customization.EnterpriseDeviceManager | Name | Type | Mandatory| Description | | --------- | ------ | ---- | -------- | | vendorId | number | Yes | Vendor ID.| | productId | number | Yes | Product ID.| ## UsbDeviceType14+ Represents the USB device type information. For details, see https://www.usb.org/defined-class-codes. **System capability**: SystemCapability.Customization.EnterpriseDeviceManager | Name | Type | Mandatory| Description | | ---------- | --------------------------- | ---- | ------------ | | baseClass | number | Yes | Type ID. | | subClass | number | Yes | Subtype ID.| | protocol | number | Yes | Protocol No. | | descriptor | [Descriptor](#descriptor14) | Yes | USB descriptor. | ## UsbPolicy Enumerates the USB access policies. **System capability**: SystemCapability.Customization.EnterpriseDeviceManager | Name | Value | Description | | ---------- | ---- | ---------- | | READ_WRITE | 0 | Read and write.| | READ_ONLY | 1 | Read only. | | DISABLED | 2 | Disabled. | ## Descriptor14+ Enumerates USB descriptors. **System capability**: SystemCapability.Customization.EnterpriseDeviceManager | Name | Value | Description | | --------- | ---- | ------------ | | INTERFACE | 0 | Interface descriptor.| | DEVICE | 1 | Device descriptor.|