Authorizes and preauthorizes rights synchronously.
- macOS 10.0+
An authorization reference referring to the authorization session.
A pointer to a set of authorization rights you create. Pass
NULLif the application requires no rights at this time.
Data used when authorizing or preauthorizing rights. Not used in OS X v10.2 and earlier. In macOS 10.3 and later, you can pass icon or prompt data to be used in the authentication dialog box. In macOS 10.4 and later, you can also pass a user name and password in order to authorize a user without displaying the authentication dialog box. Possible values for this parameter are listed in
Security. The data passed in this parameter is not stored in the authorization reference; it is used only during authorization. If you are not passing any data in this parameter, pass the constant
.framework/Headers/Authorization Tags .h
Authorization Empty Environment
A bit mask for specifying authorization options. Use the following option sets.
Pass the constant
defaultsif no options are necessary.
destroymask to prevent the Security Server from preserving the rights obtained during this call.
A pointer to a newly allocated
Authorizationstructure. On return, this structure contains the rights granted by the Security framework. If you do not require this information, pass
NULL. If you specify the
premask in the
flagsparameter, the method returns all the requested rights, including those not granted, but the flags of the rights that could not be preauthorized include the
Authorization Flag Can Not Pre Authorize
Free the memory associated with this set by calling the function
Free Item Set(_:)
A result code. See Authorization Services Result Codes.
There are three main reasons to use this function. The first reason is to preauthorize rights by specifying the
extend masks as authorization options. Preauthorization is most useful when a right has a zero timeout. For example, you can preauthorize in the application and if it succeeds, call the helper tool and request authorization. This eliminates calling the helper tool if the Security Server cannot later authorize the specified rights.
The third reason to use this function is to authorize partial rights. By specifying the
extend masks as authorization options, the Security Server grants all rights it can authorize. On return, the authorized set contains all the rights.