Add applications under Full Disk access panel programmatically

How can I create an entry for my application under the Full Disk
Access panel of Security & Privacy in System Preferences
programmatically?

You can’t, at least on normal user machines. The whole purpose of these privacy settings is that the user must give their consent by explicitly enabling them. If there was an API to grant the privilege, that’d undermine that goal.

The only exception here is managed environments. If you’re deploying to a managed environment, the site admin can use a configuration profile to bypass this step. For example, these payloads:

• com.apple.TCC.configuration-profile-policy

• com.apple.system-extension-policy

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

Thanks, eskimo for the response.

I may have misrepresented my question. I am looking for ways to add my application to the full-disk panel when someone installs it first time. Once it will appear, the user can go ahead and grant full-disk access permission.

At the moment, it is not guaranteed that an application accessing a protected file such as tcc.db will certainly appear on the list. If it does not, the user has to go ahead and add the application to the list and grant permission. I would like to avoid the first part: adding the application to the list.

Can I say if an application accessing a protected file or system extension requiring full-disk access will certainly appear in the full-disk access panel?

Ah, thanks for the clarification. AFAIK there’s no API for doing that. You can, as you mentioned, try to access a protected file but, as you also mentioned, that’s just an implementation detail rather than a supported API.

I think this would make a perfectly reasonable enhancement request. Please post your bug number, just for the record.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"