Privileges

Transparent, free, and secure admin rights management for macOS.

Privileges is a free macOS application designed for modern enterprise environments. It gives users temporary administrator privileges when needed without granting permanent admin rights. The application is built with simplicity, security, and transparency in mind. Users can set a timeframe in the application's settings to perform specific tasks, such as installing or removing an application.

Using a standard user account instead of an administrator account adds an extra layer of security to your Mac and is considered a security best practice. We believe that all users, including developers, can benefit from using Privileges.

The current version of Privileges supports the following macOS versions:

• macOS 26.x
• macOS 15.x
• macOS 14.x
• macOS 13.x (*)
• macOS 12.x
• macOS 11.x

[!NOTE] (*) Unfortunately, macOS 13 incorrectly reports a launch constraint violation and immediately terminates the application. Starting with version 2.2, we are therefore providing two versions of the application: one with launch constraints and one without. However, we recommend using the version with launch constraints whenever possible.

Features

🛠️ Easy install

🚀 Perfect for day-to-day use

🛜 Works completely offline - no internet connection required

⏰ Turn on admin rights anytime

🔐 Enjoy standard user security

🧰 Extensive MDM support for broad device and policy control

⌨️ Command line support

New Privileges 2 features

⛔️ Revoke admin rights at login

⏳ Unified expiration interval for administrator privileges

🔁 Renew expiring administrator privileges at any time

🪪 Smart card and PIV token support

🛡️ Tamper protection (requires macOS 13 or newer)

▶️ Run actions on privilege change

🔒 Status item for the macOS menu bar

👆 Command line tool now supports Touch ID

⚙️ AppleScript support

🪝 Webhooks

🔠 Localized in 41 languages

📦 Installer package

Demo

Have a look at how quick and easy you can request admin rights

https://github.com/user-attachments/assets/6cf5df95-9dce-4c21-a150-2217044fe389

Application Management

As of Privileges 1.0.5, it is possible to manage settings for Privileges or the PrivilegesCLI command line tool using a macOS configuration profile. For details, please click here.

Articles

See who's talking about Privileges…

2025

• Leveling Up - Managing admin rights in the enterprise - Rich Trouton's session at MacAD.UK 2025
• 9To5Mac: Privileges 2.1 continues to be one of the must-have macOS apps in the enterprise
• Caschys Blog: Privileges 2.3.0: Mehr Sicherheit und Kontrolle für Mac-Admins (German language)

2024

• Der Flounder: Privileges 2.0 available with new features

2022

• Mac & i: SAP-Werkzeug erleichtert Arbeit als Standardnutzer (German language)
• ifun.de: Privileges.app von SAP: Nur noch auf Zuruf zum Admin (German language)
• Leveling Up - Rich Trouton's session at MacSysAdmin 2022
• The Great Debate: Admin or Standard Users? - A talk hosted by Kandji

2019

• 9To5Mac: Privileges for macOS is the open source tool that all Apple IT departments need

Documentation

To learn more about Privileges features, make sure to take a look at our wiki or the links below:

• Installation
• Uninstallation
• Using Privileges
• Managing Privileges
• Frequently Asked Questions

License

Copyright (c) 2018-2026 SAP SE or an SAP affiliate company and macOS-enterprise-privileges contributors. Please see our LICENSE for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available via the REUSE tool.

Security

[!IMPORTANT] Local administrators on macOS have extensive capabilities to make changes to a Mac. This can include completely removing the Privileges application. Therefore, Privileges cannot guarantee that elevated permissions will be removed from the user account at all or on any specific schedule. Privileges cannot undo other changes made by a user - or processes acting as the user - when that user has elevated rights. Organizations should consider this when designing their client management, device compliance, security hardening, and auditing policies.

Found a security-related issue or vulnerability and want to notify us? Please see here for how to report it.

Support

This project is 'as-is' with no support, no changes being made. You are welcome to make changes to improve it but we are not available for questions or support of any kind.