Skip to main content

Running a .NET MAUI Windows App as Administrator (Elevated)

·3 mins

When developing a .NET MAUI app for Windows, you might find yourself in a situation where you need to run your app elevated. Elevated meaning that you get the UAC dialog and the app gets more rights to your system. It’s not super straight-forward how to set it up, so here is a little blog post to guide you!

A Word of Warning #

Before we begin, a couple of practical things. First: think very hard if this is something you will actually need. When in elevated mode your app can do a lot of potential harm. Think long and hard if there isn’t some way around what you’re trying to do.

Second: this post will show you how to always launch your app in elevated mode. There are also solutions to only trigger the elevation mode whenever you need it throug a piece of code.

Have you thought about it and still want it? Alright then! Also be aware that this only works when using WinAppSdk 1.1 and up and the Windows 10 and Windows 11 machines you’re going to run this on need a specific patch (KB5013942 for Windows 10 and KB5013943 for Windows 11). At the time of writing .NET MAUI comes with WinAppSdk 1.1 so if you’re up-to-date, all should be good.

Updating the package.appxmanifest #

The solution to run your app elevated is mainly two steps: update the package.appxmanifest and update the app.manifest. In a .NET MAUI app you can find those under Platforms\Windows. Let’s start with the first one. Open it up with a text editor and find the Capabilities node. Make sure that it looks somewhat like underneath

<Capabilities>
    <rescap:Capability Name="runFullTrust" />
    <rescap:Capability Name="allowElevation" />
  </Capabilities>

The runFullTrust is probably there by default, you will need to add the allowElevation one. Others might be there (or not) just make sure the elevation one is there. If you don’t see a Capabilities node, make sure to add it under the Package node.

Updating the app.manifest #

Now on to the app.manifest file. Open that up with a text editor and add the following.

<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
	<security>
		<requestedPrivileges>
			<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>
		</requestedPrivileges>
	</security>
</trustInfo>

I haven’t found much documentation about this piece, but you can also set the level to highestAvailable which is maybe a better option. I have found that switching uiAccess to true doesn’t work. You’ll get an error it’s not supported. Maybe this is something that is coming in the future, it seems to be reported, including root cause here: https://github.com/microsoft/WindowsAppSDK/issues/1669

Run the App! #

Now when you launch the app, you will be immediately asked if you want to allow this app to run with elevated rights. Congrats, all done!

Feel Elevated! #

Now I hope you will feel enlightened and elevated knowing this. I hope it helps in a scenario where you need this. This is mostly also just for myself to note it down so future me can use a search engine only to find my own post 😬