Thanks for the reply. I guess collecting them from the start certainly makes life easier, it’s just I do feel some users will be hesitant to allow X Y and Z and therefore may turn away from the service. We’ll see. I have it fetching existing permissions and then adding to those permissions at the moment so I’ll run with that until it becomes noticeably problematic…