For most recent information on AT&T's Java security domain policy, please check the information available on AT&T developer portal (free registration required).

In general, AT&T has the following domains on their phones:

• untrusted 3rd party (no access to a number of APIs)
• trusted 3rd party (no access to a number of APIs) - certificates from Thawte, Verisign, and UTI (Java Verified) root
• Cingular preferred (close to what trusted 3rd party domain is in MIDP recommendation)
• Cingular trusted (basically same as operator domain)
• Manufacturer

The API access rights for untrusted, trusted 3rd party and Cingular preferred domains are listed on the following pages. Note, that there there are multiple versions of the API access settings available

• Current settings document is now formally noted as AT&T access rights, the previous ones are still branded Cingular (the link names below are hence in a way incorrect)
• AT&T API access rights v3 (current settings, revision date November 2006)
• AT&T API access rights v1 (revision date November 2005)

API access rights checked directly from devices

• AT&T branded 6085