Overview
Last updated July 26th, 2023
Get started with the basics by learning what Knox Authentication Manager is and how it works.
What is Knox Authentication Manager?
Knox Authentication Manager is a managed, Android autofill service for shared, fully managed Samsung devices. Knox Authentication Manager offers multiuser facial biometrics to speed-up shared device sign-ins, eliminates authentication friction by saving and automatically filling user credentials for any productivity app that requires manual sign-in, and securely syncs users’ profiles across shared devices.
Profile sync enables users to enroll once on a single device, then pick up any other device and instantly make it their own for the duration of their shift. Knox Authentication Manager has features in place to help keep personal data secure. With profile syncing, no data is stored to the cloud or a server.
Device syncing is coordinated through device groups that are defined by admins or auto-defined based on Wi-Fi subnets. Device groups typically map to facilities where a group of users share devices. To sync, devices must be able to communicate with each other via Wi-Fi and reach Google Firebase, though no Google Firebase account or subscription is required by your enterprise or users.
How does it work?
Knox Authentication Manager works with your UEM/EMM to capture users’ enterprise sign-in credentials. New users first sign in to a UEM/EMM shared device launcher or Microsoft Entra ID and then register for Knox Authentication Manager.
Knox Authentication Manager allows two different sign-in methods for devices, face and manual. Face sign-in directs users to enter a PIN number and scan their face to sign in. Manual sign-in requires users to sign in with their enterprise credentials. Admins can choose which method to enable via their UEM/EMM.
After registration, users allow Knox Authentication Manager to save their credentials for any productivity apps that require sign-in and align with the Knox Authentication Manager sign-in flows. The next time they sign in to a device in your fleet, Knox Authentication Manger automatically signs them in to any apps for which they saved their credentials.
When a user’s session on a device ends, the device is ready for the next user to sign in to and use. Knox Authentication Manager thus benefits enterprises that have shift work because it allows users working at different times of the day to seamlessly use the same devices.
Further reading
See the below pages for detailed explanations and walkthroughs of Knox Authentication Manager’s features.
- Available sign-in flows for apps — Learn what app sign-in flows Knox Authentication Manager supports.
- Change the sign-in method — Learn how admins and users can change the sign-in method for Knox Authentication Manager.
- Reregister your face and change your pin — Learn how to re-register your face and change your PIN.
- Submit in-app feedback — Learn how to submit in-app feedback.
- Troubleshoot device syncing — Learn how to test and troubleshoot device syncing.
- Unregister a user account — Learn how to un-register a user account in the Knox Authentication Manager app.
On this page
Is this page helpful?