Home / Knox Authentication Manager / Release notes /

Knox Authentication Manager v1.10 release notes

Last updated November 19th, 2025

New

Support for automatic sign in on Google Workspace apps

In the v1.10 release, you can configure Google Workspace as an identity provider (IdP) for Microsoft Entra ID. Using Knox Authentication Manager, device users can automatically sign in to all their Google workspace apps without the need to manually sign in to each one.

If your Main sign in method is:

  • Manual — When a device user creates a Knox Authentication Manager profile and enters their credentials for one Google app, Google Workspace SSO enables for all their other workspace apps.

  • PIN Only or PIN + Face — When a device user creates a Knox Authentication Manager profile, launching any Google app automatically fills the username and password fields with their primary sign-in credentials, while also enabling Google Workspace SSO for their other workspace apps.

Reverify sign-in with PIN when face reverification fails

The v1.10 release adds an alternative reverification method for devices with the Main sign in method set to PIN + Face. With this release, you can configure Knox Authentication Manager to automatically prompt device users to reverify their sign-in using their PIN when face reverification fails. To enable this feature, set Reverification method to PIN fallback.

This provides device users with an alternative reverification method, and minimizes the risk of being locked out due to accidental face reverification attempts.

Automatically re-sign in to apps without prompting

Previously, every time device users opened a work app they’ve already signed into, they would receive a prompt asking if they’d like to use their Knox Authentication Manager credentials to automatically sign in.

With this release, you can configure your devices to Automatically re-sign back in to apps using KAM credentials without prompting by setting this policy to True.

Updates

Delete all user credentials across synced devices for multiple users

Previously, you could only delete a single user’s stored credentials across all their synced devices using the Manually delete user profile policy. In v1.10, you can now use this policy to delete saved credentials for multiple users at once.

When configuring app policies in your UEM console, enter the usernames you wish to delete in the Manually delete user profiles policy field in a comma-separated format, then push the profile to delete the users’ credentials from all their synced devices.

You can also do this using a JSON file.

Enhanced user experience in the Knox Authentication Manager app

The v1.10 release introduces improvements to the Knox Authentication Manager app user experience, including various visual and workflow optimizations:

  • This release updates the home navigation screen and overall GUI for a more refined user experience.
  • To provide device users with more clarity on the reverification screen, the Cancel button now says Sign out.
  • To prevent accidental sign-outs, a confirmation pop-up now displays when device users tap Sign out.
  • A confirmation pop-up no longer appears when users tap Deny on the Google consent pop-up during profile enrollment.

Support for Jetpack Compose UI versions 1.7 and 1.8

This release introduces support for apps developed using Jetpack Compose UI versions 1.7 and 1.8. You can now save and autofill credentials for any app developed with Compose UI up to version 1.8.

Automatically fill additional sign-in details

Previously, Knox Authentication Manager only stored username and password credentials for saved apps. As such, device users may have encountered errors when using Knox Authentication Manager to sign in to apps that require sign-in details other than a username and password.

With v1.10, Knox Authentication Manager now detects additional input elements on sign-in screens and automatically saves those credentials in the user’s profile. Device users can manage and edit these values in the Manage credentials section of the Knox Authentication Manager app menu.

Adjustments to mandatory policy keys

Previously, a number of optional policies were marked as Mandatory within the managed app configuration. As a result, device users may have experienced configuration errors when launching the Knox Authentication Manager app.

In the v1.10 release, the policy keys have been re-evaluated, and optional keys are marked accordingly. No action is required from IT admins as a result of this change. The following keys are changed from mandatory to optional:

  • doKAMShowDeviceSerialNumber
  • doKAMAutoLogoutOnCharge
  • doKAMAutoLogoutOnScreenOffAfter
  • doKAMCleanupOnLogout
  • doKAMCleanupOnLogin
  • doKAMAuthToUnlockDevice
  • doKAMLightweightLauncherReverifyAfter
  • doKAMReverifyMethod
  • doKAMShowUsernameOnReverifyScreen

Deprecations

Knox Authentication Manager no longer supported on Android 12

In the v1.10 release, Knox Authentication Manager is now deprecated on devices running Android 12 OS or lower.

To continue using Knox Authentication Manager, ensure your devices are updated to Android 13 or higher.

On this page

Is this page helpful?