Knox Enhanced Attestation Error code -5: ERROR_INVALID_NONCE
Last updated July 26th, 2023
- Knox Platform for Enterprise (Knox 3.4 and above)
- Knox Enhanced Attestation v3
On Samsung devices that support Knox and run Knox 3.4 or higher, when EMM or ISV tries to verify device data integrity with a generated nonce, the Knox attestation server returns a -5 or 400 invalid nonce error.
A nonce is a one-time token and its time period is 5 minutes. Therefore, an invalid nonce error can happen in the following scenarios:
- The same nonce is used multiple times.
- The nonce is used 5 minutes or more after being created.
- The nonce is not generated by the Knox Server or AUK is not matched.
Please ensure the following to prevent an error message:
- The same nonce should not be used multiple times.
- If the last nonce is generated more than 5 minutes ago, create a new nonce before starting the attestation.
- Generate AUK from your KPP account and refer to the Knox attestation tutorial for creating a nonce.
Is this page helpful?
Thank you for your feedback!