Knox Cloud API Authentication
Last updated February 10th, 2026
You can programmatically access Knox cloud services through their APIs. This guide provides an overview of how to authenticate securely, and how you can start making API calls.
Audience
This guide is intended for:
-
Customers building internal tools that call Knox cloud services APIs
-
Resellers who need to automate device deployments and management tasks on behalf of their customers
-
Managed Service Providers (MSPs) who are looking to integrate Knox cloud services APIs into their customer portals
-
UEM partners integrating Knox services into enterprise platforms
Prerequisites
The following prerequisites only apply to Knox cloud services that support Knox OAuth 2.0 Authentication. The Knox Guard API, Knox Manage API (for non-MSP audiences), and Knox Attestation API don’t support Knox OAuth 2.0 Authentication, and have different prerequisites. See Authentication schemes for more information.
-
Sign up for a Samsung Knox Developer account account.
-
Get a client ID and client secret to make Knox API calls by registering a new cloud app.
-
Look up API endpoints for relevant Knox cloud services.
-
(Optional) If you want to create a mutual SSL (Secret Sockets Layer) connection, create a Support ticket.
Authentication schemes
You can authenticate Knox API calls using:
-
Knox OAuth 2.0 Authentication API (recommended)
-
Knox Cloud Authentication API (legacy)
-
Service-specific authentication schemes (only applicable to certain services)
About Knox OAuth 2.0 Authentication
The Knox OAuth 2.0 Authentication API is our latest and preferred authentication scheme. It lets you specify scopes for granular permission control.
It also supports multiple client IDs under the same account, which makes it easier to manage multiple cloud apps through the Knox Developer Portal.
Knox OAuth 2.0 Authentication currently supports all of the following Knox cloud services APIs:
For more information, see the Knox OAuth 2.0 Authentication guide.
About Knox Cloud Authentication (legacy)
Knox Cloud Authentication is our legacy authentication scheme. We strongly recommend using Knox OAuth 2.0 Authentiation for new integrations.
Currently, the following API only supports Knox Cloud Authentication:
For more information, see the Knox Cloud Authentication (legacy) guide.
About service-specific authentication schemes
Knox Manage and Knox Attestation have their own authentication schemes. They don’t support Knox OAuth 2.0 Authentication or Knox Cloud Authentication.
For more information, refer to the API references linked below:
Where to start
| If you want to | See |
|---|---|
| Understand the overall Knox ecosystem | The Big Picture |
| Get started with Knox OAuth 2.0 Authentication | Knox OAuth 2.0 Authentication |
On this page
Is this page helpful?