Step 1 — Get access token
Last updated February 10th, 2026
You can call the POST /oauth2/token operation, using your app’s client ID and client secret, to get the access token.
Request Format
The following request format is used to get an access token using client credentials.
curl --location 'https://api.samsungknox.com/ams/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id={OAUTH2_CLIENT_ID}' \
--data-urlencode 'client_secret={OAUTH2_CLIENT_SECRET}' \
--data-urlencode 'scope={Required Scope}'
You can increase the expiration period of your access token to up to 60 minutes by specifying an expires_in value in the request body. For example, for an expiration period just shy of 10 minutes, set expires_in=599. Alternatively, you can set the Access token expiration setting to a higher value while registering or managing your cloud app in Knox Developer Portal.
Example Request
curl --location 'https://api.samsungknox.com/ams/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=a1bC...d2efg' \
--data-urlencode 'client_secret=ABC...DeFG' \
--data-urlencode 'scope=kai'
Response Format
The following sample response shows how the access token is returned. The value of the expires_in key denotes the number of seconds for which the access token is valid. You need an active access token every time you make a Knox cloud services API call.
{
"access_token":"abc123...abc123",
"scope":"kai",
"expires_in": 599,
"token_type":"Bearer"
}
Next steps
After receiving the access token, proceed to Step 2 — Call Knox cloud services APIs with access token.
On this page
Is this page helpful?