Home / Knox Cloud API Authentication / Knox OAuth 2.0 Authentication / For customers, resellers, and MSPs /

Step 2 — Call Knox cloud services APIs with access token

Last updated February 10th, 2026

You can use the access token obtained in Step 1 – Get access token to call Knox cloud services APIs.

Making API calls as a Knox customer

You can make Knox cloud services API calls using your access token. Here’s an example request to the KAI API which includes the access token in the Authorization header:

curl --location 'https://api.samsungknox.com/kai/v1/settings' \
     --header 'Authorization: Bearer aB1cDE......fG2itijk'

Here’s a sample response for the request above:

{ 
    "battery": 
        { "batteryLevelThresholds": [] },
    "enrollment": 
        { "allowEnrolledToKnoxConfigure": false } 
}

Making API calls as a Knox Managed Service Provider (MSP)

As an MSP, you can make Knox cloud service API calls on behalf of a managed customer by including your access token in the Authorization header, and the managed customer ID in the x-wsm-managed-tenantid header.

The managed customer ID is listed as the Customer ID value on the Customers page of Knox MSP Portal. You can also retrieve it using the MSP API’s Get customer information endpoint.

You can only call Knox cloud services APIs on behalf of your managed customers. Requests for non-managed customer will fail.

Here’s an example request to the KAI API:

curl --location 'https://api.samsungknox.com/kai/v1/settings' \
     --header 'Authorization: Bearer aB1cDE......fG2itijk' \
     --header 'x-wsm-managed-tenantid: 1123123123'

A sample response for the Knox Asset Intelligence request above:

{ 
    "battery": 
        { "batteryLevelThresholds": [] },
    "enrollment": 
        { "allowEnrolledToKnoxConfigure": false } 
}

Next steps

To renew the access token or revoke it, see Step 3 — Renew or revoke access token.

On this page

Is this page helpful?