Home / Knox cloud services authentication / Knox OAuth 2.0 Authentication / For UEMs /

Step 3 — Call Knox cloud services APIs with access token

Last updated August 5th, 2025

Access token obtained in Step 2 – Get access and refresh tokens can be used to call Knox cloud services APIs on behalf of an end user, who has provided the authorization consent.

For example, a cURL request for Knox Asset Intelligence:

curl --location 'https://api.samsungknox.com/kai/v1/settings' \
     --header 'Authorization: Bearer aB1c....D2fgh'

A sample response for the Knox Asset Intelligence request above:

{ 
    "battery": 
        { "batteryLevelThresholds": [] },
    "enrollment": 
        { "allowEnrolledToKnoxConfigure": false } 
}

End user with Knox MSP account

As a Knox MSP account holder, when you make Knox cloud service API requests, include your managed customer ID in x-wsm-managed-tenantid header. Your managed customer ID is available on the Customers page of the Knox MSP Portal, and you can also retrieve it using Get customer information endpoints.

For example, a cURL request for Knox Asset Intelligence:

curl --location 'https://api.samsungknox.com/kai/v1/settings' \
     --header 'Authorization: Bearer aB1c....D2fgh' \
     --header 'x-wsm-managed-tenantid: 1123123123'

A sample response for the Knox Asset Intelligence request above::

{ 
    "battery": 
        { "batteryLevelThresholds": [] },
    "enrollment": 
        { "allowEnrolledToKnoxConfigure": false } 
}

Knox cloud services API requests only available for your managed customers. If the request is for a non-managed customer, it fails.

Supported services

The Knox cloud services which currently support OAuth 2.0 are:

  • Knox Asset Intelligence

  • Knox Configure

  • Knox Deployment Program

  • Knox E-FOTA

  • Knox Manage (exclusive to MSP partners)

  • Knox Mobile Enrollment

  • Knox MSP Portal

  • Knox Webhook Notification

On this page

Is this page helpful?