Step 1 — Get access token

You need to call Knox Authorization Server token endpoint to get access token using OAuth2 client ID and client secret (for more details, please refer to Knox OAuth2 Authorization Server API).

Get an access token using your client credentials in the below request sample.

curl 
--location 'https://api.samsungknox.com/ams/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id={OAUTH2_CLIENT_ID}' \
--data-urlencode 'client_secret={OAUTH2_CLIENT_SECRET}' \
--data-urlencode 'scope={Required Scope}'

Example:

curl 
--location 'https://api.samsungknox.com/ams/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=u6oBxBP53rkCoqDpkzvgNtnUwsFw5mrs' \
--data-urlencode 'client_secret=AQCGAt6Py7w1ixpksRKUzhAg99AzVoGN' \
--data-urlencode 'scope=ke'

You receive the access tokens in the following format. The value of the expires_in key denotes the number of seconds that the access token is valid for.

{
  "access_token":"eyJhbGc..SbHWvZ1w",
  "scope":"ke",
  "expires_in": 599,
  "token_type":"Bearer"
}

Access token must be active when making Knox Cloud API call.