Knox SDK 3.2.1
Knox SDK version 3.2.1 release has three major improvements to better improve security and device management. Firstly, new APIs have been developed for this release to allow more functionality in device management. Secondly, Knox Platform for Enterprise is built on the Android operating system, and with Knox v3.2.1 we leverage the Android Pie operating system to provide even more capabilities on a Samsung device. Finally, framework improvements have been added to the SDK to better optimize performance behind the scenes so you can focus on development.
New API overview
|Class||API methods and variables|
|BasePasswordPolicy||setResetPasswordToken (ComponentName admin, byte token)|
|clearResetPasswordToken (ComponentName admin)|
|isResetPasswordTokenActive (ComponentName admin)|
|resetPasswordWithToken (ComponentName admin, String password, byte token, int flags)|
|getTrustAgentConfiguration (ComponentName admin, ComponentName agent)|
|setTrustAgentConfiguration (ComponentName admin, ComponentName target, PersistableBundle configuration)|
For more information on Knox APIs see the full set of Knox API references. In addition to new Knox APIs for the Knox SDK v3.2.1 release there were also deprecated APIs. See deprecated API methods for a full list.
The Knox SDK features the
CertificateProvisioning class, which supports IT Admins in managing certificates and keystores. Beginning with Knox 3.2.1, certificate installations with the
KEYSTORE_DEFAULT flag will no longer require the user to unlock the device.
For details, see the API
installCertificateToKeystore(), which allows the IT admin to silently install a CA certificate into a given keystore. To learn more about certificate provisioning, see About Keystores.
There are two major improvements to the Knox Platform for Enterprise’s password class:
The following Android APIs now exist on the Knox Platform —
getTrustAgentConfiguration. The addition of these methods preserve the functionality of calling these APIs as device admin.
The following APIs have been added as an alternative to
resetPassword()to allow programmatic password modification without IT admin interaction —
For more information on Knox passwords, see the password section of the developer guide.
The Keyboard security framework has received a major usability upgrade while maintaining security between the personal and work profiles. Unlike Android Enterprise, Knox Platform for Enterprise allows users to choose their own IME in the personal space without the risk of leakage into the work space by separating the IMEs. Learn more about this update to the keyboard framework for KPE.
The Knox Generic VPN Framework enables common audit logs for VPN clients and helps non-native VPN clients meet NIAP security requirements.
To learn more about the types of events that are logged, see VPN Audit Logs.
The Knox SDK has the
GenericVpnPolicy class which allows IT Admins to configure SSL/IPSEC VPN profiles on multiple devices.
This release adds a number of enhancements to VPN, including:
Performance optimization to increase the speed of establishing VPN connections for a large number of apps.
Synchronization of VPN connection and firewall configuration events. This ensures that VPN connection is established only after firewall has finished preparing for VPN mode.
The Knox SDK Release 3.2.1 removes the mini launcher used to open the Knox Workspace and replaces it with a tabbed UI view. Apps now display in two categories: Personal and Work (Knox Workspace). Users can seamlessly switch between the Personal and Work tabs on the Home page.
To learn more about the tabbed UI view, see Tabbed UI View.
The Knox SDK Release 3.2.1 includes changes that let users open the Knox Workspace Settings right from the devices’s Settings.
To learn more about this change, see Workspace Settings.
For more information
To learn more about the Knox SDK, check out these resources:
Is this page helpful?
Thank you for your feedback!