Knox Validated Program requirements
The Knox Partner Program provides resources and direct global support for partners ready to build a strategic relationship with Samsung. The Knox Validated Program gives partners more opportunity for greater support and promotion from Samsung.
We refer to Mobile Device Management (MDM), Enterprise Mobility Management (EMM), and Unified Endpoint Management (UEM) collectively as MDM in this guide.
To qualify for a Knox Validated partner solution, MDM partners MUST meet the requirements and, optionally, recommendations presented in this topic.
You can learn more about the Knox Partner Program and the associated benefits on the Knox Partner Program page.
Requirements and recommendations
|Code||Item||Category||Requirement or recommendation||Related Product||Notes|
|KSP-001||MDMs MUST support OEMConfig (using Managed Google Play).||Functionality||Requirement||KPE/KSP||For more details, see OEMConfig.|
|KSP-002||MDMs SHOULD also support OEMConfig without Managed Google Play (using API-based private or internal app installation and managed configurations) for on-premise environments.||Functionality||Recommendation||KPE/KSP||
For more details about Managed Configuration (API), see Device Policy Manager > Set Application Restrictions.
For more details about private or internal app installation (API), see Knox SDK API reference > Application Policy.
|KSP-003||MDMs SHOULD also support OEMConfig for the personal space in COMP mode (using API-based private or internal app installation in DO) for STIG compliance.||Functionality||Recommendation||KPE/KSP||MDMs SHOULD support AE COMP mode. For more details about STIG compliance, see KSP Admin Guide > STIG Guidelines.|
|KSP-004||MDMs MUST support OEMConfig feedback channel.||Functionality||Requirement||KPE/KSP||For more details, see OEMConfig.|
|KSP-005||MDMs MUST show Knox policies as part of Android Enterprise policies in the console UI.||UX||Requirement||KPE/KSP||This requirement speaks to the discoverability and consistency of KSP user experience in the MDM console. For a detailed list of user experience requirements, see KSP user experience guidelines.|
|KSP-006||MDMs SHOULD enable the Knox Service Plugin shortcut from Managed Google Play Store. After setting up KSP once, the user should be able to access Knox policies immediately using the Knox policy hook in the MDM console.||UX||Recommendation||KPE/KSP||This requirement speaks to the discoverability and consistency of KSP user experience in the MDM console. For a detailed list of user experience requirements, see KSP user experience guidelines.|
|KSP-007||MDMs MUST provide context when showing KSP results to User.||UX||Requirement||
To ensure that users receive the necessary information resulting from an action they performed in KSP, we recommend:
For a detailed list of user experience requirements, see KSP user experience guidelines.
|KSP-008||MDMs MUST support four-level schema hierarchy for OEMConfig||Functionality||Requirement||KPE/KSP||For better UX, we require that you follow the schema rendering guidelines described in KSP user experience guidelines.|
|KSP-009||MDMs SHOULD enable easy navigation and readability of KSP policies by following the scheme rendering recommendations||UX||Recommendation||KPE/KSP||Additionally, we recommend that the console UI:
|KME-001||Users MUST be able to directly download the MDM agent through a designated URL on Managed Google Play or your own web server.||Functionality||Requirement||KME||This requirement ensures that the user is able to download and install the MDM client without the need to follow complicated download instructions.|
|KME-002||MDMs MUST implement KME-DO integration so that users can install these components automatically and launch them during the initial device setup process using KME.||Functionality||Requirement||KME||We require that the MDM supports Google’s Device Owner provisioning.|
|KME-003||MDMs SHOULD support passing of user credentials through KME.||Functionality||Recommendation||KME||Passing user credentials to the device through KME reduces the chances of user error when setting up the device.|
|KME-004||MDMs SHOULD provide an integrated user experience for KME functionality — such as reseller, profile, and device management — through their consoles using the KME API.||Functionality and UX||Recommendation||KME||Providing an integrated experience ensures that users are able to perform device management activities with ease.|
|COM-001||MDMs SHOULD include information about the following in their console documentation:||Documentation||Recommendation||Common||
MDM console documentation should include the following information:
All of this information and more is available in the KSP Admin Guide.
Is this page helpful?
Thank you for your feedback!