May 11, 2018
9:04 pm

Samsung Knox Permissions on Device Administrator Screen

In our app, we are using Knox to remotely control the device.  This is a feature we are providing to our technicians in a Call Center to assist customers. At the end of a session, we disable the Device Administrator per our company Privacy Policy.  

However, the second time a user opts to have a technician conduct a Remote Takeover, the Device Administrator screen appears to show ALL options that Knox could perform.  Is there a way to limit this text to only the feature we are using (e.g. Remotely control the device)? 

The image link below shows what appears to the user on the Device Administrator screen on the second time activating Device Admin.

Kamil Kaszubski
May 14, 2018
11:31 am


Knox API needs ELM license activation. Once license activated, all permissions under the license is applied to the application. When you are activating device admin again the ELM license is already activated on that device and all permissions are shown.

This was a concept on older devices and cannot be changed. Selective permissions are displayed on devices with Oreo activating SKL license


Hi Kamil,

Thanks for you reply. I am using the Oreo devcie, but stills eeing all the Permisison in Devcie admin activation screen( Currently we are using the Legacy Knox Sdk . 

Build dependencies :provided ''
provided ''
provided ''

Please let us know, if you have any steps which provieds the app capability to just adding Remote  Takeover features and not allow it to show other KNox features.


ASURION AMAMay 15, 2018 at 6:41 pm
Kamil Kaszubski
May 17, 2018
8:58 am

please use SKL license key and remember to deactivate it when your admin gets disabled, i.e.

public void onDisabled(Context context, Intent intent) {
    try {
        KnoxEnterpriseLicenseManager knoxEnterpriseLicenseManager = KnoxEnterpriseLicenseManager.getInstance(context);
        knoxEnterpriseLicenseManager.deActivateLicense(Constants.KLM_KEY, context.getPackageName());
        } catch (SecurityException e) {
        Log.e(TAG, context.getString(R.string.license_was_not_activated));

This should prevent from showing all permissions when you are activating admin for 2nd time