The Knox SDK extends the functionality of the standard Android SDK to provide granular access to device features, security options, customization settings, and more. Create tailored solutions by remapping hardware keys, designing kiosks, deploying policies by geographical location, and customizing the booting animation. Keep sensitive enterprise data secure by restricting access to settings, pre-configuring VPN and firewall settings, and whitelisting and blacklisting apps.

Access over 1500+ APIs to build apps and mobile solutions that meet the needs of regulated industries such as healthcare, finance, and education. Unleash your creativity and start building world-class solutions today.

Learn more about Knox products version mapping before downloading your SDK.

Knox SDK 3.4 (API level 29)

Enroll to download

Already a developer? Sign in

Knox SDK 3.3 (API level 28)

supportlib.jar (Aug 2019, for older devices)

Already downloaded the SDK? Jump to next steps.

How it works

The Knox SDK consolidates several existing SDKs into one convenient package and JAR library:

  • Knox Standard SDK – Provides comprehensive management of mobile devices.
  • Knox Premium SDK – Offers rich security and enterprise management functions, including the option to create a Knox container.
  • Knox Customization SDK – Enables purpose-built devices for vertical markets.
  • Knox ISV SDK – Checks for device rooting and enables Sensitive Data Protection.
  • Knox UCM SDK – Allows EMM partners and storage providers to manage credentials across different storage hardware. Storage providers create plugins to handle storage requests.
  • Knox VPN SDK – Allows VPN providers to deploy VPNs through their network infrastructure.

For your convenience we've added a mapping table showing how the old SDK versions map to the new Knox SDK API level.

Still using the legacy SDK? Access them here.

The Knox SDK provides you with powerful control over all aspects of Samsung devices.

Knox 3.4

Knox SDK v3.4 provides these new features:

  • DualDAR – To enhance app stabilization, work apps can now write to Device Encrypted storage by default. Through the Knox Service Plugin (KSP) and Knox Mobile Enrollment (KME), there is zero day support for new DualDAR features..
  • Attestation – Enhancements for better correlation of results (using the Samsung Attestation Key to identify devices) and better server-side validation checks of device status.
  • Custom tab names – Ability to customize tab names for the Personal and Workspace tabs on a device.
  • APN Mobile Virtual Network Operator – Ability to configure the MVNO type and value for a device.
  • Knox VPN SDK – Officially merged into this Knox SDK, using the new namespace.
  • Deprecation – Corporate Liable (CL) containers are now deprecated in the Galaxy Note 10 and any new device launched afterwards.

Knox 3.3

Knox SDK v3.3, now with additional APIs and framework features for developers, MDMs, and users.

  • Knox Verified Boot – Provides enhancements to harden and secure your device boot process with: TrustZone interface to refer to KVB state, platform binary validation at early boot process, and rollback prevention based hardware tamper fuse.
  • Dual DAR – Dual encyption allows enterprises to secure their work data with two layers of encryption even when the device is powered off or is in an unauthenticated state.
  • Contact Storage Restrictions – Restrict local contacts stored on enterprise devices to reduce the risk of losing contacts or becoming out of sync with enterprise contacts.
  • Knox on DeX – Allow or restrict access using the Knox platform.
  • Firewall  – Interaction between DomainFilter rules and Firewall policies are now supported through the introcution of a new API.
  • VPN – Improvements on user experience and VPN client performance on the Knox framework with the following enhancments: Multi-app tunneling support, Knox event and Android networking event sync, and Ongoing network flow analytics for NPA purposes.
  • Deprecations –Container only mode (COM) begins deprecation starting the release of the Galaxy S10 running Knox 3.3 or any device launched after. For earlier devices such as the Galaxy S9 or S8, COM/CL containers will be supported until the ned of life of the devices.

Knox 3.2.1

Knox 3.2.1, built on top of Android Enterprise, supports the Android P operating system along with the following new features.

  • Token password – Encrypted passwords to add an additional level of security.
  • UI changes – All API methods of the Knox UCM SDK have been merged into the Knox 3.2 SDK
    • An updated UI replaces the Knox container mini launcher with a tabbed UI view to separate personal and work apps
    • Access workplace settings directly from the device settings menu
  • VPN enhancements
    • Enable common audit logs for VPN clients
    • Improved performance to allow IT Admins to configure SSL/IPSEC VPN profiles on multiple devices
  • Certificate provisioning – Supports IT Admins in managing certificates and keystores.

Knox 3.2

  • DeX management – Knox 3.2 provides additional APIs for DeX mode:
    • Set the alignment mode of the DeX launcher
    • Add/remove URL shortcuts on the DeX launcher
    • Add URL shortcuts on the DeX launcher with customized icons
    • Enable/disable packages for DeX foreground mode
  • Universal Credential Management (UCM)– All API methods of the Knox UCM SDK have been merged into the Knox 3.2 SDK
  • WiFi/Bluetooth/BLE scanning control
    • Enable/disable WiFi background scanning
    • Enable/disable Bluetooth/BLE and associated background scanning
  • Rich Communciation Services (RCS) message capture – record RCS messages, including media files
  • Other updated features: ProKiosk, Network Platform Analytics (NPA), Sensitive Data Protection (SDP), Enterprise Device Manager (EDM)

Knox 3.1

  • DeX management – Knox 3.1 provides APIs that target devices in DeX mode:
    • Add/remove app shortcuts
    • Change the loading screen that plays while the device launches in DeX mode
    • Control screen timeout settings
    • Enforce Ethernet data connection
    • Prevent certain apps from running in DeX

These APIs don’t affect devices after they’ve been disconnected from the DeX station.

  • App Permission Monitor updates – IT admins can now enable or disable access to the App Permission Monitor.

Knox 3.0

The Knox SDK also offers the following improvements:

  • New Namespace – All Samsung Knox SDK packages, intents, and permissions now use the following namespace: com.samsung.android.knox. Using the same namespace simplifies the coding, troubleshooting, and support process.
  • Simplified API set – API methods that were not being used or were duplicated across SDKs have been deprecated. This is to simplify the API set and improve the usability of the SDK.
  • Consolidated Version Numbers – Previously, each SDK had a different version number. The new consolidated Knox SDK starts at v3.0 and uses a Knox API level to identify when individual API methods were introduced.
  • Improved Structure – API methods have been re-organized to better reflect their function. The API methods that were in the generic MiscPolicy class have been moved into more appropriate classes.
  • Android Enterprise Harmonization – Android Enterprise and Samsung Knox Workspace have been harmonized into one solution. As a result, you can call Knox API methods on an Android Enterprise Work Profile an Work Managed Device. For more, see Harmonization.

Next steps ...

Knox SDK 3.4 (API level 29)

Knox SDK 3.3 (API level 28)

supportlib.jar (Aug 2019, for older devices)