Skip Navigation

Configure a third-party identity provider for activating
BlackBerry Dynamics
apps on a device

You can configure a third-party identity provider so that users can sign-in with their directory credentials to activate
BlackBerry Dynamics
apps on a device. They can also use it to unlock an app or reset their
BlackBerry Dynamics
app password.
To configure this feature, you need the following:
  • BlackBerry Dynamics
    apps compiled with a supported version of the
    BlackBerry Dynamics SDK
    .
  • BlackBerry Enterprise Identity
    is enabled.
  1. Configure your organization’s third-party identity provider to work with
    BlackBerry Enterprise Identity
    .
  2. Do one of the following:
    • If you are using
      PingFederate
      or
      Okta
      , enable
      Dynamics Activation via Enterprise IDP
      as an OpenID Connect app.
    • If you are using
      Active Directory
      as the identity provider, add the
      Dynamics Active Directory Activation
      as an OpenID Connect app.
  3. In
    BlackBerry UEM
    , set up your organization’s identity provider. For more information, see the BlackBerry Enterprise Identity Administration Guide PingFederate and Okta instructions.
  4. In
    BlackBerry UEM
    , create a
    BlackBerry Enterprise Identity
    Authentication policy. Ensure you select
    Manage service exceptions
    , and add the
    Dynamics Activation via Enterprise IDP
    service. For more information, see the BlackBerry Enterprise Identity Administration Guide.
  5. Assign the
    BlackBerry Enterprise Identity
    Authentication policy to users. For more information, see the BlackBerry Enterprise Identity Administration Guide.
  • During the activation process, users need to select the
    Sign in with your organization if instructed by your administrator
    option and sign in using your organization’s identity provider.