Authentication and authorization
When making an API request, your application must provide an administrator account name and administrator account password for the BlackBerry® Administration Service to identify your application and authorize your application to use the API. You can use the utilws web service in the BlackBerry® Administration API to specify the credentials and encode requests so that each request automatically adds the credentials to the SOAP header. The utilws web service is the only web service that your application can access before the credentials are specified.
The BlackBerry Administration Service supports administrator accounts that are stored in the BlackBerry Configuration Database and administrator accounts that are authenticated externally by your organization's messaging server. Your application can use any administrator account that can log in to the BlackBerry Administration Service to authenticate with the BlackBerry Administration API. The administrator accounts that your application uses must be assigned a role that grants permissions for all the tasks that you want your application to complete.