Get the PDF

What is BlackBerry BRIDGE?
Architecture: BlackBerry BRIDGE in an on-premises BlackBerry UEM environment
Architecture: BlackBerry BRIDGE in a BlackBerry UEM Cloud environment
- Data flow: Sending documents between BlackBerry Work and Microsoft Intune managed apps using the BlackBerry BRIDGE app
- Data flow: Sending documents between Microsoft Intune-managed apps and BlackBerry Dynamics apps using the BlackBerry BRIDGE app
Steps to manage BlackBerry BRIDGE in an on-premises BlackBerry UEM environment
Steps to manage BlackBerry BRIDGE in a BlackBerry UEM Cloud environment
System requirements
Connecting BlackBerry UEM to Microsoft Entra ID
Managing the BlackBerry BRIDGE app
Creating directory-linked groups
- Create a directory-linked group
Managing apps protected by Microsoft Intune
- Create a Microsoft Intune app protection profile
  - Turn off interoperability between BlackBerry Dynamics apps and app managed by Intune in BlackBerry UEM
- Assign the Intune app protection profile to a directory-linked group
Options for installing and activating BlackBerry BRIDGE
Using BlackBerry BRIDGE with Microsoft Authenticator on Android devices
Wipe apps managed by Microsoft Intune
Troubleshooting BlackBerry BRIDGE

Create a
Microsoft Intune
app protection profile

When you create or update a

Microsoft Intune

app protection profile in

BlackBerry UEM

, the profile settings are sent to

Intune

to update the corresponding app protection policy.

Microsoft Intune

app protection profiles can be assigned only to directory-linked groups. You can enable a new policy for

iOS

devices to display only the

Microsoft Intune

-managed apps that support the document type that users share to

Microsoft Intune

apps. In this release, this feature must be enabled in the

Microsoft Entra ID

portal. In an upcoming release of

BlackBerry UEM

, administrators will be able to enable this feature in the

BlackBerry UEM

console or in the

Microsoft Entra ID

portal.

The

Microsoft Intune

app protection profile settings are sent to

Intune

and update the settings in the corresponding app protection policy. In the

Entra

portal, you can then enable the 'Send org data to other apps' policy to display only the

Microsoft Intune

-managed apps that support the document type that

iOS

users share to

Intune

managed apps. Modifying or deleting any other settings in

Entra

can prevent other users from activating

BlackBerry BRIDGE

For more information about

Microsoft Intune

app protection profile settings, see Create a Microsoft Intune app protection profile. If you configure the

Microsoft Intune

app protection profile to Prevent Save as and allow users to save files to a Local storage, users receive the error message "Action Not Allowed. Your organization only allows you to open work or school data in this app" when they try to send a file from the device to a not secure local storage. Files must be opened from a corporate location (for example, a secured local storage,

Microsoft OneDrive for Business

Microsoft SharePoint

Make sure that you configure

BlackBerry UEM

to synchronize with

Microsoft Intune

. The

Microsoft Intune

app protection profile does not appear on the Policies and Profiles page if the connection isn't configured.

For

Android

devices, make sure the

Microsoft

Company Portal app is installed on devices but not activated. For more information, see app-protection-enabled-apps-android.

On the menu bar, click

Policies and Profiles

Click

Protection > Microsoft Intune app protection profile

Click

Type a name and description for the profile.

Select the

Enable interoperability between Intune and Dynamics apps

checkbox.

When you enable this feature, the following policy settings are set to Policy Managed apps only and cannot be changed for security reasons such as enforcing data to remain within the intune protected secure environment:

Allow app to transfer data to other apps

Allow app to receive data from other apps

Optionally, in the custom JSON field, edit the JSON values if you want to customize messages and warning seen by your users in the

BRIDGE

app.

Select the

Prevent Save as

checkbox and select one or more of the following options to prevent users from sharing saved files to the following locations:

Local storage: Allows users to save a copy of the file in the

Intune

-managed app.

OneDrive for Business

SharePoint

If you want users to share files from

Microsoft Teams

, you must clear the

Prevent Save as

checkbox.

Add the required App packages for devices in your organization.

Beside the App package IDs, click The Add icon

Select the appropriate App package IDs.

For

Microsoft Office

iOS

devices, select com.microsoft.officemobile

Android

devices, select com.microsoft.office.officehubrow

For

Microsoft Excel

, select com.microsoft.office.excel

For

Microsoft PowerPoint

, select com.microsoft.office.powerpoint

For

Microsoft Word

, select com.microsoft.office.word

For

Skype for Business

, select com.microsoft.skype.teams

For

Microsoft OneNote

, select com.microsoft.onenote

For

Microsoft Viva Engage

iOS

devices, select wefwef

Android

devices, select com.yammer.v1

Select the following apps:

For

Microsoft Office

iOS

devices, select com.microsoft.officemobile

Android

devices, select com.microsoft.office.officehubrow

For

Microsoft Excel

, select com.microsoft.office.excel

For

Microsoft PowerPoint

, select com.microsoft.office.powerpoint

For

Microsoft Word

, select com.microsoft.office.word

For

Skype for Business

, select com.microsoft.skype.teams

For

Microsoft OneNote

, select com.microsoft.onenote

For

Microsoft Viva Engage

iOS

devices, select wefwef

Android

devices, select com.yammer.v1

Click

Save

Click

Add

Optionally for

iOS

devices, configure the corresponding app protection policy in the

Entra

portal to display only the

Intune

-managed apps that support the document type that is shared to

Intune

-managed apps.

If you modify the corresponding app protection policy in the

Entra

portal, subsequent updates must be completed in the portal. Do not modify other settings in the policy, or it might prevent other

iOS

users from activating

BlackBerry BRIDGE

Microsoft

Endpoint Manager admin center portal at https://endpoint.microsoft.com/.

In the left column, click

Apps

In the

Policy

section, click

App protection policies

Search for and open the policy that was created in

BlackBerry UEM

and synchronized to

Entra

Under

Manage

, click

Properties

In the

Data protection

section, click

Edit

In the

Send org data to other apps

drop-down list, select

Policy managed apps with Open-In/Share filtering

Click

Review + save

Click

Save

Assign the

Intune

app protection profile to a directory-linked group.

Section:

Managing apps protected by Microsoft Intune

Turn off interoperability between BlackBerry Dynamics apps and app managed by Intune in BlackBerry UEM