Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Work, Tasks, and Notes
  3. 3.18
  4. BlackBerry Work, Notes, and Tasks Administration Guide for BlackBerry UEM
  5. Managing BlackBerry Work
  6. Steps to configure email notifications for BlackBerry Work
  7. Configure email notifications for BlackBerry Work
  8. Enable Microsoft Graph API to allow BEMS in a BlackBerry UEM Cloud environment to communicate with Microsoft Exchange Online

Enable
Microsoft Graph
 API to allow
BEMS
 in a
BlackBerry UEM Cloud
 environment to communicate with
Microsoft Exchange Online

If you have configured the email notifications in your
UEM Cloud
 instance that is configured to use
Microsoft Exchange Web Services
 (EWS) for Exchange Online to access
Microsoft 365
 mailboxes, when you enable "Use Microsoft Graph",
BEMS
 will automatically migrate all
Microsoft 365
 users from using EWS to
Microsoft Graph
 at a rate of 50 users every 5 minutes.
  1. In the
    UEM Cloud
     management console, click
    Settings > BlackBerry Dynamics > Email notifications
    .
  2. Click the
    Microsoft Graph
     tab.
  3. Click The Edit icon.
  4. Select the
    Use Microsoft Graph client
     check box.
  5. In the
    Authentication type
     section, select an authentication type based on your environment and complete the associated tasks to allow
    BEMS
     to communicate with
    Microsoft Exchange Online
    :
    Authentication type
    Description
    Task
    Client Secret
    This option uses a client secret to allow the
    BEMS
     service account to authenticate to
    Microsoft Exchange Online
    . The client secret is created during the application registration process.
    In the
    Client Secret
     field, enter the
    Value
    for the client secret. For instructions on obtaining a client secret, see Obtain an Entra app ID for BEMS with client secret authentication.
    Client Certificate
    This option uses a client certificate to allow the
    BEMS
     service account to authenticate to
    Microsoft Exchange Online
    .
    1. For the
      Certificate file (.pfx)
      , click
      Browse
       and select the client certificate file. For instructions on obtaining the .PFX file, see Associate a certificate with the Entra app ID for BEMS
    2. In the
      Password
       field, enter the password for the client certificate.
  6. In the
    Authentication Authority
     field, enter the Authentication Server URL that
    BEMS
     accesses and retrieve the OAuth token for authentication with
    Microsoft Exchange Online
    . By default, the field is prepopulated with https://login.microsoftonline.com/common.
    The authentication server URL must be in the format of https://login.microsoftonline.com/
    tenantname
     or https://login.microsoftonline.com/
    tenantid
    .
  7. In the
    Client App ID
     field, enter the
    Entra
     app ID for the credential authentication.
  8. In the
    Server Name
     field, type
    https://graph.microsoft.com
    .
  9. In the
    End User Email Address
     field, type an email address to test connectivity to
    Microsoft Exchange Online
     using the service account. Click
    Test connection
    . You can delete the email address after you complete the test.
  10. Click
    Save
  11. Configure the Autodiscover and Exchange Options in Configure email notifications for BlackBerry Work. You can configure the settings using one of the following authentication types: Credential, Credentials + Modern Authentication, or Client Certificate + Modern Authentication type.