Skip Navigation

Obtain an
Entra
app ID for
BEMS
with certificate-based authentication

If you need to obtain multiple
Entra
app IDs (for example,
Docs
and
BlackBerry Work
), it is recommended that you create a separate app ID for each app.
  1. Sign in to portal.azure.com.
  2. In the left column, click
    Microsoft Entra ID
    .
  3. Click
    App registrations
    .
  4. Click
    New registration
    .
  5. In the
    Name
    field, enter a name for the app.
  6. Select a supported account type.
  7. Click
    Register
    . The new registered app appears.
  8. In the
    Manage
    section, click
    API permissions
    .
  9. Click
    Add a permission
    .
  10. In the
    Select an API
    section, click
    APIs my organization uses
    .
  11. Click
    Office 365 Exchange Online
    .
  12. Set the following Application permissions for
    Office 365
    Exchange Online:
    • Use Exchange Web Service with full access to all mailboxes (
      full_access_as_app
      )
  13. Click
    Add permissions
    .
  14. Click
    Microsoft Graph
    .
  15. Set the following Application permissions for
    Microsoft Graph
    .
    • Read and write contacts in all mailboxes (
      Contacts > Contacts.ReadWrite
      )
    • Send mail as any user (
      Mail > Mail.Send
      )
    • Read all user's full profile (
      User > User.Read.All
      )
  16. Click
    Add permissions
    .
  17. Click
    Grant admin consent
    .
  18. Click
    Yes
    .
  19. Click
    Overview
    to view the app that you created in step 5. Copy the
    Application (client) ID
    . The Application (client) ID is displayed in the main
    Overview
    page for the specified app. This is used as the
    Client application ID
    in the
    BEMS
    dashboard when you enable modern authentication and configure
    BEMS
    to communicate with
    Microsoft 365
    .