Obtain an Entra app ID for BlackBerry Work
Entra
app ID for BlackBerry Work
If you are configuring
Office
365
settings in the app configuration for BlackBerry Work
, you may need to obtain and copy the Entra
app ID for BlackBerry Work
. If you need to obtain multiple Entra
app IDs (for example, BEMS-Mail
and BEMS-Docs
), it is recommended that you create a separate app ID for each app.- Log on to portal.azure.com.
- In theAzure servicessection, clickMicrosoft Entra ID.
- ClickApp registrations.
- ClickNew registration.
- In theNamefield, enter a name for theBlackBerry Workapp. This is the name that users will see.
- Select a supported account type. Although Multitenant is supported, in most cases this should be Single tenant.
- In theRedirect URIdrop-down list, selectPublic client (mobile & desktop)and enter:com.blackberry.work://connect/o365/redirect
- ClickRegister.
- Optionally, if you are enablingEntra IDconditional access, perform the following actions:
- Click on theRedirect URIslink (i.e. '0 web, 0 spa, 1 public client').
- ForiOSdevices, under the existingMobile and desktop applicationssection, clickAdd URI, and enter:x-msauth-work://com.good.gcs.g3
- ForAndroiddevices:
- ClickAdd a platform > Android.
- In thePackage namefield, enter:com.good.gcs
- In theSignature hashfield, enter:zRsXTl1cL/Seb6GumLzvoecPA8w=
- ClickConfigure.
- In the left column, in theManagesection, clickAPI permissions.
- ClickAdd a permission.
- In theSelect an APIsection, click theMicrosoft APIstab.
- Complete one or more of the following tasks:EnvironmentPermissionsIf your environment is configured to useMicrosoft 365
- ClickMicrosoft Graph. IfMicrosoft Graphis not listed, addMicrosoft Graph.
- In delegated permissions, select the following permissions:
- Sign in and read user profilecheckbox (User > User.Read)
- Send mail as a usercheckbox (Mail > Mail.Send)
- Access mailboxes as the signed-in user via Exchange Web Servicescheckbox (EWS > EWS.AccessAsUser.All).
- Have full access to user calendarscheckbox (Calendars > Calendars.ReadWrite)
- Read and write a user's presence informationcheckbox (Presence > Presence.Read.All)
- Click one of the following:
- IfMicrosoft Graphexisted in the API permissions, clickUpdate permissions.
- If you needed to addMicrosoft Graph, clickCreate.
- ClickAdd permissions.
If your environment is configured to useMicrosoft SharePoint OnlineorEntra-IP to enable modern authentication for theBlackBerry Workclient- Click theAPIs my organization usestab.
- Search for and click theBEMSapp that you created in Obtain an Azure app ID for the BEMS-Docs component service. For example, AzureAppIDforBEMS.
- Select all delegated permissions.
- ClickDelegated permissions.
- Clickexpand all. Make sure that all options are selected.
- ClickAdd permissions.
- ClickGrant admin consent for <Organization name>to apply the permissions for the app. These settings will not be applied to the app until you have granted the updated permissions.
- ClickYes.
- You can now copy the Application ID for the app that you created. In theManagesection, clickOverview. It is located under the name of the app, in the Application (client) ID field. You use the Application ID in the app configuration settings for BlackBerry Work. For more information about the app configuration, see BlackBerry Work app configuration settings.