What is the BlackBerry Dynamics SDK?
- BlackBerry Dynamics API reference
- Key features of the BlackBerry Dynamics SDK
Requirements and support for platform-specific features
Steps to get started with the BlackBerry Dynamics SDK
- Contents of the BlackBerry Dynamics SDK for Android
- Integrating the BlackBerry Dynamics SDK in .aar format
  - Integrate the BlackBerry Dynamics SDK using Gradle
  - Download and add the .aar files for the SDK libraries
Integrating optional features
Integrating BlackBerry Analytics
- Remove the previous integration with the separate BlackBerry Analytics SDK
- Using the BlackBerry Analytics REST API
  - Get a JWT token for REST API calls
Implementing SafetyNet attestation for BlackBerry Dynamics apps
Sample apps
Testing and troubleshooting
Deploying your BlackBerry Dynamics app
Deploying certificates to BlackBerry Dynamics apps
- Using Personal Information Exchange files
  - Configuring support for client certificates
  - Certificate requirements
- Using Kerberos

Using the
BlackBerry Web Services
REST APIs for SafetyNet attestation and status

The BlackBerry Web Services for BlackBerry UEM are a collection of REST APIs that you can use to execute administrative actions in

BlackBerry UEM

or to retrieve status information about

UEM

users, groups, devices, and the overall

UEM

domain. The

BlackBerry Web Services

version 12.10 and later provide REST APIs that you can use to both initiate and check the status of SafetyNet attestation.

For an introduction to the

BlackBerry Web Services

REST APIs, see the Getting started section in the REST API reference.

You can use the following APIs to initiate attestation for a specific

BlackBerry Dynamics

app or for a user’s device:

POST /{tenantGuid}/api/v1/users/{userGuid}/userDevices/{userDeviceGuid}/applications/{appGuid}/commands

POST /{tenantGuid}/api/v1/users/{userGuid}/userDevices/{userDeviceGuid}/commands

You can use the following APIs to retrieve the attestation status (as well as other status information) for all of a user’s devices, for a specific device, or for all of the apps on a specific device:

GET /{tenantGuid}/api/v1/users/{userGuid}/userDevices

GET /{tenantGuid}/api/v1/users/{userGuid}/userDevices/{userDeviceGuid}

GET /{tenantGuid}/api/v1/users/{userGuid}/userDevices/{userDeviceGuid}/applications

The returned status information provides the time that an attestation result was last reported. You can establish a trust window in which an attestation call is not required (for example, four hours). If you do use a REST API for an ATTEST call, you must get the attestation status later (asynchronously), as there is no notification that

UEM

has completed the attestation process.

You can use the REST APIs for various use cases. For example, if you have a server application that is used by your organization’s internal mobile apps, you could have the server application use the REST APIs noted above to check the app’s attestation status (or to initiate an attestation challenge) before releasing data to the app or accepting data from it.

Note the following about the communication channels for the REST APIs:

The REST APIs that attest the device or get status information for the device communicate with the

BlackBerry UEM Client

over a direct device channel that doesn’t require user authentication.

The REST APIs that attest a specific

BlackBerry Dynamics

app remain pending on the

UEM

server until the app is running on the device. When the app starts and is authenticated, it connects to

UEM

and the attestation challenge occurs.

Section:

Implementing SafetyNet attestation for BlackBerry Dynamics apps

Using the BlackBerry Web Services REST APIs for SafetyNet attestation and status

Using the
BlackBerry Web Services
REST APIs for SafetyNet attestation and status