Get the PDF

What is the BlackBerry Dynamics SDK?
- BlackBerry Dynamics API reference
- Key features of the BlackBerry Dynamics SDK
Requirements and support for platform-specific features
Steps to get started with the BlackBerry Dynamics SDK
- Contents of the BlackBerry Dynamics SDK for Android
- Integrating the BlackBerry Dynamics SDK in .aar format
  - Integrate the BlackBerry Dynamics SDK using Gradle
  - Download and add the .aar files for the SDK libraries
Integrating optional features
Integrating BlackBerry Analytics
- Remove the previous integration with the separate BlackBerry Analytics SDK
- Using the BlackBerry Analytics REST API
  - Get a JWT token for REST API calls
Implementing Play Integrity attestation for BlackBerry Dynamics apps
Sample apps
Testing and troubleshooting
Deploying your BlackBerry Dynamics app
Deploying certificates to BlackBerry Dynamics apps
- Using Personal Information Exchange files
  - Configuring support for client certificates
  - Certificate requirements
- Using Kerberos

User authentication

BlackBerry UEM

offers the following options to adjust the user experience for accessing

BlackBerry Dynamics

apps.

Fingerprint and biometric authentication

Various forms of biometric authentication are supported by the

BlackBerry Dynamics

SDK, including fingerprint authentication and for

Android

and

Touch ID

and

Face ID

for

iOS

. The

BlackBerry UEM

administrator can use a

BlackBerry Dynamics

profile (

UEM

) to enable biometric authentication. Contact your organization’s administrator to enable and configure these features.

For more information, see

BlackBerry Dynamics

and Fingerprint Authentication.

Authentication delegation

The

BlackBerry UEM

administrator can configure up to three

BlackBerry Dynamics

apps on users’ devices to act as an authentication delegate (a primary, secondary, and tertiary delegate). When a user opens any

BlackBerry Dynamics

app, the device will display the login screen of the authentication delegate app. After the user logs in successfully, all of the

BlackBerry Dynamics

apps on the device are unlocked. The user does not need to enter a password again until the idle timeout is reached.

If you want your custom

BlackBerry Dynamics

app to be an authentication delegate, the

UEM

administrator must specify the app package ID (

Android

) or bundle ID (

iOS

) in the

BlackBerry Dynamics

app settings in the management console. Contact your organization’s administrator to provide this information. For instructions for specifying the package ID or bundle ID for an app, see Manage settings for a BlackBerry Dynamics app in the

UEM Administration Guide

The administrator configures one or more authentication delegate using a

BlackBerry Dynamics

profile. It is a best practice to configure the most commonly used app as the authentication delegate. Contact your organization’s administrator to configure one or more authentication delegates.

If the administrator configures a secondary authentication delegate, the administrator must notify users that if they delete the primary authentication delegate app, the user must unlock the secondary delegate app and set the app password again so that it can be used to authenticate any additional

BlackBerry Dynamics

apps. The same requirement applies if a tertiary delegate is configured and the primary and secondary delegate apps are deleted.

Do not require a password

Enabled using a

BlackBerry Dynamics

profile, this setting removes the password login for

BlackBerry Dynamics

apps. Users cannot choose whether to use a password.

Do not enable authentication delegation and this setting in the same profile or policy set. This feature is supported in

UEM

12.7 or later. If the setting is enabled and then disabled at a later date, users are prompted to create a password the next time they log in to a

BlackBerry Dynamics

app.

You can use the GDAndroid.getInstance().canAuthorizeAutonomously() or [GDiOS sharedInstance].canAuthorizeAutonomously method to check if this feature is enabled. See the GDInteraction sample app (Android) or the SecureStore sample app (iOS) for examples of this method.

Bypass the app unlock screen

Enabled in the

UEM Client

settings for a specific

BlackBerry Dynamics

app (

UEM

), this setting allows an app to completely bypass the password login screen.

For more information and programming guidance, see the Bypass Unlock Developer Guide.

Background Authorize for
iOS

Background Authorize is a restricted API that allows a recently locked

BlackBerry Dynamics

app to use the principal BlackBerry Dynamics APIs (such as secure storage and secure communication) when the app is running in the background.

This feature can be useful in scenarios where the app has stopped unexpectedly and is started in the background in response to an APNS message (for example, a new email). If Background Authorize is enabled, the app can download new data and store it in the secure container. When the user brings the app to the foreground they can authorize and immediately access the data (for example, messages).

To access this restricted API, submit a request to the

BlackBerry Dynamics

Registrar program at BlackBerryDynamicsRegistrar@blackberry.com.

For more information about this feature, see the Background Authorize Developer Guide.

Background Authorize for Android

GDAndroid.canAuthorizeAutonomously allows

BlackBerry Dynamics

apps to background unlock, receive state callback, and use credential-protected storage. The app can use canAuthorizeAutonomously() to check if it is possible to use background unlock, and if possible, authorize with serviceInit().

Section:

Key features of the BlackBerry Dynamics SDK