Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Dynamics SDK for Cordova 12.1
  3. BlackBerry Dynamics SDK for Cordova Development Guide
  4. Deploying certificates to BlackBerry Dynamics apps
  5. Using Kerberos

Using
Kerberos

BlackBerry Dynamics
 apps support both
Kerberos
 PKINIT with PKI certificates and
Kerberos
 Constrained Delegation. Kerberos PKINIT and
Kerberos
 Constrained Delegation are distinct implementations of
Kerberos
. You can support one or the other for
BlackBerry Dynamics
 apps, but not both.
With
Kerberos
 PKINIT, authentication occurs directly between the
BlackBerry Dynamics
 app and the
Windows
 Key Distribution Center (KDC). User authentication is based on certificates that are issued by
Microsoft Active Directory
 Certificate Services. No additional programming is required by the app developer to use
Kerberos
 PKINIT.
With
Kerberos
 Constrained Delegation, authentication is based on a trust relationship between the management server (
BlackBerry UEM
 and a KDC. The management server communicates with the service on behalf of the app.
For more information about how to configure the desired
Kerberos
 implementation in
UEM
, including requirements and prerequisites, see Configuring Kerberos for BlackBerry Dynamics apps in the
UEM Administration Guide
.