- What is the BlackBerry Dynamics SDK?
- Requirements and support for platform-specific features
- Software requirements
- Using an entitlement ID and version to uniquely identify a BlackBerry Dynamics app
- FIPS compliance
- Declaring a URL type to support BlackBerry Dynamics features
- App UI restrictions
- Requirements and prerequisites for iOS platform features
- Supported TLS protocols and cipher suites
- Steps to get started with the BlackBerry Dynamics SDK
- Integrating optional features
- Preventing password autofill in the app UI
- Enforcing local compliance actions
- Adding custom policies for your app to the UEM management console
- Add a watermark to the screens in a BlackBerry Dynamics app
- Allow unencrypted data to be copied to the pasteboard
- Replace the default splash screen for inactive apps
- Prompt the user to update a BlackBerry Dynamics app
- Adding a custom logo and colors with the branding API
- Using zero sign-on for SaaS services through BlackBerry Enterprise Identity
- Integrating BlackBerry Enterprise Mobility Server services
- Enabling microphone and camera support with WebRTC
- Integrating BlackBerry Analytics
- Integrating CylancePERSONA
- Sample apps in Objective-C
- Testing and troubleshooting
- Deploying your BlackBerry Dynamics app
- Deploying certificates to BlackBerry Dynamics apps
FIPS compliance
It is a best practice to make your
BlackBerry
Dynamics
apps compliant with U.S. Federal Information Processing Standards (FIPS) 140-2.The BlackBerry Dynamics SDK
distribution contains FIPS canisters and tools.The
BlackBerry UEM
administrator enables FIPS compliance using a BlackBerry
Dynamics
profile (UEM
). If enabled, BlackBerry
Dynamics
apps must start in FIPS-compliant mode. The SDK determines whether a service is running in FIPS mode when the app communicates with the server to receive policies.FIPS compliance enforces the following constraints:
- The use of MD4 and MD5 are prohibited. As a result, access to NTLM-protected or NTLM2-protected web pages and files is blocked.
- In secure socket key exchanges with ephemeral keys, with servers that are not configured to use Diffie-Hellman keys of sufficient length,BlackBerry Dynamicsretries with static RSA cipher suites.
- When you enable FIPS compliance, user certificates must use encryption that meets FIPS standards. If a user tries to import a certificate with encryption that is not compliant, the user receives an error message indicating that the certificate is not allowed and cannot be imported.
- ForiOS, when you build for testing with the x86 64-bit simulator, FIPS mode is not enforced. As a result, you might see a difference in behavior with the simulator compared to actual operation.BlackBerryrecommends that you always test your app on actualiOShardware and not rely exclusively on the simulation.
- If you use the SDK dynamic framework, FIPS linking is not required.