Skip Navigation

Obtain an
app ID for
with certificate-based authentication

If you need to obtain multiple
app IDs (for example,
BlackBerry Work
, and
BlackBerry Connect
), it is recommended that you create a separate app ID for each app.
  1. Sign in to
  2. In the left column, click
    Azure Active Directory
  3. Click
    App registrations
  4. Click
    New registration
  5. In the
    field, enter a name for the app.
  6. Select a supported account type.
  7. Optionally, in the
    Redirect URI
    section, in the drop-down list, select
    Public/client (mobile & desktop)
    and enter http://<
    name of the app given in step 5
    This app is a daemon, not a web app, and does not have a sign-on URL.
  8. Click
    . The new registered app appears.
  9. In the
    section, click
    API permissions
  10. Click
    Add a permission
  11. In the
    Select an API
    section, click
    APIs my organization uses
  12. Click
    Office 365 Exchange Online
  13. Set the following Application permissions for
    Office 365
    Exchange Online:
    • Use Exchange Web Service with full access to all mailboxes (
  14. Click
    Add permissions
  15. Click
    Microsoft Graph
  16. Set the following Application permissions for
    Microsoft Graph
    • Read and write contacts in all mailboxes (
      Contacts > Contacts.ReadWrite
    • Send mail as any user (
      Mail > Mail.Send
    • Read all user's full profile (
      User > User.Read.All
  17. Click
    Add permissions
  18. Click
    Grant admin consent
  19. Click
  20. Click
    to view the app that you created in step 5. Copy the
    Application (client) ID
    . The Application (client) ID is displayed in the main
    page for the specified app. This is used as the
    Client application ID
    in the
    dashboard when you enable modern authentication and configure
    to communicate with
    Microsoft Office 365