Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Enterprise Mobility Server 3.6
  3. Configuring BlackBerry Mail
  4. BlackBerry Mail (BEMS Push Notifications service)
  5. Steps to configure Push Notifications
  6. Configure BEMS to communicate with the Microsoft Exchange Server, Microsoft Office 365, or hybrid environment
  7. Obtain an Azure app ID for BEMS with credential or passive authentication

Obtain an
Azure
 app ID for
BEMS
 with credential or passive authentication

If you need to obtain multiple
Azure
 app IDs (for example,
Docs
,
BlackBerry Work
, and
BlackBerry Connect
), it is recommended that you create a separate app ID for each app.
  1. Sign in to portal.azure.com.
  2. In the left column, click
    Azure Active Directory
    .
  3. Click
    App registrations
    .
  4. Click
    New registration
    .
  5. In the
    Name
     field, enter a name for the app.
  6. Select a supported account type.
  7. In the
    Redirect URI
     section, in the drop-down list, complete one of the following tasks. The Redirect URI is the URL that the user is redirected to after they successfully authenticate to the identity provider (IDP).
    Important
    : Make sure that the Redirect URL matches the URL to the dashboard or authentication might not work as expected.
    • For credential authentication, select
      Web
       and enter
      https://localhost:8443
      .
    • For passive authentication, select
      Public client/native (mobile & desktop)
       and enter the URL that you use to access the
      BEMS
       Dashboard.
      • If you access the
        BEMS
         Dashboard from the computer that hosts the BEMS instance, enter
        https://localhost:8443
        .
      • If you access the
        BEMS
         Dashboard remotely, enter
        https://
        <FQDN of the computer that hosts the BEMS instance>
        :8443
        .
  8. Click
    Register
    . The new registered app appears.
  9. In the
    Manage
     section, click
    API permissions
    .
  10. In the
    Configured permissions
     section, click
    Microsoft Graph
    .
  11. Set the following permissions:
    • For
      Microsoft Exchange Web Services
      : Access mailboxes as the signed-in user via Exchange Web Services (
      EWS > EWS.AccessAsUser.All
      )
      In 2022,
      Microsoft
       started to deprecate the
      Microsoft Exchange Web Services
       (EWS) for
      Microsoft Exchange Online
       APIs replacing the EWS with
      Microsoft Graph
       and this permission may not be available. For more information, visit techcommunity.microsoft.com and read 'Upcoming API Deprecations in Exchange Web Services for Exchange Online'.
    • For
      Microsoft Graph
      : For Sign in and read user profile (
      User > User.Read
      ).
  12. Click
    Update permissions
    .
  13. Click
    Grant admin consent
    . Click
    Yes
    .
    This step requires tenant administrator privileges.
  14. To allow autodiscovery to function as expected, set the authentication permissions.
    1. In the
      Manage
       section, click
      Authentication
      .
    2. Under the
      Allow public client flows
       section, select
      Yes
       to
      Enable the following mobile and desktop flows
      .
    3. Click
      Save
      .
  15. Click
    Overview
    . Copy the
    Application (client) ID
    . The Application (client) ID is displayed in the main
    Overview
     page for the specified app. This is used as the
    Client application ID
     when you enable modern authentication and configure
    BEMS
     to communicate with
    Microsoft Office 365
    .