Skip Navigation

Configure
Azure
Active Directory
conditional access

  1. In the
    BlackBerry UEM
    management console, click
    Settings > External integration > Azure Active Directory Conditional Access
    .
  2. In the table, click .
  3. Type a name for the configuration.
  4. In the
    Azure cloud
    drop-down list, select
    Global
    .
  5. Type your
    Azure tenant ID
    .
    You can enter either the tenant name, which is in FQDN format, or the unique tenant ID, which is in GUID format.
  6. In the device mapping override, select
    UPN
    or
    Email
    .
    By default, UPN is selected. If UPN is used, you should verify that the
    Azure AD
    tenant and all mapped directories share the same UPN value for users before you save the connection. After you save the connection, the device mapping override cannot be changed.
  7. In the
    Available company directories
    list, select one or more directory instances and click .
  8. Click
    Save
    .
  9. Select the administrator account that you want to use to log in to your
    Azure
    tenant.
    The administrator account must be able to grant permissions to the app to access resources in your organization. such as global administrator, cloud application administrator, or application administrator.
  10. Accept the
    Microsoft
    permission request.