Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry 2FA
  3. BlackBerry 2FA - Server Configuration Guide
  4. Configure the connection to the REST API endpoint

Configure the connection to the REST API endpoint

The
BlackBerry 2FA
 server's REST API endpoint is protected using server-authenticated HTTPS. You must configure your custom services to trust the
BlackBerry 2FA
 server. You have the following options:
  • You can use the default self-signed certificate generated during installation of the
    BlackBerry 2FA
     server. The default self-signed certificate is located in bb2fa-config/restkeystore.jks. Your client application must be configured to trust this certificate explicitly. The default server port is 5443.
  • You can supply your own CA-signed certificate by importing it into a
    Java
     keystore under the “bb2fa” alias (
    RSA
     2048 is recommended as the key algorithm). Copy the keystore file into the bb2fa-config directory and update the keystore file name and password on the
    BlackBerry 2FA
     server configuration page in
    BlackBerry UEM
    .
In all cases, the custom services are authenticated using HTTP basic authentication (username and password), which are sent as headers in the request.
  1. In the
    BlackBerry UEM
     management console, on the menu bar, click
    Settings
     >
    External integration
     >
    BlackBerry 2FA server
    .
  2. Click the name of the
    2FA
     server that you want to configure.
  3. In the
    REST interface configuration
     section, enter the information.
  4. Click
    Save
    .