Skip Navigation

Configure the connection to the REST API endpoint

The
BlackBerry 2FA
server's REST API endpoint is protected using server-authenticated HTTPS. You must configure your custom services to trust the
BlackBerry 2FA
server. You have the following options:
  • You can use the default self-signed certificate generated during installation of the
    BlackBerry 2FA
    server. The default self-signed certificate is located in bb2fa-config/restkeystore.jks. Your client application must be configured to trust this certificate explicitly. The default server port is 5443.
  • You can supply your own CA-signed certificate by importing it into a
    Java
    keystore under the “bb2fa” alias (
    RSA
    2048 is recommended as the key algorithm). Copy the keystore file into the bb2fa-config directory and update the keystore file name and password on the
    BlackBerry 2FA
    server configuration page in
    BlackBerry UEM
    .
In all cases, the custom services are authenticated using HTTP basic authentication (username and password), which are sent as headers in the request.
  1. In the
    BlackBerry UEM
    management console, on the menu bar, click
    Settings
    >
    External integration
    >
    BlackBerry 2FA server
    .
  2. Click the name of the
    2FA
    server that you want to configure.
  3. In the
    REST interface configuration
    section, enter the information.
  4. Click
    Save
    .