Skip Navigation

Configuring
BlackBerry Enterprise Identity
to work with
Workspaces

You must have the following environment:
  • An on-premise installation of
    Workspaces
    with vApp or Appliance-X
  • A
    BlackBerry UEM
    server, or
    BlackBerry UEM Cloud
    instance enabled with
    Enterprise Identity
New
BlackBerry UEM Cloud
and
Workspaces
tenants are now auto-configured to allow users to sign in with
Enterprise Identity
, allowing application of two-factor authentication or other advanced access policies (pre-existing
BlackBerry UEM Cloud
tenants will gain this capability in a future release)
  1. Go to
    https://<your server>/saml-idp/saml/metadata
    .
  2. Download the metadata file.
  3. Do one of the following:
    • Use the
      BlackBerry UEM
      version 12.6.3 or earlier management console management console to log into the
      Enterprise Identity
      console.
    • Use the
      BlackBerry UEM
      version 12.7 or later, or the
      BlackBerry UEM Cloud
      management console to open the
      Enterprise Identity
      Services page.
  4. Create a
    Workspaces
    service.
  5. Map the service entity ID and the signin / signout URL from the metadata to the corresponding fields in
    Workspaces
    service.
  6. Configure IDP signing certificate and private key using the key pair generated earlier.
  7. Set the claims as
    E-mail Address (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddresses)
    .
  8. Click
    Save
    .
  9. Download the metadata for the
    Workspaces
    service.
  10. With an administrator account, log in to the
    Workspaces
    management console.
  11. Click
    Authentication type
    and select
    BlackBerry Enterprise Identity
    .
  12. Upload the metadata you downloaded from
    BlackBerry UEM
    for
    Workspaces
    . This creates a new IDP in
    Workspaces
    .
  13. Click
    Save
    .
  14. Log into
    Workspaces
    BlackBerry Workspaces Configuration Tool
    and associate the tenant with the new IDP.
  15. Log into the
    Workspaces
    URL and verify that it directs to the IDP.
  16. Verify that everything works by entering the username and password for a user that is entitled with
    BlackBerry Enterprise Identity
    .