Hong Kong 2018
Hong Kong 2018
Secure Your First BlackBerry Dynamics App
EK Choi, Enterprise Solutions Manager
© 2017 BlackBerry. All Rights Reserved. 4
Build Integration
Dynamics runtime is for secure mobile
and desktop applications
Exposes capabilities via APIs packaged
as an SDK which gets linked with your
application code
Includes resources which include a small
user interface in support of APIs
Application
Code
BlackBerry Dynamics Runtime
Library and Resources
BlackBerry Dynamics Application
© 2017 BlackBerry. All Rights Reserved. 5
Application Integration
Authorization triggered by single API call
Application logic must ensure that
authorization has been properly
completed prior to full application launch
Must handle appropriate events generated
by the runtime as state changes occur in
the authorization life cycle
BlackBerry Dynamics Application
© 2017 BlackBerry. All Rights Reserved. 6
Activation
Mandatory for Dynamics applications
Occurs on first execution
• Internet connection required
• Needs email address and access key
• Prompts for container password if appropriate
Establishes relationship between Dynamics Runtime
and your enterprise infrastructure
© 2017 BlackBerry. All Rights Reserved. 7
Easy Activation
User selects previously activated application to be the
delegate for activation of a new application
Improved user experience by not requiring an access
key per application
User only needs to know the delegate application’s
password
Most common case is that only one Easy Activation
candidate is offered to the user at a time.
© 2017 BlackBerry. All Rights Reserved. 8
Occurs when launching an application following
• Power on
• Being unloaded from memory
Requires the container password and/or Trust
Authentication Framework (TAF) factors
Runtime derives an application data encryption key
from the unlock password to protect data on the device
Offline applications are fully supported
Default is one unlock password per application
Authentication
© 2017 BlackBerry. All Rights Reserved. 9
Authentication Delegation
Application can delegate authentication to
another application
Improves user experience through single
password and inactivity timer
Enabled via the administrator no changes are
required by development
Administrator sets authentication delegation via
policy
Typically one application is set as the
authentication delegate for the device
© 2017 BlackBerry. All Rights Reserved. 12
Identifiers
“BlackBerry Dynamics Entitlement Identifier” must be
globally unique
- aka BlackBerry Dynamics Application ID
- aka GDApplicationID
1. Reverse your domain name
2. Include subdomains as needed for organization
3. Include your application name
So “com.good” + “gd.example” + “rssreader” becomes
com.good.gd.example.rssreader
Dynamics Entitlement Version should only be
changed when an aspect of your BlackBerry
Dynamics integration changes
© 2017 BlackBerry. All Rights Reserved. 13
Enterprise Simulation Mode
Good for early stage iterative development
Enables development in parallel with infrastructure
deployment
Only works with the simulator and an internet
connection is required
Applications will access backend resources via your
computers network connection
New build required to change the library mode
Warnings will appear in the GD Runtime resources
when simulation mode is enabled
© 2017 BlackBerry. All Rights Reserved. 14
App Activation and Authorization
RSSReader – BlackBerry Dynamics Sample App
1. Install
2. Email and access keys
- sent by admin or generated via UEM self-service portal
3. User enters email and access keys
4. Activation Process
5. User creates password
6. Launches the main UI
© 2017 BlackBerry. All Rights Reserved. 15
App Activation and Authorization
RSSReader – BlackBerry Dynamics Sample App
When the app is not entitled for the user in UEM.
© 2017 BlackBerry. All Rights Reserved. 16
App Entitlement
In the server side(UEM),
apps must be entitled for users who are going to activate on their devices.
© 2017 BlackBerry. All Rights Reserved. 17
App vs BlackBerry Dynamics App
© 2017 BlackBerry. All Rights Reserved. 18
Happy Coding!
You are now ready to complete the following section of the BlackBerry Developer Summit Workbook on
the platform of your choice:
Session: Secure Your First BlackBerry Dynamics App
Readiness page: www.blackberrydevsummit.com
Please do not hesitate to ask for help from any of the developer support staff
iPad and iPhone are trademarks of Apple, Inc., registered in the U.S. and other countries. Android is a trademark of Google Inc. The Android robot is reproduced or modified from work
created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. BlackBerry is a trademark of Research In Motion Limited.
© 2017 BlackBerry. All rights reserved.