BlackBerry Dynamics

Get Started with BlackBerry Development Tools

  1. Home
  2. Resources
  3. Get Started
  4. Dynamics

Get Started with BlackBerry Dynamics SDK

Develop your first secure mobile app now at no cost with the help of the powerful BlackBerry Dynamics Secure Mobility Platform.

The BlackBerry Dynamics Platform provides a range of SDKs and plugins that allow you to develop in the environment of your choice and build native, hybrid, or web apps. 

This resource is intended to give you a quick start in developing your first BlackBerry Dynamics app. To see the full Development Guide and Release Notes for each available platform of the BlackBerry Dynamics SDK, visit BlackBerry Docs.

Choose a platform and click Next.

Discover the components and benefits of the BlackBerry Dynamics Secure Mobility Platform. This resource provides information about using the BlackBerry Dynamics SDK for iOS, Android, and Cordova. For more information about using the SDK for all available platforms, see the BlackBerry Dynamics SDK Documentation.

The BlackBerry Dynamics SDK provides a powerful set of tools to ISV and enterprise developers. It allows developers to focus on building commercial and business apps rather than learning how to secure, deploy, and manage those apps. The BlackBerry Dynamics Platform includes:

  • Lifecycle management
  • Security and compliance policies
  • Secure connectivity to enterprise services
  • Secure storage
  • Secure inter-app communication
  • Application configuration and application specific policies

The BlackBerry Dynamics platform supports common business operating systems, mobile, and desktop, including iOS, Android, macOS and Windows.

The simplest way to understand the BlackBerry Dynamics platform is to think of it as three key components: the BlackBerry Dynamics SDK and BlackBerry servers (BlackBerry UEM) connected by a Network Operations Center (NOC). BlackBerry Dynamics provides the services and architecture to build, securely deploy, and manage apps. BlackBerry UEM includes the BlackBerry Dynamics Secure Mobility Platform and delivers the Enterprise Mobility Management (EMM) solution to securely manage devices.

With the acquisition of Good Technology by BlackBerry, BlackBerry has created a unified product with best-in-class Bring Your Own Device (BYOD), EMM, and Mobile Device Management (MDM) capabilities.

BlackBerry Dynamics Secure Mobility Platform

The BlackBerry Dynamics (BD) platform consists of BD Runtime, the BD Network Operation Center (NOC), and BD servers.

The BD Runtime is included in every BD mobile app. The runtime has an API that gives the app access to activation, user authentication, secure storage, communication behind the firewall, and much more, all while enforcing security policies on behalf of the organization. To work with the BD Runtime, you need to download the BlackBerry Dynamics SDK for the target platform (iOS, Android, Cordova, Xamarin).

By including the BlackBerry Dynamics SDK in your app, you will have access to app policies, inter-app communication, secure storage, secure channel push, shared services, authentication delegation, Single Sign-on (KCD and GD auth Tokens), user and app config information, and much more.

BlackBerry UEM

BlackBerry UEM is the server component that brings everything together. It merges the best-in-class BYOD functionality of BlackBerry Dynamics with the best-in-class EMM (including MDM) solution. Administrators use UEM to manage users, groups, policies, apps, app configurations, and more.

The BlackBerry NOC enables secure communication between your BD Runtime app and the BlackBerry Proxy. The NOC also verifies the validity of user and access keys before data touches your enterprise, in addition to supporting the secure push infrastructure from server-side apps to BD Runtime apps.

UEM, Good Control (GC), and BlackBerry Proxy servers are included in the EMM solution. They provide various services to users, devices and apps.

For app developers, you get:

  • Security and compliance policies
  • Secure connectivity to enterprise services
  • App configuration
  • App policies
  • Secure storage on-device
  • Wipe and lock functionality
  • Secure inter-app communication
  • Application lifecycle management

BlackBerry Enterprise Mobility Server (BEMS)

The BlackBerry Dynamics platform offers enterprise mBaaS (Mobile Backend as a Service) capabilities. Many of these mBaaS services are implemented in the BlackBerry Enterprise Mobility Server (BEMS). BEMS provides programmatic connectivity through standardized APIs to enterprise systems including Microsoft SharePoint, Microsoft Lync, Microsoft Exchange, Cisco Jabber, Active Directory and more. BEMS provides APIs to invoke services such as push notifications, directory lookups, key value store, document access, IM, and presence. Developers can add these services to apps without having extensive knowledge of how to configure or connect to specific back-end systems of records.

These high quality enterprise back-end services are leveraged by BlackBerry Work, BlackBerry Connect, and other BlackBerry Secured apps. ISV and custom BlackBerry Secured apps can also make use of these services.

The BlackBerry Dynamics Platform provides a range of SDKs and plug-ins, allowing developers to work in familiar environments to build native, hybrid, and web apps. Once apps are built, developers can assume the role of an IT admin to quickly validate the management and distribution of their apps through the BlackBerry Dynamics Platform.

The BlackBerry Dynamics SDK is available natively to all major platforms and development technologies including iOS and Android.

In addition, BlackBerry supports cross-platform development frameworks via dedicated BlackBerry Dynamics SDKs for Cordova, HTML5 web apps, and Xamarin.

Security Services

Security Services allow you to address security concerns about making sensitive company information available on mobile devices. You can ensure that the content that is stored on devices, exchanged with resources behind the corporate firewall, or shared between BlackBerry-secured apps is always encrypted. Since the platform uses government-grade device-independent crypto libraries, content is always encrypted. The BlackBerry Dynamics SDK includes support for the following security services:

  • Identity & Authorization APIs
  • Secure Storage APIs
  • Secure Communications APIs
  • Secure Inter-App Data Exchange APIs

Mobile Services

Mobile Services allow you to create engaging apps that will improve user productivity. You can reduce development time by using existing services -- no more building everything from scratch! And because the BlackBerry Dynamics Platform is the foundation for all services, government-grade encryption ensures end-to-end security. The BlackBerry Dynamics SDK includes support for the following mobile services:

  • Presence Service
  • Send Email Service
  • Transfer Files Service
  • Push Service
  • Directory Lookup Service
  • Docs Service
  • Launch Service

Platform Services

Platform Services make it easy to integrate apps with enterprise infrastructure (e.g., Active Directory, SharePoint, Exchange, Office 365, Lync). Focus on creating innovative apps without worrying about programming for the back-end, server maintenance, or deploying complex infrastructure. Single sign-on, horizontal scaling, HA/DR, VPN-less access to the intranet -- simply building on the current version of the BlackBerry Dynamics Platform enables it all. The BlackBerry Dynamics SDK includes support for the following mobile services:

  • Identity & Access Management
  • Single Sign-on Authentication
  • Reliable App Deployment at Scale
  • Secure Access to Corporate Data
  • App-Level Controls for IT

Software requirements

See Requirements and support for platform-specific features in the BlackBerry Dynamics SDK Development Guide.

Download, install & configure the BlackBerry Dynamics SDK for iOS

You can integrate the BlackBerry Dynamics SDK using the dynamic framework or the static framework. It is a best practice to use the dynamics framework.

For complete instructions for integrating the static or dynamic framework, including how to prepare existing and new apps to use the frameworks, see the BlackBerry Dynamic SDK Development Guide.

Software requirements

See Requirements and support for platform-specific features in the BlackBerry Dynamics SDK Development Guide.

Download, install & configure the BlackBerry Dynamics SDK for Android

Use one of the following methods to integrate the BlackBerry Dynamics SDK. It is a best practice to integrate the SDK using Gradle.

1. In your project level Gradle file (build.gradle or settings.gradle depending on the version of Android Studio used to create the project), add the following rule to include the BlackBerry Maven repository:

allprojects {

repositories {

google()

jcenter()

maven {

url

"https://software.download.blackberry.com/repository/maven/"

}

}

}

2. In the app level module of your Gradle file (app/build.gradle), declare the following dependency on the BlackBerry Dynamics SDK:

# BlackBerry Dynamics SDKimplementation 'com.blackberry.blackberrydynamics:android_handheld_platform:10.0+implementation 'com.blackberry.blackberrydynamics:android_handheld_resources:10.0+'implementation 'com.blackberry.blackberrydynamics:android_handheld_backup_support:10.0+'# Optionalimplementation 'com.blackberry.blackberrydynamics:android_handheld_blackberry_protect_support:10.0+'

3. Sync the app to download all of the required dependencies.

Before you begin: Visit the Downloads page to download the BlackBerry Dynamics SDK package.

1. Open your Android home directory in a file manager application or change to the directory in a terminal window.

2. From the sdk/ directory, navigate to the extras/ sub-directory. If there isn’t a directory named blackberry/ at this location, create it using the file manager or by running the mkdir command.

3. Change to the blackberry/ sub-directory.

4. Copy the .zip file for the SDK to the blackberry/ directory and extract the files.

This creates a directory structure with a directory named sdk/ as its root.

5. Rename the new sdk/ directory to dynamics_sdk/ using the file manager or by running the mv or ren command.

Software requirements

See Requirements and support for platform-specific features in the BlackBerry Dynamics SDK Development Guide.

Install the BlackBerry Dynamics SDK for Cordova

1. Visit BlackBerry Developer Downloads to download the BlackBerry Dynamics SDK for Cordova.

2. Extract the BlackBerry Dynamics SDK for Cordova package to the desired project directory.

3. When you add the BlackBerry Dynamics Base plug-in to your project, the BlackBerry Dynamics SDK for iOS is automatically downloaded using CocoaPods. For additional information, see the BlackBerry Dynamics SDK Development Guide.

4. Install Xcode.

5. Install Node.js.

After the installation completes, the npm command is available in your terminal shell.

  • In the config.xml file, set the following to enable the enterprise discovery scheme that is required for key BlackBerry Dynamics features:

<preference name=“BBD_Enterprise_Discovery” value=“true” />

  • To enable enterprise simulation mode, in the config.xml file, set the following:

<preference name=“GDEnterpriseSimulationMode” value=“true” />

Software requirements

See Requirements and support for platform-specific features in the BlackBerry Dynamics SDK Development Guide.

Install the BlackBerry Dynamics SDK for Cordova

1. Visit BlackBerry Developer Downloads to download the BlackBerry Dynamics SDK for Cordova.

2. Extract the BlackBerry Dynamics SDK for Cordova package to the desired project directory.

3. Install the Android SDK.

4. Integrate the BlackBerry Dynamics SDK for Android. You can use the Base plug-in to download the BlackBerry Dynamics SDK for Android using Gradle. For additional information, see the BlackBerry Dynamics SDK Development Guide.

5. Install the Android SDK/ADT bundle.

6. Install Node.js.

After the installation completes, the npm command is available in your terminal shell.

  • Follow the steps on the Develop tab to install the BlackBerry Dynamics SDK Cordova plug-ins.
  • To enable enterprise simulation mode, in the config.xml file, set the following:

<preference name=“GDEnterpriseSimulationMode” value=“true” />

Develop a BlackBerry Secured App for iOS using Apache Cordova

We’ll be using the standard Cordova CLI to execute all commands.

1. Open your favorite Terminal program.

2. Create a new Cordova project.

$ cordova create HelloBBD com.company.appname

3. Change to the project folder.

$ cd HelloBBD

4. Add platforms.

$ cordova platform add ios

5. Add BlackBerry Dynamics plug-ins. At a minimum, you must add the base plug-in if you want to secure your application with BlackBerry Dynamics.

$ cordova plugin add <path-to-bbd-cordova-plugins>/cordova-plugin-bbd-all

6. Optionally, install the ios-deploy package if you want to install iOS apps from the Cordova command-line.

$ sudo npm install –g ios-deploy

  • If your macOS is v10.11 or greater, you will likely need to run the following command instead (refer to the ios-deploy GitHub repo for more detailed usage instructions: https://github.com/phonegap/ios-deploy:

$ sudo npm install –g ios-deploy --unsafe-perm=true

7. Build the application in Terminal (or Xcode).

$ cordova build ios

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

We’ll be using the standard Cordova CLI to execute all commands.

1. Open your favorite Terminal program.

2. Change to your existing projects folder.

$ cd <MyApp>

3. Add BlackBerry Dynamics plug-ins. At a minimum, you must add the base plug-in if you want to secure your application with BlackBerry Dynamics.

$ cordova plugin add <path-to-bbd-cordova-plugins>/cordova-plugin-bbd-all

4. Build the application.

$ cordova build ios

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

Develop a BlackBerry Secured App for Android using Apache Cordova

We’ll be using the standard Cordova CLI to execute all commands.

1. Open your favorite Terminal program.

2. Create a new Cordova project.

$ cordova create HelloBBD com.company.appName

3. Change to the project folder.

$ cd HelloBBD

4. Add platforms.

$ cordova platform add android

5. Add the BlackBerry Dynamics plugins. At a minimum, you must add the base plugin if you want to secure your application with BlackBerry Dynamics.

$ cordova plugin add <path-to-bbd-cordova-plugins>/cordova-plugin-bbd-all

6. Build the project.

$ cordova build

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

We’ll be using the standard Cordova CLI to execute all commands.

1. Open your favorite Terminal program.

2. Change to your existing projects folder.

$ cd <MyApp>

3. Add BlackBerry Dynamics plugins. At a minimum, you must add the base plugin if you want to secure your application with BlackBerry Dynamics.

$ cordova plugin add <path-to-bbd-cordova-plugins>/cordova-plugin-bbd-all

4. Build the project.

$ cordova build

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

 

Develop a BlackBerry Secured App for Android

It is recommended that you build your app after each section in this process. This will allow you to confirm each step and will make debugging problems easier.

The BlackBerry Dynamics SDK contains a skeleton template project that you can use to create a new Android app. Create a copy of the Skeleton directory that you will use for your app. The Skeleton project is located in a sub-directory of your Android home directory with the following path: sdk/extras/blackberry/dynamics_sdk/sdk/samples/Skeleton/

By default, the Android home directory is located here:

  • Windows: C:\Users\[username]\AppData\Local\ Android
  • Mac: /Users/[username]/Library/Android/sdk

Open the copy that you just created in Android Studio (File > Open).

The settings.json file is located within the assets folder of your project. It is used by the BlackBerry Dynamics (BD) Runtime to read configuration information about your app, such as the GD library mode, GD entitlement app ID and BD app version. Open the settings.json file and update the GDLibraryMode, GDApplicationID and GDApplicationVersion using the guidelines below:

GDLibraryMode: Can be set to either GDEnterpriseSimulation or GDEnterprise.

  • Use GDEnterpriseSimulation if you do not have a BlackBerry UEM Server, Good Control server, or a Good Control Cloud account and you are using an Android emulator.
  • Use GDEnterprise to test with a BlackBerry UEM Server, Good Control server, or Good Control Cloud for production deployments.

A connection to the BlackBerry Dynamics Network Operation Center (NOC) is required for both options.

GDApplicationID: A unique identifier for your app in reverse domain name notation. The value should be the same across all platforms (i.e. Android, iOS, etc.). BlackBerry recommends using the same value for the GDApplicationID and app package name, though they are not related. Capital letters and spaces are not permitted in the GDApplicationID. This value should match the app entitlement’s BlackBerry Dynamics app ID in UEM management console or the app entitlement’s GD Entitlement ID in the standalone Good Control management console.

GDApplicationVersion: This is a compatibility version for your BD enabled app. It is not related to the native app version and you do not need to update it when the native app version changes. You only need to update this value when compatibility for the BlackBerry Dynamics integration changes, for example, when you add or remove BlackBerry Dynamics services in your app.

Sample settings.json that uses Simulation Mode:

{
    "GDLibraryMode": "GDEnterpriseSimulation",
    "GDApplicationID": "com.example.applicationname",
    "GDApplicationVersion": "1.0.0.0"
}

Sample settings.json that uses Enterprise Mode:

{
    "GDLibraryMode": "GDEnterprise",
    "GDApplicationID": "com.example.applicationname",
    "GDApplicationVersion": "1.0.0.0"
}

It is best practice to add the GDapplicationVersion to the AndroidManifest.xml file as well as to the settings.json. file. Add it in the application item, in a meta-data tag with attributes as shown:

<application android:icon="@drawable/ic_launcher" android:label="@string/app_name" > <meta-data android:name="GDApplicationVersion" android:value ="1.0.0.0" />

 

The Skeleton project is called Skeleton. Skeleton is also used in the package and class names. It is recommended that you modify these names to something appropriate for your app. To modify, from the Project tab of Android Studio, right-click on the object to rename and choose Refactor > Rename.

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

It is recommended that you build your app after each section in this process. This will allow you to confirm each step and will make debugging problems easier.

The settings.json file is created within your project. It is used by the BlackBerry Dynamics (BD) Runtime to read configuration information about your app, such as the GD library mode, GD entitlement app ID and BD app version.

  1. If you already have an assets folder in your project, skip to step #5. If not, proceed to step 2.
  2. In Android Studio, right-click the top-level Application package and New > Folder > Assets Folder. This opens a dialog that provides a confirmation for where to create a source root for assets.
  3. Leave the default options selected and click Finish.
  4. Expand the package in which you just created the folder. The assets folder should appear under the package.
  5. Right-click the assets folder and click New > File.
  6. Enter settings.json as the file name and click OK.
  7. Use one of the following examples to build your own settings.json file. Modify the examples to include your own GDApplicationID and GDApplicationVersion.

GDLibraryMode: Can be set to either GDEnterpriseSimulation or GDEnterprise. Use GDEnterpriseSimulation if you do not have a BlackBerry UEM Server, Good Control server, or a Good Control Cloud account and are using an Android emulator. Use GDEnterprise to test with a BlackBerry UEM Server, Good Control server or Good Control Cloud for production deployments. A connection to the BlackBerry Dynamics Network Operation Center (NOC) is required for both options.

GDApplicationID: A unique identifier for your app in reverse domain name notation. The value should be the same across all platforms (i.e. Android, iOS, etc.). BlackBerry recommends using the same value for the GDApplicationID and app package name, though they are not related. Capital letters and spaces are not permitted in the GDApplicationID. This value should match the app entitlement’s BlackBerry Dynamics app ID in UEM management console or the app entitlement’s GD Entitlement ID in the standalone Good Control management console.

GDApplicationVersion: This is a compatibility version for your BD enabled app. It is not related to the native app version and you do not need to update it when the native app version changes. You only need to update this value when compatibility for the BlackBerry Dynamics integration changes, for example, when you add or remove BlackBerry Dynamics services in your app.

Sample settings.json that uses Simulation Mode:

{
    "GDLibraryMode": "GDEnterpriseSimulation",
    "GDApplicationID": "com.example.applicationname",
    "GDApplicationVersion": "1.0.0.0"
}

Sample settings.json that uses Enterprise Mode:

{
    "GDLibraryMode": "GDEnterprise",
    "GDApplicationID": "com.example.applicationname",
    "GDApplicationVersion": "1.0.0.0"
}

Start by linking the BD Runtime into the app. The BD Runtime will be added as a module. This requires change in several parts of the project.

  1. BlackBerry Dynamics does not support right-to-left (RTL) layouts. This may require a change to your manifest file.  Open AndroidManifest.xml in Android Studio and ensure  supportsRtl is set to false as shown below.

    android:supportsRtl="false"

  2. If your application supports Android back-up, add the following line within the application tag of your AndroidManifest.xml.  We recommend adding this line under the “allowBackup” parameter, which is set to true if your application supports back up.

    android:fullBackupContent="@xml/gd_backup_scheme"

 

  1. Open the build.gradle for your project.
  2. Within allprojects, locate the repositories section.
  3. Add reference to the BD SDK AAR file as shown below.

    def localProperties = new File(rootDir, "local.properties")
    Properties properties = new Properties()
    localProperties.withInputStream { instr ->
        properties.load(instr)
    }
    def sdkDir = properties.getProperty('sdk.dir')
    maven { url sdkDir+'/extras/blackberry/dynamics_sdk/m2repository' }

    The allprojects section should now look similar to the code below. Note that this sample assumes the BD SDK was installed to the default location. If you installed to a different location you will need to update the path in the url.

    allprojects {
        repositories {
            google()
            jcenter()

            def localProperties = new File(rootDir, "local.properties")
            Properties properties = new Properties()
            localProperties.withInputStream { instr ->
                properties.load(instr)
            }
            def sdkDir = properties.getProperty('sdk.dir')
            maven { url sdkDir+'/extras/blackberry/dynamics_sdk/m2repository' }
        }
    }

  1. Open the build.grade file for module app.
  2. Add the following lines within the dependencies of your app:

    implementation 'com.blackberry.blackberrydynamics:android_handheld_platform:+'
    implementation 'com.blackberry.blackberrydynamics:android_handheld_backup_support:+'

    Note: Depending on your application’s needs, you may need to add further dependencies here.  For example, if your application supports wearables, you will need to specify the appropriate BlackBerry Dynamics dependencies.  For a full list of refer to the BlackBerry Dynamics Development Guide.


  3. Press “Sync Now”, shown in the upper right of Android Studio.

The BD Runtime is now linked to the handheld app and you are ready to start making code changes to your app to integrate with the BD Runtime.

Establishing a connection to the BlackBerry Dynamics (BD) platform requires authorization of the end user and the app. Either of the following method calls can be used to initiate both authorizations:

  • Call authorize, which is direct initiation.
  • Call activityInit, which is indirect initiation.

An app can use only direct or indirect authorization initiation, not both. Both mechanisms each require different implementations in the app code. The mechanisms also place different restrictions on classes in the app user interface.

Authorization generally includes establishing a data connection to the UEM or BD proxy infrastructure and to the enterprise that provisioned the end user. In addition, authorization will also include any necessary registration of the device, at the BlackBerry Dynamics Network Operation Center (infrastructure activation), and at the enterprise (enterprise activation).

Authorization may include user interaction. All user interaction that is part of authorization takes place in a user interface that is part of the BD Runtime library, not part of the app.

The authorization API is state-based and asynchronous. The initiation method generally returns immediately. Success or failure of authorization is then notified to the app code later, as a transition of the authorization state. The app should generally wait to be notified of transition to the authorized state before attempting to utilize any other BlackBerry Dynamics APIs.

The following snippet shows indirect initiation of BlackBerry Dynamics authorization processing, and implicit setting of the authorization state transition observer:

public class MyActivity extends Activity implements GDStateListener {

public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    GDAndroid.getInstance().activityInit(this);
    // rest of Activity initialization ...
    }

    //GDStateListener method implementations         
    public void onAuthorized()     {
        //Fictional example method calls below.
        startSecureDBAccess();
        startAppComms();
    }
    // Additional GDStateListener methods…
}

  
    class MainActivity : AppCompatActivity(), GDStateListener {

    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        GDAndroid.getInstance().activityInit(this)
        // rest of Activity initialization ...
    }

  

  
    //GDStateListener method implementations
    override fun onAuthorized() {
        //Fictional example method calls below.
        startSecureDBAccess()
        startAppComms()
    }

The MyActivity instance is implicitly its own authorization state transition observer. This is implemented by the declaration that the MyActivity class extends the GDStateListener interface.

Connection to the GD platform is initiated by calling activityInit in the onCreate method. This code would also be present in all the other activity classes in the app.

The principal processing of the activity, represented by the startSecureDBAccess and startAppComms calls, only proceeds when authorization processing is complete. This is implemented by placing the calls in the onAuthorized callback.

The following snippet shows direct initiation of BlackBerry Dynamics authorization processing:

public class LaunchActivity extends Activity {
    private boolean _authorizeCalled = false;
    // Override annotation should go here
    public void onResume() {
        super.onResume();
        if (!_authorizeCalled) {
            GDAndroid.getInstance.authorize( MyGDAppEventListener. sharedInstance());_authorizeCalled = true;
        }
        // Rest of activity initialization here, no use of BlackBerry Dynamics APIs.
    }
    // rest of class code here.
}

  
    class LaunchActivity : Activity() {
        private var _authorizeCalled = false
        // Override annotation should go here
        override fun onResume() {
            super.onResume()
            if (!_authorizeCalled) {
                GDAndroid.getInstance.authorize(MyGDAppEventListener.sharedInstance())
                _authorizeCalled = true
            }
            // Rest of activity initialization here, no use of BlackBerry Dynamics APIs.
        }
        // rest of class code here.
    }

The private variable _authorizeCalled is used to ensure that authorize() is called only once.

The singleton MyGDAppEventListener object is set as the GD event handler.

The event handler would receive all GDAppEvent objects dispatched from the BD Runtime, which would include an event with type GDAppEventAuthorized when the end user is first authorized. After receiving that event, the app could make full use of all BlackBerry Dynamics APIs.

You can now deploy and test your app, and can explore development with additional BlackBerry Dynamics APIs. Advance to the next steps to continue.

Develop a BlackBerry Secured App for iOS

After installing the BlackBerry Dynamics SDK for iOS, use the BlackBerry Dynamics sample apps from GitHub to create a new app. Go to the BlackBerry Dynamics SDK GitHub and download either of the following:

Perform the following steps:

  1.  Set up the BlackBerry Dynamics environment.
  2.  Clone the repository to your computer.
  3.  Run pod install to create the project workspace.
  4.  Launch Xcode and open the project.
  5.  Edit the Bundle ID to your own.
  6.  Edit the URL identifier and URL Schemes in the info.plist.
  7.  Edit the GD Application ID to your own in the info.plist.
    Note:  The general form is com.yourcompany.application_name (lower case only, no spaces, and must not begin with com.good). The same id can be used for multiple apps on different platforms, such as iOS and Android, so it is a best practice to avoid platform specific information (example: com.yourcompany.good_application_for_ios).
  8. Build, deploy, and run on the app on a testing device.

Note: Bitcode is disabled for the project.

For more information, see the BlackBerry Dynamics SDK development guide.

To run and test your BlackBerry Dynamics app, you will need to set up a BlackBerry UEM or Good Control server. Alternatively, if you don’t have a UEM environment set up, Enterprise Simulation Mode can be used to test your app.

In Enterprise Simulation Mode, there is no user authentication at the enterprise level, so there will be no communication through the enterprise firewall. If your app requires a connection behind the firewall, using Enterprise Simulation Mode is not recommended. You will need to set up UEM or Good Control to test the app on a device.

Important: Enterprise Simulation Mode is not intended for a production environment.

To enable Enterprise Simulation Mode for your BlackBerry Dynamics app, add the following to the Info.plist file:

Key: GDLibraryMode
Type: String (default)
Value: GDEnterpriseSimulation

You are now ready to build and run your app on the iOS Simulator.

When your app is running for the first time on the iOS Simulator, you are prompted to activate the app. In Enterprise Simulation Mode, you can enter any email address and any 15-character access key to complete the activation process. After the app is activated, you’ll be prompted to create a password.

The Password Requirements link at the bottom of the screen provides guidance on the required password complexity. Password complexity is controlled via policies managed by your IT admin through the UEM or Good Control management console.

If you already have an existing iOS app, you can configure the app to integrate with the BlackBerry Dynamics SDK.

1. Open the Xcode project for the app.

2. On the Build Phases tab, in the Link Binary With Libraries section, add the frameworks and libraries from the BlackBerry Dynamics SDK for iOS software requirements table.

3.  In the Frameworks, Libraries and Embedded Content list of the project target, add references depending on whether you downloaded the static or the dynamic SDK package. These frameworks are available in /System/Library/Frameworks if using the Dynamics install script, or they are available in the BlackBerry Dynamics SDK package in Good.platform/iOS/Frameworks. See the following table to determine which references you should add to your application:

Framework

References

BlackBerry Dynamics SDK for iOS dynamic framework
  • BlackBerryDynamics.xcframework
  • BlackBerryCerticom.xcframework
  • BlackBerryCerticomSBGSE.xcframework

BlackBerry Dynamics SDK for iOS static framework using the new Xcode build system
  • GD.framework
  • BlackBerryCerticom.xcframework
  • BlackBerryCerticomSBGSE.xcframework

BlackBerry Dynamics SDK for iOS static framework using the Legacy Xcode build system
  • GD.framework
  • BlackBerryCerticom.framework
  • BlackBerryCerticomSBGSE.framework

 

Set BlackBerry Certicom frameworks to Embed and Sign so that Xcode will change the project file by adding the frameworks to the Embed Frameworks step in the Build Phases and will configure the Runpath Search Paths accordingly.

4. If you are using the dynamic framework, update the project’s import paths to reference BlackBerryDynamics instead of GD

If you are using the static framework, do the following:

  1.  Configure the BlackBerry Dynamics SDK loader:
    • Create a new file names default.xcconfig in the project directory and enter the following settings in the file:

      FIPS_PACKAGE=$(CURRENT_ARCH).sdk
      LDPLUSPLUS=$(HOME)/Library/Application
      Support/BlackBerry/Good.platform/iOS/FIPS_module/$FIPS_PACKAGE/bin/GD_fipsld
      LD=$(HOME)/Library/Application Support/BlackBerry/Good.platform/iOS/FIPS_module/$FIPS_PACKAGE/bin/GD_fipsld
      ENABLE_BITCODE=NO
    • If you installed the BlackBerry Dynamics SDK for iOS in a location other than the default, change the initial part of the LDPLUSPLUS and LD settings in the file to your install path.
    • In your project build settings Configurations, make sure the Debug or other build configs point to the default.xcconfig file
    • Ensure that the target is set to iOS 13 or later.
    • Under Build Settings verify that you have -lz in the Other Linker Flags field for the target.
  2.  Add GDAssets.bundle to the project:
    • Right-click on GD.framework and select GD.framework > Resources > Show in Finder.
    • Drag and drop GDAssets.bundle to the project.
    • Choose Create folder references when prompted for options for adding the files.

5. Set the BlackBerry Dynamics Application ID and Version in the app's Info.plist.

GDApplicationID

  • The general form is com.yourcompany.application_name (lower case only, no spaces, and must not begin with com.good).
  • The same id can be used for multiple apps on different platforms. It is a best practice to avoid platform specific information (example: com.yourcompany.good_application_for_ios).

GDApplicationVersion

  • A version number is four parts. Use 1.0.0.0 for the first BlackBerry Dynamics-enabled app.
  • It is not recommended to change the version often unless required to provide different access to specific users or to differentiate a new app from existing versions due to newly added services.

6. Add a variable reference in the URL scheme and URL identifier specifiers.  Add the following code into Info.plist:

<key>CFBundleURLTypes</key>
    <array>
        <dict>
            <key>CFBundleURLName</key>
            <string>Bundle_Identifier_of_your_app</string>
            <key>CFBundleURLSchemes</key>
            <array>
                <string>Bundle_Identifier_of_your_app.sc2</string>
                <string>Bundle_Identifier_of_your_app.sc2.1.0.0.0</string>
                <string>Bundle_Identifier_of_your_app.sc3</string>
            </array>
        </dict>
    </array>

Note: If you are building an application which will be distributed in house with enterprise signing please include this URL Scheme too. - com.good.gd.discovery.good.enterpise

7. Set the description for the NSFaceIDUsageDescription key in Info.plist so FaceID can be used to authenticate users without using a password.

8. Save the project.

For more information, see the BlackBerry Dynamics SDK development guide

To work as a BlackBerry Dynamics app, the app must use GDiOSDelegate, and the launch code execution must be delayed until the end user has been authorized with following the process:

  1. Import GDiOS.h and implement a GDiOSDelegate protocol. Then set the app’s window to be a GD window.
  2. Use GDAppEvent to process authorization events.
  3. Switch off automatic loading of the main storyboard. Instead, load the main storyboard programmatically when the end user has been authorized.
  4. Move the app launch code from the didFinishLaunchingWithOptions to GDAppEvent handler method and call the new function when the main storyboard has finished loading.

Follow the steps below to integrate your existing iOS app with the BlackBerry Dynamics platform:

1. Start Xcode.

2. Open the Xcode project for the app.

3. Create new GDiOSDelegate class files. The GDiOSDelegate class name used in this process will be GDAppGDiOSDelegate.h and AppGDiOSDelegate.m

  • Go to New > File > iOS > Cocoa Touch Class and add AppGDiOSDelegate. Put the subclass as NSObject.

4. Open AppGDiOSDelegate.h and do the following:

  • Add #import <GD/GDiOS.h>
  • Add the GDiOSDelegate protocol.
  • Declare the GDiOSDelegate class as having a static function sharedInstance that returns an instance of itself.
  • Add the property BOOL hasAuthorized as a flag to keep the status of the BlackBerry Dynamics authorization.
  • Add the property AppDelegate *appDelegate for a reference to an instance of the app delegate.
  • Add the property RootViewController *rootViewController to get a reference to the app’s main interface. 

After these changes, the AppGDiOSDelegate.h file should look like this:

#import <Foundation/Foundation.h>
#import <GD/GDiOS.h>
#import "RootViewController.h"
#import "AppDelegate.h"

@interface AppGDiOSDelegate : NSObject <GDiOSDelegate>

@property (weak, nonatomic) RootViewController *rootViewController;

@property (weak, nonatomic) AppDelegate *appDelegate;

@property (assign, nonatomic, readonly) BOOL hasAuthorized;

+(AppGDiOSDelegate *)sharedInstance;

@end

5. Open AppGDiOSDelegate.m and do the following:

  • Add import statements for Foundation.h, GDiOS.h, AppGDiOSDelegate.h,  and RootViewController.h.
  • Override the read-only property hasAuthorized to be writeable internally.
  • Add static initializer code, including an init function that is declared as private and a sharedInstance implementation that guarantees that only one instance is ever created.
  • Add custom setters for the view controller and app delegate properties that call the new function, as well as setting the property values.
  • Add a new private method didAuthorize that checks whether the end user has been authorized, checks that properties for the view controller and app delegate have been set, and then calls the app delegate didAuthorize function if all those conditions are met.
  • Add a dummy for the required GDiOSDelegate functions

After these changes, the AppGDiOSDelegate.m file should look like this:

#import <Foundation/Foundation.h>
#import <GD/GDiOS.h>
#import "AppGDiOSDelegate.h"
#import "RootViewController.h"
#import "AppDelegate.h"

@interface AppGDiOSDelegate()

@property(assign, nonatomic) BOOL hasAuthorized;

-(instancetype)init;
-(void)didAuthorize;

@end

@implementation AppGDiOSDelegate

+(instancetype)sharedInstance
{
static AppGDiOSDelegate *appGDiOSDelegate = nil;
static dispatch_once_t onceToken = 0;
dispatch_once(&onceToken, ^{
                appGDiOSDelegate = [[AppGDiOSDelegate alloc] init]; });
return appGDiOSDelegate;
}

-(instancetype)init
{
self = [super init];
return self;
}

-(void)setRootViewController:(RootViewController *)rootViewController
{
        _rootViewController = rootViewController;
        [self didAuthorize];
}

-(void)setAppDelegate:(AppDelegate *)appDelegate
{
        _appDelegate = appDelegate;
        [self didAuthorize];
}

-(void)didAuthorize
{
    if (self.hasAuthorized && self.rootViewController && self.appDelegate) {
        [self.appDelegate didAuthorize];
    }
}

-(void)handleEvent:(GDAppEvent *)anEvent { }

@end

Follow the steps below to integrate your existing Swift app with the BlackBerry Dynamics SDK:

1. Start Xcode.

2. Open the Xcode project for your app.

3. In AppDelegate.swift, import the GD library.

import GD.Runtime

4. Copy the variables below and add them to your App Delegate class in AppDelegate.swift.

class AppDelegate : UIResponder , UIApplicationDelegate,  GDiOSDelegate {
    var window: UIWindow?
    var good: GDiOS?
    var started: Bool = false

5. Modify the didFinishLaunchingWithOptions method to implement GDiOSDelegate.

func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool 
{
  // Call BlackBerry Dynamics to authorise the app
   self.good = GDiOS.sharedInstance()
         
   self.good!.delegate = self
   self.started = false
       
  // Show the Good Authentication UI.
   self.good!.authorize()
         
  return true
}

1. Open the app’s info.plist file. 

Note the UIMainStoryboardFile key value, then delete the key. This value will be programmatically added after a successful BlackBerry Dynamics authorization. 

2. Open AppGDiOSDelegate.m. To handle the BlackBerry Dynamics authorization events, add the following functions:

  • handleEvent
  • onNotAuthorized
  • onAuthorized

In the onAuthorized function, note the code under the case GDErrorNone: . When there is no error during the authorization process, you will need to add the code to load the main storyboard, which you deleted from the property file. Add code to instantiate and launch the initial view controller. Add a call to the new didAuthorize function that was just added. See the following code:

-(void)handleEvent:(GDAppEvent *)anEvent {

    /* Called from _good when events occur, such as system startup. */
    switch (anEvent.type)
    {
        case GDAppEventAuthorized:
        {
            [self onAuthorized:anEvent];
            break;
        }
        case GDAppEventNotAuthorized:
        {
            [self onNotAuthorized:anEvent];
            break;
        }
        case GDAppEventRemoteSettingsUpdate:
        {
            //A change to application-related configuration or policy settings.
            break;
        }
        case GDAppEventServicesUpdate:
        {
            //A change to services-related configuration.
            break;
        }
        case GDAppEventPolicyUpdate:
        {
            //A change to one or more application-specific policy settings has been received.
            break;
        }
        case GDAppEventEntitlementsUpdate:
        {
            //A change to the entitlements data has been received.
            break;
        }

    }
}

- (void)onNotAuthorized:(GDAppEvent *)anEvent {

    /* Handle the Good Libraries not authorized event. */
    switch (anEvent.code)
    {
        case GDErrorActivationFailed:
        case GDErrorProvisioningFailed:
        case GDErrorPushConnectionTimeout:
        case GDErrorSecurityError:
        case GDErrorAppDenied:
        case GDErrorAppVersionNotEntitled:
        case GDErrorBlocked:
        case GDErrorWiped:
        case GDErrorRemoteLockout:
        case GDErrorPasswordChangeRequired:
        {
            // an condition has occured denying authorization, an application
                        // may wish to log these events
            NSLog(@"onNotAuthorized %@", anEvent.message);
            break;
        }
        case GDErrorIdleLockout:
        {
            // idle lockout is benign & informational
            break;
        }
        default:
            NSAssert(false, @"Unhandled not authorized event");
            break;
    }

}
- (void)onAuthorized:(GDAppEvent *)anEvent {
    /* Handle the Good Libraries authorized event. */
    switch (anEvent.code)
    {
        case GDErrorNone:
        {
            if (!self.hasAuthorized)
            {
                // launch application UI here
                self.hasAuthorized = YES;

                UIStoryboard *uiStoryboard =
                [UIStoryboard storyboardWithName:@"Main" bundle:nil];
                                UIViewController *uiViewController =
                [uiStoryboard instantiateInitialViewController];

                self.appDelegate.window.rootViewController = uiViewController;

                [self didAuthorize];

            }
            break;
        }
        default:
            NSAssert(false, @"authorized startup with an error");
            break;
    }
}

3. Open AppDelegate.m, the original app delegate class. Add:

#import "AppGDiOSDelegate.h"
#import "RootViewController.h".

4. In didFinishLaunchingWithOptions, add the following calls:

[AppGDiOSDelegate sharedInstance].appDelegate = self;

[[GDiOS sharedInstance] authorize:[AppGDiOSDelegate sharedInstance]];

5. Save the app.

1. Open the app’s info.plist file. 

Note the UIMainStoryboardFile key value and delete the key. You can also do this on the General tab. This value will be programmatically added after a successful BlackBerry Dynamics authorization. 

2. Open AppDelegate.swift. Add the following functions to handle authorization events:

func handle(_ anEvent: GDAppEvent) 
{     
    switch anEvent.type 
    {
            case .authorized:
                onAuthorized(anEvent: anEvent)
                break  
            case .notAuthorized:
                self.onNotAuthorized(anEvent: anEvent)
                break
            case .remoteSettingsUpdate:
               //A change to application-related configuration or policy settings.
                break
                
            case .servicesUpdate:
                //A change to services-related configuration.
                break
             case .policyUpdate:
                if started {
                    NotificationCenter.default.post(name: NSNotification.Name(rawValue: "AppPolicyUpdated"), object: nil)
                }
                break
            default:
                print("handleEvent \(anEvent.message)")
     }
}
    
func onNotAuthorized(anEvent:GDAppEvent ) 
{
    /* Handle the Good Libraries not authorized event. */
    switch anEvent.code 
    {
        case .errorActivationFailed: break
        case .errorProvisioningFailed: break
        case .errorPushConnectionTimeout: break
        case .errorSecurityError: break
        case .errorAppDenied: break
        case .errorAppVersionNotEntitled: break
        case .errorBlocked: break
        case .errorWiped: break
        case .errorRemoteLockout: break
        case .errorPasswordChangeRequired:
        // an condition has occured denying authorization, an application may wish to log these events
            print("onNotAuthorized \(anEvent.message)")
        case .errorIdleLockout:
            // idle lockout is benign & informational
            break        default: assert(false, "Unhandled not authorized event");
     }
}
    
func onAuthorized(anEvent:GDAppEvent ) 
{
    /* Handle the Good Libraries authorized event. */
    switch anEvent.code 
    {
        case .errorNone:
            if !self.started 
     {
                //Show the User UI
                self.started = true
            }
        default:
            assert(false, "Authorized startup with an error")
            break
    }
}

 

1. Change the app user interface to be monitored and secured by the BlackBerry Dynamics Runtime. Open RootViewController.m and add the following import statement:

#import "AppGDiOSDelegate.h".

2. In the viewDidLoad function, add an assignment of the new property in the static class to a reference of this instance of the view controller. In this example, it’s rootViewController.

[AppGDiOSDelegate sharedInstance].rootViewController = self;

3. Search the rootViewController assignment and replace with sharedInstance.

4. In AppDelegate.h, add didAuthorize to the interface of AppDelegate:

-(void)didAuthorize;

5. In AppDelegate.m, add didAuthorize to the implementation of AppDelegate.m and move any original app launch code to the new function:

-(void)didAuthorize
{
//move your launch code to here...
    RootViewController *rootViewController = [AppGDiOSDelegate sharedInstance].rootViewController;
}

5. Save and compile the app.

1. Move the original launch code to the new onAuthorized:

func onAuthorized(anEvent:GDAppEvent ) 
{
    /* Handle the Good Libraries authorized event. */
    switch anEvent.code 
    {
        case .errorNone:
            if !self.started 
            {
                //Show the User UI
                self.started = true
               self.window?.rootViewController = UIStoryboard(name: "Main", bundle: nil).instantiateInitialViewController()
            }
        default:
            assert(false, "Authorized startup with an error")
            break
    }
}

2. Save and compile the app.

To run and test your BlackBerry Dynamics app, you will need to set up a BlackBerry UEM or Good Control server. If you don’t have a BlackBerry Dynamics environment set up, Enterprise Simulation Mode can be used to test your app without a connection to UEM or Good Control.

In Enterprise Simulation Mode, there is no user authentication at the enterprise level, so there will be no communication through the enterprise firewall. If your app requires a connection behind the firewall, using the Enterprise Simulation Mode to test your app is not recommended. You will need to set up UEM or Good Control to test the app on a device.

Important: Enterprise Simulation Mode is not intended for a production environment.

To enable Enterprise Simulation Mode for your BlackBerry Dynamics app, add the following to the app's Info.plist file:

Key: GDLibraryMode
Type: String (default)
Value: GDEnterpriseSimulation

You are now ready to build and run your BlackBerry Dynamics app on the iOS Simulator.

When your app is running for the first time on the iOS simulator, you’ll be prompted to activate the app. In Enterprise Simulation Mode, you can enter any email address and any 15-character access key to complete the activation process. After the app is activated, you’ll be prompted to create a password to access the app.

The “Password Requirements” link at the bottom of the screen provides guidance on the required password complexity. Password complexity is controlled via policies managed by the IT admin through the UEM or Good Control management console.

Deploy and Test Your BlackBerry Secured App

Deploy your BlackBerry Dynamics app to a smartphone, tablet, or emulator for testing purposes.

You require:

  • An Internet connection
  • A smartphone, tablet, or emulator supported by BlackBerry Dynamics
  • A BlackBerry UEM server or Good Control and Good Proxy server (option 2 below)

Although Enterprise Simulation Mode is not suitable for production deployment of your app, it is useful during development, and for verifying proper execution and behavior when migrating existing apps to BlackBerry Dynamics.

In simulation mode, a valid activation key is not required to open the app because there is no direct communication with BlackBerry Dynamics servers. Communication with the BlackBerry Dynamics NOC, however, continues to take place. In Enterprise Simulation Mode your BlackBerry Dynamics apps are run on a device emulator.

To enable Enterprise Simulation Mode, whether you use an IDE or an outside text editor, you must change the following line in your app’s settings.json (Android) or info.plist (iOS) file from:

"GDLibraryMode":"GDEnterprise"

to:

"GDLibraryMode":"GDEnterpriseSimulation"

Be sure to change it back when you are ready test the app with your UEM or Good Control server or deploy it on a real device. When GDLibraryMode is set to GDEnterprise, default enterprise authentication is invoked to open the app.

On Android, the settings.json file is located in the ../assets/ folder of the app and must remain there. Communication with the BlackBerry Dynamics NOC still takes place during initial activation of the app, even in Enterprise Simulation mode. This means that the NOC must be accessible from the environment in which the app is running.

In Enterprise Simulation mode you will notice the following differences from standard enterprise execution:

  • [Simulated] will appear in the BlackBerry Dynamics Runtime user interface
  • Any email address and activation key (PIN) will be accepted for enterprise activation
  • No information is actually sent to enterprise servers, including the email address and activation key
  • The provisioning and policy setup flow is simulated in the UI
  • A hard-coded set of security and compliance policies are in effect; authentication is not delegated
  • When run on a real device, not an emulator, the app will be wiped
  • Attempts to change the mode from GDEnterprise to GDEnterpriseSimulation for an app that is already installed on a device will result in the app being wiped
  • No lost-password recovery is available
  • Inter-container Communication (ICC) cannot be used, which means that the BD Services API cannot be used

Otherwise, the secure storage, secure communication, and push channel APIs are all available in Enterprise Simulation Mode. The communication APIs will not be able to connect to any enterprise app servers through the UEM or Good Control proxy infrastructure, although direct connections to enterprise app servers can still be made, if, for example, the AVD is running on a machine that is on the enterprise LAN or VPN.

A BlackBerry UEM or BlackBerry UEM Cloud instance is required to perform testing on an actual smartphone or tablet.

Follow the required steps to configure a BlackBerry Secured app for testing in UEM. If you do not yet have a UEM instance in place, you can configure one with a free developer trial license.  Click here to generate a trail license and start configuring your server.

Once the servers are in place, continue with the following steps.

  1. Log in to the BlackBerry UEM management console. 
  2. Click Apps > New App > Internal BlackBerry Dynamics app entitlements > Next.
  3. Specify the BlackBerry Dynamics Entitlement ID and BlackBerry Dynamics Entitlement Version that was set in the app’s settings.json (Android) or info.plist (iOS) file. For example, com.blackberry. testApp and 1.0.0.0.  
  4. Click Add
    • Your application will be included in the list of available apps. If you need to provide additional configuration parameters for your app, such as whitelisting servers or configuring an app policy, select your app from the list and configure as necessary.

Recommendation: Add the Android Package ID and Apple Bundle ID to your app’s configuration. This allows the use of easy activation, which avoids the requirement of entering an access key when first starting the app. This is also required if your app uses any BlackBerry AppKinetics services. To add these values:

  1. Click the app.
  2. On the iOS, OS X, and Android tabs, enter the appropriate values.
  3. Click Save.

After an app is registered in UEM, you can entitle users to install and use the app. You can entitle individual users or user groups. For production deployment, it’s recommended to use user groups. When developing or testing, you may wish to entitle an app to just one or two users. 

  1. Log in to the UEM management console. 
  2. Search for and select a user account.
  3. In the Apps section in the user profile, click +.
  4. Search for and select your app. Click Next.
  5. Leave the Disposition as optional (installation will not be forced) and click Assign.
  6. Depending on your authentication delegate configuration, you may need to generate an Access Key that will be used when the app is run for the first time after installation. 

    To generate a new Access Key:
    • In the user's profile, under Activation details, click Set Activation Password
    • In the Activation option drop-down list, click BlackBerry Dynamics Access key generation.
    • Click Submit
    • The access key is emailed to the user. To view the access key, click on the key link above the Set activation password button. 
  7. Install the app from your IDE to your device using the standard method you use when testing an app. Then enter your email address and newly created access key when prompted after running your app for the first time.

BlackBerry UEM has the capability to prevent debug versions of BlackBerry Dynamics apps from being run.  To allow for your app development, ensure this is disabled in the Compliance profile assigned to the user you are testing with.

  1. Log in to the UEM management console.
  2. On the menu, click Policies and profiles > Compliance.
  3. Open the compliance profile assigned to your test user.
  4. On the iOS tab, if Jailbroken OS is checked, ensure that Enable anti-debugging for BlackBerry Dynamics apps is not selected.
  5. On the Android tab, if Rooted OS or failed attestation is checked, ensure that Enable anti-debugging for BlackBerry Dynamics apps is not selected.

The Enable anti-debugging for BlackBerry Dynamics apps option was added in BlackBerry UEM 12.11.  If you are using a lower version, you’ll need to deselect Jailbroken OS and Rooted OS or failed attestation instead.

A Good Control and Good Proxy server is required to perform testing on an actual smartphone or tablet. If you do not yet have a Good Control and Good Proxy server in place, refer to the downloads section of this site for downloads and documentation. Alternatively, you can test using a Good Control Cloud account which is also described on that page.

  1. Log in to the Good Control administration console.
  2. Click Manage Apps > Add App > BD app ID and Version only > Next

    By adding the BD app ID and Version only, you are not required to submit the binary app file (APK or IPA). Using this method also allows the app to be installed directly onto the device (from your IDE or side loaded). 

  3. Specify the GDapplicationID and GDapplicationVersion that was set in the app’s settings.json (Android) or info.plist (iOS) file. For example, com.blackberry. testApp and 1.0.0.0

  4. The app will now be included in the list of apps available on your server. If you need to provide additional configuration parameters for your app, such as whitelisting servers or configuring an app policy, select your app and configure as necessary.

Recommendation: We recommend you add the Android Package ID and Apple Bundle ID to your app’s configuration. This allows the use of easy activation, which avoids the requirement of entering an access key when first starting the app. To add these values:

  1. Click on your app.
  2. On the BlackBerry Dynamics tab, click EDIT.
  3. Specify the appropriate values.

After an app is registered in Good Control, you can entitle users to install and use the app. This can be done using individual users or with user groups. For production deployment, it’s recommended to use user groups. When developing or testing, you may wish to entitle an app to just one or two users.

  1. Log in to the Good Control management console.
  2. Click Users and Groups.
  3. Select a user account.
  4. Click User Actions > Edit User.
  5. On the APPS tab, click Add More.
  6. Select the app and click OK
  7. Depending on your authentication delegation configuration, you may need to generate an Access Key that will be used when the app is run for the first time after a fresh install. 

    To generate a new Access Key, on the ACCESS KEYS tab, click New Access Key. After it is created, the access key is shown in the list of provisioned access keys. 

  8. Install the app from your IDE on your device using the standard method you use when testing an app. Then enter your email address and newly created access key when prompted after running your app for the first time.

You may want to learn more about the BlackBerry Dynamics Plugins and how they work with your project. If you’ve built projects with Cordova plugins in the past, using the BlackBerry Dynamics plugins will be familiar to you.

Some features will automatically be available to your project after adding the cordova-plugin-bbd-base plugin such as FileSystem, XMLHttpRequest.

Generally, it’s recommended to use the cordova-plugin-bbd-all plugin to enable access to all BlackBerry Dynamics APIs. If more granular control is required, you can also install only the bare minimum of required plugins for your app.

A few items of note:

File System

This plugin overrides the default Cordova FileSystem object and provides access to the secure file system automatically upon installation of the cordova-plugin-bbd-base plugin.

HTTP

This plugin overrides the default XMLHttpRequest object automatically upon installation of the cordova-plugin-bbd-base plugin. Calls made via XHR will automatically route through the BlackBerry Dynamics Proxy.

When making HTTPS requests through an HTTP proxy, SSL/TLS certificate verification must be disabled. Certificate verification while using an HTTP proxy is not supported. BlackBerry Dynamics HTTP data communication does not go via the proxy specified in the device's native settings, if any.

The BlackBerry Dynamics Runtime supports Basic Access, Digest Access, NTLM, and Kerberos for authentication with HTTP servers. Except for Kerberos, all these mechanisms are also supported for authentication with HTTP proxies. The BD Runtime supports Kerberos version 5 authentication.

By default, HTTP cookies received through Good Dynamics secure communication are handled automatically.

SQLite

Provides access to the Secure Database by adding the cordova-plugin-bbd-storage plugin to your project.

Sockets

Provides access to the secure Socket communications API by adding the cordova-plugin-bbd-socket plugin to your project.

Copy and Paste

No code changes are required to accommodate copy and paste or autofill protection when using the BlackBerry Dynamics SDK for Cordova.

Cordova Sample Applications

We have provided several Sample Applications which show best practices when using the BlackBerry Dynamics Plugins. These samples are shipped with the SDK and is great resource for anyone looking to develop apps that deeply integrate with the SDK.

Configure the Sample Applications

  • Open your favorite Terminal program
  • Change the directory to the BBD-SDK-FOLDER/folder:

$ cd …/BBD-SDK-FOLDER

  • Add Configure plug-in to application:

$ cordova plugin add ../../plugins/cordova-plugin-bbd-configure

  • Install dependencies:

$ npm -i

  • Add Platform to application:

For iOS: $ cordova platfrom add ios

For Android: $ cordova platform add android

  • Build desired sample app:

$ cordova build

You can deploy and test the sample applications using the methods covered on the Deploy & Test tab.

 

You may want to learn more about the BlackBerry Dynamics Plugins and how they work with your project. If you’ve built projects with Cordova plugins in the past, using the BlackBerry Dynamics plugins will be familiar to you.

Some features will automatically be available to your project after adding the cordova-plugin-bbd-base plugin such as FileSystem, XMLHttpRequest.

Generally, it’s recommended to use the cordova-plugin-bbd-all plugin to enable access to all BlackBerry Dynamics APIs. If more granular control is required, you can also install only the bare minimum of required plugins for your app.

A few items of note:

File System

This plugin overrides the default Cordova FileSystem object and provides access to the secure file system automatically upon installation of the cordova-plugin-bbd-base plugin.

HTTP

This plugin overrides the default XMLHttpRequest object automatically upon installation of the cordova-plugin-bbd-base plugin. Calls made via XHR will automatically route through the BlackBerry Dynamics Proxy.

When making HTTPS requests through an HTTP proxy, SSL/TLS certificate verification must be disabled. Certificate verification while using an HTTP proxy is not supported. BlackBerry Dynamics HTTP data communication does not go via the proxy specified in the device's native settings, if any.

The BlackBerry Dynamics Runtime supports Basic Access, Digest Access, NTLM, and Kerberos for authentication with HTTP servers. Except for Kerberos, all these mechanisms are also supported for authentication with HTTP proxies. The BD Runtime supports Kerberos version 5 authentication.

By default, HTTP cookies received through Good Dynamics secure communication are handled automatically.

SQLite

Provides access to the Secure Database by adding the cordova-plugin-bbd-storage plugin to your project.

Sockets

Provides access to the secure Socket communications API by adding the cordova-plugin-bbd-socket plugin to your project.

Copy and Paste

No code changes are required to accommodate copy and paste or autofill protection when using the BlackBerry Dynamics SDK for Cordova.

Cordova Sample Applications

We have provided several Sample Applications which show best practices when using the BlackBerry Dynamics Plugins. These samples are shipped with the SDK and is great resource for anyone looking to develop apps that deeply integrate with the SDK.

Configure the Sample Applications

  • Open your favorite Terminal program
  • Change the directory to the BBD-SDK-FOLDER/folder:

$ cd …/BBD-SDK-FOLDER

  • Add Configure plug-in to application:

$ cordova plugin add ../../plugins/cordova-plugin-bbd-configure

  • Install dependencies:

$ npm -i

  • Add Platform to application:

For iOS: $ cordova platform add ios

For Android: $ cordova platform add android

  • Build desired sample app:

$ cordova build

You can deploy and test the sample applications using the methods covered on the Deploy & Test tab.

 

Congratulations on developing your first BlackBerry secured app! You can continue to explore the available APIs and developer resources. Learn about some of the common APIs below.

The code snippets used in this section are from two Android Studio projects available for download from GitHub. 

Java Samples: Getting Started and Getting Started BD 

Kotlin Samples: GettingStartedKotlin and GettingStartedKotlinBD.

The secure file system is part of the BlackBerry Dynamics Secure Storage feature. For apps, the BlackBerry Dynamics (BD) secure file system behaves like the default file system, with the following differences:

  • All data within the secure file system is stored on the device in an encrypted form.
  • Directory and file names are also encrypted.
  • There is no current working directory in the secure file system. Paths should always be specified as absolute paths, beginning with a / character.
  • The secure file system cannot be accessed until BlackBerry Dynamics authorization processing is complete. For more information, see authorize in the GDAndroid class reference.

Encryption and decryption is transparent to the app code:

  • File-writing interfaces accept raw data. The BD Runtime encrypts the data and stores it on the device.
  • When a file-reading interface is utilized, the BD Runtime decrypts what was stored and returns plain data.
  • Path access interfaces accept plain parameters for directory and file names. The BD Runtime encrypts the parameter values in order to create paths in the secure store.
  • Directory and file names provided as return values are plain. The BD Runtime decrypts paths in the secure store in order to generate the return values.

The encryption method used by the BD Runtime generally requires that the user has entered a security password, from which an encryption key is derived. For more information, refer to the BD File I/O package documentation.

From a coding perspective, the BlackBerry Dynamics file system APIs are very similar to the standard Android file system APIs. The changes required are minimal and only involve changing some of the class names used. Comparing the before FileFragment.java and after FileFragment.java or the before FileFragment.kt and after FileFragment.kt files, you’ll observe the following changes:

Update Import Statements

Original

import java.io.FileOutputStream;
import java.io.InputStream;

BlackBerry Dynamics

import com.good.gd.file.FileInputStream;
import com.good.gd.file.FileOutputStream;
import com.good.gd.file.GDFileSystem;

 

Use GDFileSystem to Open the File for Writing

Original

outputStream = getContext().openFileOutput(FILENAME, Context.MODE_PRIVATE);

BlackBerry Dynamics

outputStream = GDFileSystem.openFileOutput(FILENAME, Context.MODE_PRIVATE);

 

Use GDFileSystem to Open the File for Reading

Original

InputStream inputStream = getContext().openFileInput(FILENAME);

BlackBerry Dynamics

FileInputStream inputStream = GDFileSystem.openFileInput(FILENAME);

After making these minor changes, the app is now able to securely read and write encrypted files.

Update Import Statements

Original

import java.io.FileOutputStream
import java.io.InputStream

BlackBerry Dynamics

import com.good.gd.file.FileInputStream
import com.good.gd.file.FileOutputStream
import com.good.gd.file.GDFileSystem

 

Use GDFileSystem to Open the File for Writing

Original

val outputStream: FileOutputStream = context!!.openFileOutput(FILENAME, Context.MODE_PRIVATE)

BlackBerry Dynamics

val outputStream: FileOutputStream = GDFileSystem.openFileOutput(FILENAME, Context.MODE_PRIVATE)

 

Use GDFileSystem to Open the File for Reading

Original

val inputStream: FileInputStream? = context!!.openFileInput(FILENAME)

BlackBerry Dynamics

val inputStream: FileInputStream? = GDFileSystem.openFileInput(FILENAME)

After making these minor changes, the app is now able to securely read and write encrypted files.

The secure SQL database is part of the BlackBerry Dynamics Secure Storage feature. Data stored in the secure SQL database will be encrypted on the device by the BlackBerry Dynamics Runtime. The BlackBerry Dynamics secure SQL database is based on the SQLite library. Encryption is added by BlackBerry Dynamics transparently to the app. A secure SQL database cannot be accessed until BlackBerry Dynamics authorization processing is complete.

BlackBerry Dynamics apps access the secure database using replacements for the native android.database and android.database.sqlite packages. To access the replacement classes instead of the native classes, change android.database to com.good.gd.database wherever it occurs in the app code.

The replacement packages support the same APIs as the native packages, with the following exceptions:

  • The LOCALIZED and UNICODE collators provided by the native android.database.sqlite package are not supported.
  • There is an additional function, importDatabase. See below for more information.
  • Paths of database files are interpreted relative to the root of the BlackBerry Dynamics secure file system of the app. The root of the secure file system is within the app's data directory. There is no need to utilize functions such as the native getFilesDir to generate database file paths.

For more on using SQLite databases refer to the SQLite package documentation.

If you compare the modifications required for SQLite in the Java before and after samples or the Kotlin before and after samples, you’ll notice that the only changes required are for the import statements. The rest of the SQLite in the app can remain as is. Here are the changes that were made:

Modify Import Statements in ColorDbHelp.java

Original

import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;

BlackBerry Dynamics

import com.good.gd.database.sqlite.SQLiteDatabase;
import com.good.gd.database.sqlite.SQLiteOpenHelper;

 

Modify Import in SqlFragment.java

Original

import android.database.sqlite.SQLiteDatabase;

BlackBerry Dynamics

import com.good.gd.database.sqlite.SQLiteDatabase;

Modify Import Statements in ColorDbHelp.java

Original

import android.database.sqlite.SQLiteDatabase
import android.database.sqlite.SQLiteOpenHelper

BlackBerry Dynamics

import com.good.gd.database.sqlite.SQLiteDatabase
import com.good.gd.database.sqlite.SQLiteOpenHelper

 

Modify Import in SqlFragment.java

Original

import android.database.sqlite.SQLiteDatabase

BlackBerry Dynamics

import com.good.gd.database.sqlite.SQLiteDatabase

This class is an extension of the Apache HttpClient for utilizing BlackBerry Dynamics secure communication. See the BD Communication Package for an introduction to the BlackBerry Dynamics secure communication feature. This class is a subclass of the native com.good.gd.apache.http.impl.client. DefaultHttpClient class and has the same API, with the following exceptions:

  • Some SSL certificate validation checking can be disabled for development purposes. This should not be done for production deployments.
  • The connection manager associated with a BD HTTP Client instance should always be closed by calling its shutdown() method, before the client instance is released or goes out of scope. This ensures that SSL verification can be re-enabled.
  • This class is not thread-safe. Use of ThreadSafeClientConnManager is not supported. This class only supports SingleClientConnManager.
  • Data communication does not go via the proxy specified in the mobile device's native settings, if any.
  • Kerberos authentication is supported.

If your BlackBerry UEM or Good Control server has disallowed connections to any server, the address of the destination app server must be registered in the UEM or GC management console.

The HTTP networking section of these samples are based on the Android HTTP network connection sample included with Android Studio. If you have also based your networking classes on this example, the changes to HttpFragment.java are concentrated within a single method. Refer to the before HttpFragment.java and after HttpFragment.java or the before HttpFragment.kt and after HttpFragment.kt for complete code samples.

Update Import Statements

Original

import java.net.HttpURLConnection;
import java.net.URL;

BlackBerry Dynamics

import com.good.gd.apache.http.HttpResponse;
import com.good.gd.apache.http.client.methods.HttpGet;
import com.good.gd.net.GDHttpClient;

 

Modify the downloadUrl Method

Original

private InputStream downloadUrl(String urlString) throws IOException {
    URL url = new URL(urlString);
    HttpURLConnection conn = (HttpURLConnection) url.openConnection();
    conn.setReadTimeout(10000 /* milliseconds */);
    conn.setConnectTimeout(15000 /* milliseconds */);
    conn.setRequestMethod("GET");
    conn.setDoInput(true);
    // Start the query conn.connect();
    InputStream stream = conn.getInputStream();
    return stream;
}

BlackBerry Dynamics

private InputStream downloadUrl(String urlString) throws IOException {
    GDHttpClient httpclient = new GDHttpClient();
    final HttpGet request = new HttpGet(urlString);

    HttpResponse response = httpclient.execute(request);
    InputStream stream = response.getEntity().getContent();

    return stream;
}

Update Import Statements

Original

import java.net.HttpURLConnection
import java.net.URL

BlackBerry Dynamics

import com.good.gd.apache.http.HttpResponse
import com.good.gd.apache.http.client.methods.HttpGet
import com.good.gd.net.GDHttpClient

 

Modify the downloadUrl Method

Original

@Throws(IOException::class)
 private fun downloadUrl(urlString: String): InputStream {    
    val url = URL(urlString) url.openConnection();
    val conn = url.openConnection() as HttpURLConnection
    conn.readTimeout = 10000
    conn.connectTimeout = 15000
    conn.requestMethod = "GET"
    conn.doInput = true    
    // Start the queryInputStream stream = conn.getInputStream();
    conn.connect()
return conn.inputStream

}

BlackBerry Dynamics

@Throws(IOException::class)
private fun downloadUrl(urlString: String): InputStream {   

    val httpclient = GDHttpClient()
    val request = HttpGet(urlString)
    val response = httpclient.execute(request)
    return response.entity.content
}

This class is an extension of the native java.net.Socket class, for utilizing BlackBerry Dynamics secure communication. See the BD Communication Package for an introduction to the BlackBerry Dynamics secure communication feature.

This class offers the same API as the java.net.Socket class, with the exception of the following features that are not supported:

  • Out of band data
  • Urgent messages feature
  • Traffic class
  • Server socket methods (such as accept( ))
  • bind() method
  • connect (SocketAddress) method

If the app attempts to use an unsupported feature, a java.lang.UnsupportedOperationException is thrown. Only the default constructor is supported. Other constructors, for example those with parameters for proxy or host address, are not supported.

A GDSocket must always be closed by calling the close() method to prevent resource contention. This applies even if the socket was never connected or used. An unused java.net.Socket object can be safely abandoned without the need for an explicit close.

Data communication does not go via the proxy specified in the mobile device's native settings, if any. The getInetAddress() method does not return the address of the connected remote host.

If your BlackBerry UEM or Good Control server has disallowed connections to any server, the address of the destination app server must be registered in the enterprise's UEM or GC management console.

For more information, see the GDSocket class reference.

Looking at the modifications required for socket connections in the samples, the required changes are almost limited to changing the import statement and class name. There is one other minor modification because the constructor for Socket and GDSocket differ slightly. Refer to the before Socketfragment.java and after Socketfragment.java or before SocketFragment.kt and after SocketFragment.kt files for complete code samples.

Update Import Statements

Original

import java.net.Socket;

BlackBerry Dynamics

import com.good.gd.net.GDSocket;

 

Update Class Name and Constructor to use connect Method

Original

Socket socket = null;
socket = new Socket("developer.blackberry.com", 80);

BlackBerry Dynamics

GDSocket socket = null;
socket = new GDSocket();
socket.connect("developer.blackberry.com", 80, 1000);

Update Import Statements

Original

import java.net.Socket

BlackBerry Dynamics

import com.good.gd.net.GDSocket

 

Update Class Name and Constructor to use connect Method

Original

var socket: Socket? = null
socket = Socket("developers.blackberry.com", 80)

BlackBerry Dynamics

var socket: GDSocket? = null
socket = GDSocket()
socket.connect("developers.blackberry.com", 80, 1000)

Congratulations on developing your first BlackBerry secured app! You can continue to explore the available APIs and developer resources. Learn about some of the common APIs below.

The code snippets referenced in this section are available in the iOS sample apps from the BlackBerry GitHub site. Download the BlackBerry Dynamics iOS Samples repository and see these projects:

  • Basic-iOS-Sample-Objective-C
  • Basic-iOS-Sample-Swift
  • BlackBerry Dynamics iOS-Objective-C Sample
  • BlackBerry Dynamics iOS–Swift Sample

To see the full details of BlackBerry Dynamics APIs, see the BlackBerry Dynamics SDK API Reference.

The secure file system is part of the BlackBerry Dynamics Secure Storage feature. For apps, the BlackBerry Dynamics secure file system behaves like the default file manager system, with the following differences:

  • All data within the secure file system is stored on the device in an encrypted form.
  • Directory and file names are also encrypted.
  • There is no current working directory in the secure file system. Paths should always be specified as absolute paths, beginning with a / character.
  • The secure file system cannot be accessed until BlackBerry Dynamics authorization processing is complete. For more information, see authorize in the GDiOS class reference.

Encryption and decryption is transparent to the app code:

  • File-writing interfaces accept plain data. The BD Runtime encrypts the data and stores it on the device.
  • When a file-reading interface is utilized, the BD Runtime decrypts what was stored and returns plain data.
  • Path access interfaces accept plain parameters for directory and file names. The BD Runtime encrypts the parameter values to create paths in the secure store.
  • Directory and file names provided as return values are plain. The BD Runtime decrypts paths in the secure store to generate the return values.

The encryption method used by the BD Runtime generally requires that the user has entered a security password from which an encryption key is derived.

Since the GDFileManager class is a subclass of the native NSFileManager class, minimal changes are required. You just need to replace references to NSFileManager with references to GDFileManager.

Comparing before and after code snippets from the two sample apps, you’ll observe the following changes:

Import Statements

Native

@import <Foundation/Foundation.h>;

BlackBerry Dynamics

#import <GD/GDFileManager.h>

 

Use GDFileSystem to Write a File

Native

- (BOOL)writeToNativeFile
{

NSString *text = @"Text not protected.";
NSData *fileData = [text dataUsingEncoding:NSUTF8StringEncoding];

BOOL fileCreated = [[NSFileManager defaultManager] createFileAtPath:[self
documentsFolderPathForFileNamed:@"NativeFileTest.txt"] contents:fileData attributes:nil];

return fileCreated;

}

Objective-C

- (BOOL)writeToGDFile
 {
     NSString *text = @"Text to be protected by BlackBerry Dynamics.";
     NSData *fileData = [text dataUsingEncoding:NSUTF8StringEncoding];
    // Following assignment uses GDFileManager instead of NSFileManager.
     BOOL fileCreated =
     [[GDFileManager defaultManager]
      createFileAtPath:[self
                        documentsFolderPathForFileNamed:@"MyFile.txt"]
                        contents:fileData
                        attributes:nil];
     return fileCreated;
 }

Swift

func writeToGDFile() -> Bool
    {
        let text = “Text to be protected by GD encryption.”
        let fileData = text?.data(using: .utf8)
        let filePath = “ ”;
    //Create a secure file using GDFileManager
        let fileCreated = GDFileManager.default().createFile(atPath: filePath,
        contents: fileData, attributes: nil)
    return fileCreated
    }

After making these minor changes, the app is now able to securely write encrypted files.

The secure SQL database is part of the BlackBerry Dynamics Secure Storage feature. Data stored in the secure SQL database is encrypted on the device by the BD Runtime. The BlackBerry Dynamics secure SQL database is based on the SQLite library. Encryption is added by BlackBerry Dynamics transparently to the app. A secure SQL database cannot be accessed until BlackBerry Dynamics authorization processing is complete.

BlackBerry Dynamics apps access the secure database using replacements for the native SQLite. To access the replacement classes instead of the native classes, change the import statement sqlite3.h to GD/sqlite3enc.h.

For more information about using SQLite databases, refer to the Secure SQL Database API.

If you compare the modifications required for SQLite between the native samples and the GD sample, you’ll notice that the changes are minimal. Updates are required to the import statements and opening and importing of an encrypted database. The rest of the SQLite in the app can remain as is. Here are the changes that were made:

 

Import Statements

Native

#import <sqlite3.h>

BlackBerry Dynamics

#import <GD/sqlite3enc.h>

 

Open Database

Native

BOOL result = sqlite3_open([dbFileName UTF8String], &sqlite3Database);

BlackBerry Dynamics

Objective-C

sqlite3 *db_ptr = NULL;
    char *errorMsg = NULL;
    int returnCode;
    char *databaseName = NULL;
databaseName = "sample.db";
returnCode = sqlite3enc_open(databaseName, &db_ptr);
if(returnCode!=SQLITE_OK)
    {
        fprintf(stderr, "Error in opening the database. Error: %s", sqlite3_errmsg(db_ptr));
        sqlite3_close(db_ptr);
        return;
    }

Swift

func openSQLiteConnection() ->Bool
    {
        var db: OpaquePointer? = nil
        let returnCode = sqlite3enc_open("", &db)
        if returnCode == SQLITE_OK
        {
            return true
        }else {
            return false
        }
    }

GDURLLoadingSystem

BlackBerry Dynamics applications can use the native URL Loading System. The native URL Loading System classes can be used to communicate with app servers that are residing behind an enterprise firewall or on the Internet. Once a connectivity profile is configured in BlackBerry UEM or in standalone Good Control for secure communication, the native class NSURLSession or NSURLConnection should work as is.

See the BlackBerry Dynamics SDK API Reference and review the GDURLLoadingSystem class and NSURLSession support.

GDHttpRequest API as an alternative approach

In addition to the GDURLLoadingSystem, you can use the GD HTTP Request API to send HTTP requests, such as GET and POST, from the device to an app server. The app server can be on the Internet or behind the enterprise firewall as well. The GD HTTP Request API is based on the XML Http Request (XHR) standard.

BlackBerry Dynamics secure communications support HTTPS, using a Secure Socket Layer connection or SSL/TLS to send the HTTP request and receive the response. HTTP and HTTPS requests can be relayed by an HTTP or HTTPS proxy that resides on the Internet or behind the enterprise firewall. Authentication with the proxy is supported.

When making HTTPS requests through an HTTP proxy, SSL/TLS certificate verification must be disabled. Certificate verification while using an HTTP proxy is not supported. BlackBerry Dynamics HTTP data communication does not go via the proxy specified in the device's native settings, if any.

The BlackBerry Dynamics Runtime supports Basic Access, Digest Access, NTLM, and Kerberos for authentication with HTTP servers. Except for Kerberos, all of these mechanisms are also supported for authentication with HTTP proxies. The BD Runtime supports Kerberos version 5 authentication.

By default, HTTP cookies received through BlackBerry Dynamics secure communication are handled automatically.

For more information, see the GDHTTPRequest class reference. The changes required for the GD HttpRequest class are listed below:

Objective-C

// Open a requested URL using URLSession
    - (void)requestData:(NSString*)url
    {
        NSURL* nsUrl = [NSURL URLWithString:url];
        NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration
        defaultSessionConfiguration] delegate:self delegateQueue:[NSOperationQueue mainQueue]];
    
    NSURLSessionTask *task =
        [session dataTaskWithURL:nsUrl completionHandler:^(NSData *data, NSURLResponse
        *response, NSError *error){           
        self.dataReceivedTextView.text = [[NSString alloc] initWithData:data
        encoding:NSUTF8StringEncoding];
        }];
    
    [task resume];
    }

Swift

// Open a requested URL using URLSession
    func requestData(url : String)
    {   
        let nsUrl = URL(string: url)
            let urlRequest = URLRequest(url: nsUrl!)
            let session = URLSession.init(configuration: URLSessionConfiguration.default, delegate:
            self, delegateQueue: OperationQueue.init())
        
        let task = session.dataTask(with: urlRequest, completionHandler: { (data, response, error) in
            
            DispatchQueue.main.async {
                    print(response ?? "res")
                }
            })
            task.resume()
        }

The GD Socket API is asynchronous and state-based. The app attaches its own event-handler callbacks to the GD Socket object. The callback functions are invoked when socket events occur, or when the socket changes state. The API functions that can be called by the app depend on the socket's state.

Sending data through a GD Socket is a two-stage operation. The first stage is to add the data to the socket's outbound buffer. The socket's outbound buffer is represented by the writestream property, and is accessed using the GD Direct Byte Buffer API. The second stage is to send the contents of the buffer through the socket connection. To send the buffer, call the write function.

Reading data from a GD Socket is asynchronous. When data is received at the device, the data is stored in the socket's inbound buffer. The app is then notified that data is available to read, by invocation of the delegate onRead callback. In the callback, the app consumes the received data from the inbound buffer. The inbound buffer is represented by the readStream property, and is accessed using the GD Direct Byte Buffer API.

The GD Socket API supports use of SSL/TLS to send and receive data. By default, the BD Runtime does not offer the TLSv1.1 or TLSv1.2 protocols for SSL/TLS connections with an app server.

These protocols can be enabled, as follows:

1. Add a new row to the app's Info.plist file as follows:

Key: GDControlTLSVersions

Type: String (the default)

2. Set the value to:

GDEnableTLS1.1 to enable the TLSv1.1 protocol

GDEnableTLS1.2 to enable the TLSv1.1 and TLSv1.2 protocols

Alternatively, the value can be an array containing one or both of the above strings as separate items.

The GD socket connections and HTTP requests can be used to connect to servers that are behind the enterprise firewall. The address of the destination app server must be registered in the BlackBerry UEM or standalone Good Control (GC) management console.

  • The address could be registered as the app's server or as an additional server.
  • The app server configuration in the GC can be obtained in the app code by using the getApplicationConfig (GDiOS) function.

The connection to the app server will be made through the BlackBerry Dynamics proxy infrastructure. Verify the status of the mobile app's connection to the proxy infrastructure before attempting to open the socket or sending the HTTP request.

The changes required for the GDSocket class are listed below:

 

Import Statements

Native

#include <CoreFoundation/CoreFoundation.h>

BlackBerry Dynamics

#import <GD/GDNETiOS.h>

 

Connect to Server and Update Read/Write Stream Methods

Native

// connect to server, setting up network socket stream - (IBAction)connectToServer:(id)sender {

NSURL *urlString = [NSURL URLWithString:urlStr];

CFReadStreamRef readStream; CFWriteStreamRef writeStream;

CFStreamCreatePairWithSocketToHost(NULL, (CFStringRef)[ urlString host], 80, &readStream,
&writeStream);

NSInputStream *inputStream = (__bridge_transfer NSInputStream *)readStream; NSOutputStream
*outputStream = (__bridge_transfer NSOutputStream *)writeStream;

[inputStream setDelegate:self]; [outputStream setDelegate:self];

[inputStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode];
[outputStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode];

[inputStream open]; [outputStream open]; } }

Objective-C

//initialize, connect, read, write, disconnect self.GDSocket = [[GDSocket alloc] init:serverURL
onPort:port andUseSSL:NO]; [self.GDSocket connect]; -(void)onOpen:(id)socket_id { GDSocket
*socket = (GDSocket *)socket_id;

[socket.writeStream write:"MESSAGE\n"];

[socket write];

} -(void)onRead:(id)socket_id { GDSocket *socket = (GDSocket *)socket_id;

NSString *dataString = [socket.readStream unreadDataAsString]; // all data has been
received [socket disconnect]; } }

Swift

func connectToServer()
    {
            let intCast : Int32 = Int32(self.portText.text!)!
            let nsstring : NSString = NSString.init(string: self.ipAddressText.text!)
            gdSocket = GDSocket(nsstring.utf8String!, onPort: intCast, andUseSSL: false)        
        gdSocket.delegate = self
            gdSocket.connect()
    }
   
    func onOpen(_ socket: Any)
    {
            let httpString =
            "GET http://\(self.ipAddressText.text!)/
            HTTP/1.1\r\nHost:\(self.ipAddressText.text!):\(self.portText.text!)\r\nConnection:
            close\r\n\r\n" as NSString
                    
        gdSocket.writeStream?.write(httpString.utf8String!)      
        gdSocket.write()
        }
func onRead(_ socket: Any)
    {
            let gSocket = socket as! GDSocket;        
        let str = gSocket.readStream?.unreadDataAsString()
            DispatchQueue.main.async {
                self.dataRecievedTextVIew.text = str as String!
            }
            gSocket.disconnect()
    }

The BlackBerry Dynamics runtime may secure or block text in transit to or from the clipboard, depending on the policies for data leakage prevention (DLP) policy configured in BlackBerry UEM. The runtime secures text by encrypting it when it is cut or copied to the device clipboard, and then decrypting it when it is pasted from the clipboard.  The BlackBerry Dynamics SDK provides replacement widgets that implement this functionality.  Other functions of these widgets remain the same.

Update Import Statements

Original

import android.widget.AutoCompleteTextView;
import android.widget.EditText;
import android.widget.EditTextPreference;
import android.widget.MultiAutoCompleteTextView;
import android.widget.SearchView;
import android.widget.TextView;
import android.widget.WebView;

BlackBerry Dynamics

import com.good.gd.widget.GDAutoCompleteTextView;
import com.good.gd.widget.GDEditText;
import com.good.gd.widget.GDEditTextPreference;
import com.good.gd.widget.GDMultiAutoCompleteTextView;
import com.good.gd.widget.GDSearchView;
import com.good.gd.widget.GDTextView;
import com.good.gd.widget.GDWebView;

 

Update Class Names

Original

TextView textView = findViewById(R.id.text_view_id);

BlackBerry Dynamics

GDTextView textView = findViewById(R.id.text_view_id);

Update Import Statements

Original

import android.widget.AutoCompleteTextView
import android.widget.EditText
import android.widget.EditTextPreference
import android.widget.MultiAutoCompleteTextView
import android.widget.SearchView
import android.widget.TextView
import android.widget.WebView

BlackBerry Dynamics

import com.good.gd.widget.GDAutoCompleteTextView
import com.good.gd.widget.GDEditText
import com.good.gd.widget.GDEditTextPreference
import com.good.gd.widget.GDMultiAutoCompleteTextView
import com.good.gd.widget.GDSearchView
import com.good.gd.widget.GDTextView
import com.good.gd.widget.GDWebView

 

Update Class Names

Original

val textView: TextView = findViewById(R.id.text_view_id)

BlackBerry Dynamics

val textView: GDTextView = findViewById(R.id.text_view_id)

Use BlackBerry Dynamics ClipboardManager

Copy and paste as well as drag and drop operations can be supported in the original android.widget classes or in other custom fields by making use of com.good.gd.content.ClipboardManager, which is a replacement for android.content.ClipboardManager.

For an example of its use, refer to the SecureClipboardView class in the SecureCopyPaste sample project.  The SecureCopyPaste project is in a sub-directory of your Android home directory with the following path: sdk/extras/blackberry/dynamics_sdk/sdk/samples/SecureCopyPaste/

By default, the Android home directory is located here:

  • Windows: C:\Users\[username]\AppData\Local\ Android
  • Mac: /Users/[username]/Library/Android/sdk

Disable AutoFill

Some apps, such as password managers or keyboards, can learn from and fill out views in other apps. This is a form of data leakage that should be disabled.  This functionality is disabled in the com.good.gd.widget.* classes.  It should be disabled in other widgets by overriding the getAutofillType() method as shown below.

@Override
public int getAutofillType() {
return AUTOFILL_TYPE_NONE;
}

override fun getAutofillType(): Int {
return AUTOFILL_TYPE_NONE
}

Copy and Paste

The BlackBerry Dynamics runtime may secure or block text in transit to or from the clipboard, depending on the policies for data leakage prevention (DLP) policy configured in BlackBerry UEM. The runtime secures text by encrypting it when it is cut or copied to the device clipboard, and then decrypting it when it is pasted from the clipboard. On iOS, these operations are handled automatically by the BlackBerry Dynamics Runtime.  No coding changes are required to support this on iOS.

Disable AutoFill

To block password AutoFill, make the TextField an implementation of BBDAutoFillBlockerField. The BBDAutoFillBlockerField class is open source and demonstrated in the AutoFillBlockingSample.

      

Get Started with Other Platforms

BlackBerry also supports Xamarin and React Native


Use these manuals to get started: Xamarin.iOS | Xamarin.Android | React Native