Using OAuth authentication for the 

BlackBerry Web Services

 REST APIs

Version 12.12 of the 

BlackBerry Web Services

 REST APIs introduce support for OAuth, an industry standard identity verification and authentication process. For more information about OAuth, visit https://openid.net/connect/.

OAuth for the 

BlackBerry Web Services

 REST APIs is supported for 

BlackBerry UEM Cloud

 and 

BlackBerry UEM

 version 12.12 and later. The OAuth implementation leverages BlackBerry Enterprise Identity for authentication using OAuth2 and supports the following grant types:

client_credentials grant type for simple scripts and unattended automation use cases
authorization_code grant type for advanced apps using 
UEM
 administrator user credentials

The supported authentication types depend on the type of app and the 

UEM

 environment:

App type	Description	Supported OAuth grant types
Enterprise app	An enteprise app is developed and distributed internally within an organization. The app developer can configure the app to require user authentication or to function as a simple utility that can run unattended.	authorization_code client_credentials
Third-party app in a customer’s on-premises environment	A third-party app is created by a third-party developer and deployed in an organization’s on-premises domain.	authorization_code
Third-party app in a cloud environment	A third-party app is created by a third-party developer and deployed in a third-party cloud domain.	authorization_code

This guide is intended for app developers, but some tasks must be completed by a 

UEM

 administrator and 

BlackBerry Online Account

 administrator. Contact the 

UEM

 administrator in your organization, or the 

UEM

 administrator in the organization that you are developing the app for, to coordinate and complete the necessary administrator tasks.