REST API’s with Good Control


After my previous articles on SOAP API interfaces in BES and GC, you might be interested to know that there is also a REST API. Good Control (GC) was in the process of making REST the primary API, when the merger with BlackBerry occurred.  While the integration of BES and GC is ongoing it’s still worth looking at what the GC (only) REST API’s can do today.

The http API’s (or REST) are designed for working with device management, or if you like, with devices being manage by the GC (Mobile Device Management, MDM).  For managing users, polices and so on, you must use the older SOAP API’s.

I could use SoapUI like I did with my previous blog, but instead I’m going to another tool that lets you work with these sorts of REST API’s, “Postman” which can be found in the Chrome web store. You can use any tool that lets you make and receive a REST call.

Here is what it looks like:


There are a few steps to making this work:

  1. You need to figure out the URL to your GC instance, and then decide on the API you are going to call. For me you I chose to try looking up my Samsung Note4 activated with KNOX.  Here is what the URL looks like:
    here is a practical example:

    • the fully qualified domain name of my server “”
    • the path to the REST API ‘/gc/rest-api/mdm/devices’
    • the parameter of ?user=274351951 which is the userid of the of the owner of the devices I’m listing. In this case, just my Note4.
  2. Next you need to add your authentication string. Why did I phrase it so?  You can’t simply use the browser (or my Postman client in this case) default authentication.  You have put in a special “Authorization” header, here is how:
    You have to Base64-encode a json object formatted this way:{“userName”:”yourDomain\yourGCloginName“,”password“:”mypassword”}
    There are various ways to do this, tools are built in on Linux and OSx, but I’m using Windows so I just used a public tool  (which you shouldn’t use if this was actual confidential info).  Once done you will get a string that you need to embed in your REST query Header.  In the image above you can see that the “Authorization” tab is greyed out, but the Headers tab has (1) item, and it simply says “Authorization” and the value is the one we just calculated.
  3. Lastly send the GET. You will get a JSON object, again, like you see in the image above.

For more information on GC Rest API’s, start here with this pdf, section on “HTTP API for Device Management”:

If you’re wondering why there is no REST in BES12, note that we did add Cisco ISE support (which is REST) here.

If you have questions or simply have thoughts you would like to share on REST, put a comment below, or send me a tweet @ed_bourne

Ed Bourne

About Ed Bourne

Ed Bourne brings over 10 years of experience in mobility as a Sr. Enterprise Solutions Manager at BlackBerry. Ed manages the technical partnerships with some of our largest Strategic Partners and Customers, helping to foster BlackBerry expertise and bring a compelling mobile experience to our joint customers.