Tips and Tricks for BlackBerry Communications Services SDK

BlackBerry Communication Services is a powerful and simple to use SDK that can enable rich messaging experiences for your users. Below are some tips and notes on best-practices with our SDK that can help you get started.

Using IDP

When you’re getting started with BlackBerry Communications Services, you can play around in our development sandbox with FULL access to all of the wonderful APIs available in our SDK. This includes full integration with your chosen identity provider using OAuth2.0 or OpenID. At a high level, your app will fetch an access token from your identity provider, and then pass this token to our SDK for verification. The SDK is then granted an internal token that is used to communicate with the BlackBerry Infrastructure.

The below diagram illustrates our authentication process in greater detail:

What if you don’t have an identity provider, and still want to play around with the brilliant features of our SDK? In that case, we support disabling user authentication completely when running in the sandbox.

But wait! What if you have already enabled Google Auth or Azure Active Directory in your application and want to integrate directly with them? No problem! We have auto-fill buttons on our application configuration portal as well as support libraries in our SDK that will make setting this up a breeze. For more info about this, check out the identity management page from our guide.

Storing Encryption and Signing Keys

All communications on our platform are end-to-end encrypted, to the point that not even BlackBerry can see them! We do this by ensuring that encryption and signing keys are stored and retrieved securely by our SDK in either of 2 models. For most applications, BlackBerry Key Management Service is used to manage these keys. In this model, BlackBerry encrypts and stores keys on our secured databases. The encryption keys are themselves encrypted, so not even BlackBerry can crack your user’s private data.

BlackBerry KMS:

For applications that need complete control over their own keys, often to achieve regulatory compliance, developers can provide their own Cloud Key Storage solution. The SDK even provides support libraries for managing keys on Firebase and Azure CosmosDB. Whichever option is right for your application, the SDK makes it easy to integrate key management into your solution. 

Cloud Key Storage: 

3 ways to send raw data

There are three ways you can send raw data via BlackBerry Communications Services:

1.      As part of a data blob in a chat message (70kb)

2.      As a file attachment in a chat message (128mb)

3.      Using the Data Stream API (greater than 128mb)

For the first two ways (data blob and file attachment), if a device is offline, the messages will be queued and sent once the device is back online. For a data stream, a persistent connection is required.

In the case of sending a message in a data blob, raw data is encrypted on the device at rest, and has a 70kb restriction on the size of the payload. For file attachments, application provides the SDK the path to the file, which is then securely transmitted over the BlackBerry infrastructure. These files can be up to 128mb in size.

Finally, a peer-to-peer data stream can be used to securely transmit data larger than 128mb. Developers familiar with input/output streams will recognize the design pattern of our APIs. This stream can be used to send raw bytes of data, should a developer want to send custom payloads or do their own encodings on the raw data coming out of our secure peer-to-peer connections.

Other random tips

  • To optimize the use of ‘user is typing’ notification events, it is recommended that the application wait a short delay after the user starts typing before sending a chat typing event. This is because short messages can often be typed in a few seconds, and it is often better to simply send the message itself instead of a typing notification – which would be followed by the message in very short succession.
  • Messages have two types of fields that allow your application to attach data to a chat message, data and localData. While is visible to all participants of the chat, message.localData is visible only to the local endpoint. For example, an application can use the localData field to mark a message as hidden to the local endpoint, or allow the user to add a private sticky note to a message.
  • Chat messages have customizable metadata fields. Data that is frequently changing should utilize this API, for example in an Announcements based application.

Thanks for reading! For more tips and tricks, or if you have any questions and comments, check out the BlackBerry Developer Forums.

Jeff J.

About Jeff J.

As a part of the Enterprise Solutions Team, I work to bring the latest BlackBerry software and security features to life on the Android platform.