How to Use Kerberos or NTLM with UEM MDM VPN Tunnel

Last updated January 28, 2024 by Appdome

When your mobile apps are connecting to servers over an EMM tunnel they sometimes require certificates to complete the connection. There are also times where mobile apps have to authenticate to servers with Kerberos authentication over the EMM tunnel. This knowledge base article provides step-by-step instructions for how to use Kerberos or NTLM with UEM MDM VPN tunnel and add BlackBerry EMM Authenticated Tunnel to any Android and iOS app.

We hope you find this knowledge base useful and enjoy using Appdome!

How to Use Kerberos or NTLM with UEM MDM VPN Tunnel

Appdome is a no-code mobile app security platform designed to add security features in mobile apps.

Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps without coding. When a user clicks “Build My App”, Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.

Using Appdome, there are no development or coding prerequisites to build secured apps. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds the relevant standards, frameworks, stores, and logic to the app automatically, with no manual development work at all. Users merely upload a mobile app, select the relevant Blackberry implementation option, and click “Build My App”. The Appdome technology automatically adds Blackberry (formerly Good) Dynamics SDK and relevant standards, frameworks and more to the app, with no manual development work at all. Using Appdome, mobile apps will use BlackBerry’s Authenticated Tunnel to securely tunnel app data as if BlackBerry Authenticated tunneling schemes were natively coded to the app.

Prerequisites for using Appdome for EMM Authenticated Tunnel

4 Easy Steps to Use Kerberos or NTLM with UEM MDM VPN Tunnel

Follow these step-by-step instructions to add EMM Authenticated Tunnel to Any Mobile App:

Upload a Mobile App to Your Account

Please follow these steps to add a mobile app to your Appdome account.

If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, Add EMM Authenticated Tunnel

Select the Build Tab.

Note: a blue underline will appear showing the step is active.

Beneath the Build Tab, select Management.

Note: a blue highlight will appear showing the category is active.

  1. Under Enterprise Mobility Management, enable the EMM Services 
  2. Select the BlackBerry Dynamics SDK from the drop-down list
  3. Next, click to open Appdome Mobility Suite and enable for EMM Authenticated Tunnel if you’ve set up your app to use Kerberos1
  4. Click on Build My App

The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add EMM Authenticated Tunneling to the mobile app in seconds. For example, the technology of Authenticating Tunnel Connections, work that ordinarily, a developer would need to do.

Congratulations! When Appdome has completed your implementation (usually about 30 seconds), you’ll see the notice below. You now have a mobile app, fully integrated with Appdome’s EMM Authenticated Tunnel.

Success Msg

After Adding EMM Authenticated Tunnel to a Mobile App on Appdome

After you have added EMM Authenticated Tunnel to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.

For more information on Kerberos authentication please view this resource.

Add Context™ to the Appdome-Built App

Appdome is a full-featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.

If you’d like to add private server certificates, CAs, and/or server public certificate files you can add these here under Private Server Certificates and Authorities in App Set-Up.

Sign the BlackBerry Dynamics enabled Appdome-Built App (Required)

In order to deploy an Appdome-built app, it must be signed. Signing iOS apps and signing Android apps are easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.

Deploy the Appdome-Built App to a Mobile Device

Once you have signed your Appdome-built app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-built apps, please read this knowledge base.

That is it – Enjoy Appdome for BlackBerry Dynamics in your app!

How Do I Learn More?

If you have any questions, please send them our way at or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.


Want a Demo?

Enterprise Authentication and Mobile SSO

TomWe're here to help
We'll get back to you in 24 hours to schedule your demo.