Using debug tokens
You can run an unsigned application on a BlackBerry 10 device by using a debug token. Debug tokens allow you to separate the process of application creation and publication. You can create and test an application using a debug token, then deliver the application to a supervisor or a client for signing and publication.
To create and upload a debug token you will require device code signing keys. To obtain BlackBerry device code signing keys, see the BlackBerry Keys Order Form. After your request is approved, you receive two CSJ registration files by email. The RDK file allows you to configure your keystore to sign applications and the PBDT file allows you to create debug tokens. Each file arrives in a separate email with information about the purpose of the file attached.
When you create a debug token, you specify the PIN for each tablet on which the token can be used. You can distribute the debug tokens that you create to developers who can install them on the specified tablets, or you can install the debug tokens yourself. You are limited to 100 device PINs across all of your debug tokens that are currently active. If you create debug tokens that address more than 100 PINs, you must wait for some of your debug tokens to expire before you create more.
Debug tokens are valid for 10 days. When a debug token expires, the BlackBerry 10 OS no longer allows unsigned applications to run.
When a developer is ready to install an unsigned application on a device, they must configure the bar-descriptor.xml file to use the same author and authorID values that are defined in the debug token.