Topic

This article explains how to configure the Everbridge 360 mobile app for persistent login functionality on shared devices. It covers the token-based authentication model that enables multiple users to access the app without repeated authentication, step-by-step configuration instructions, multi-factor authentication considerations, and security best practices for shared device deployment.

Description

How Token-Based Authentication Works

The Everbridge 360 mobile app uses a token-based authentication model that maintains persistent sessions on shared devices. When a user logs in for the first time, the app establishes a direct token relationship between the contact record in your organization's system and the app installation on the device. This authentication token persists on the device across multiple user sessions, enabling anyone who accesses the device to use the app and its features—including chat functionality—without entering credentials.

The token remains valid until one of the following occurs:

• The app is uninstalled from the device
• The associated contact record is deactivated in your organization's system

Configuring Shared Device Deployment

Follow these steps to set up the Everbridge 360 mobile app on a shared device:

Step 1: Create a Shared Device Contact Record

Choose one of the following methods to create a contact record for the shared device:

• Direct credentials: Create a dedicated username and password specifically for the shared device contact record
• Single sign-on (SSO): Register the contact through your organization's identity provider instead of creating direct credentials

Best practice: Use a dedicated shared service account rather than an individual user's credentials. This approach avoids confusion about which person's credentials are stored on the device and simplifies account management.

Step 2: Install and Perform Initial Login

1. Install the Everbridge 360 mobile app on the shared device
2. Open the app and perform the initial login using either:
   • The dedicated username and password you created, or
   • SSO authentication through your identity provider
3. Complete the authentication process

Note: This one-time setup is typically performed by an administrator or designated team member.

Step 3: Verify Persistent Access

After the initial login is complete, the app automatically maintains the session token. All subsequent users of the shared device can now access the app features seamlessly without additional login prompts.

Multi-Factor Authentication Considerations

When deploying shared devices in environments that require multi-factor authentication (MFA), keep the following in mind:

• The Member portal registration method does not currently support MFA
• If your organization requires MFA for security compliance, register the shared device contact through SSO
• When using SSO, MFA enforcement is handled at the identity provider level during the initial setup
• This approach maintains security requirements while still enabling the persistent login experience on the shared device

Security Best Practices

To ensure secure deployment of shared devices with persistent login:

• Create unique shared service accounts for each shared device rather than reusing the same credentials across multiple devices
• Document which contact record is associated with each physical device for tracking and management purposes
• Implement SSO with MFA when security policies require additional authentication layers
• Deactivate contact records immediately when a shared device is decommissioned or lost
• Regularly review and audit shared device contact records to ensure they remain appropriate and necessary

Related Information

For additional guidance on managing Everbridge 360 mobile app deployments, consider reviewing the following topics:

• Configuring SSO for Everbridge contacts
• Managing contact records and authentication methods
• Deactivating and removing contact records
• Mobile app security and compliance best practices