1. Everbridge
  2. Release Notes
  3. Desktop Apps

EB360: Everbridge 360™ Mobile - Configuring Persistent Login for Shared Devices

Updated
Terry Branoff
Optimized Resolution Standard Resolution High Resolution

Topic

This article explains how to configure the Everbridge 360 mobile app for persistent login functionality on shared devices. It covers the token-based authentication model that enables multiple users to access the app without repeated authentication, step-by-step configuration instructions, multi-factor authentication considerations, and security best practices for shared device deployment.

Description

How Token-Based Authentication Works

The Everbridge 360 mobile app uses a token-based authentication model that maintains persistent sessions on shared devices. When a user logs in for the first time—either with direct credentials or via single sign-on (SSO) such as Entra / Azure Active Directory—the app establishes a direct token relationship between the contact record in your organization's system and the app installation on the device.

This authentication token is stored locally on the device and is designed to be persistent. After the initial successful login:

  • The app does not require the user to authenticate again for subsequent access, even if the device cannot reach the identity provider (for example, Entra / Azure AD).

  • Contacts can continue to use the app and receive notifications via the mobile path without re-authenticating, as long as the token remains valid on that installation.

The token remains valid until one of the following occurs:

  • The app is uninstalled from the device

  • The associated contact record is deactivated in your organization's system

  • The local token cannot be persisted by the environment (for example, some virtual desktop or kiosk environments that regularly reset or discard local app data)

If users are unexpectedly prompted for the organization code or to log in again earlier than anticipated, review how the device or environment manages local storage (for example, virtual machines, non-persistent profiles, or aggressive clean-up tools) and make sure the latest Everbridge 360 app version is installed. If the behavior is inconsistent across users or devices, capture details (accounts, devices, and exact steps) and contact Everbridge Support so product and support teams can review authentication logs and token handling.

Configuring Shared Device Deployment

Follow these steps to set up the Everbridge 360 mobile app on a shared device:

Step 1: Create a Shared Device Contact Record

Choose one of the following methods to create a contact record for the shared device:

  • Direct credentials: Create a dedicated username and password specifically for the shared device contact record

  • Single sign-on (SSO): Register the contact through your organization's identity provider instead of creating direct credentials

Best practice: Use a dedicated shared service account rather than an individual user's credentials. This approach avoids confusion about which person's credentials are stored on the device and simplifies account management.

Step 2: Install and Perform Initial Login

  1. Install the Everbridge 360 mobile app on the shared device

  2. Open the app and perform the initial login using either:

    • The dedicated username and password you created, or

    • SSO authentication through your identity provider

  3. Complete the authentication process

Note: This one-time setup is typically performed by an administrator or designated team member.

Step 3: Verify Persistent Access

After the initial login is complete, the app automatically maintains the session token. All subsequent users of the shared device can now access the app features seamlessly without additional login prompts.

Multi-Factor Authentication Considerations

When deploying shared devices in environments that require multi-factor authentication (MFA), keep the following in mind:

  • The Member portal registration method does not currently support MFA

  • If your organization requires MFA for security compliance, register the shared device contact through SSO

  • When using SSO, MFA enforcement is handled at the identity provider level during the initial setup

  • Once the initial MFA-protected login is complete and the token is stored on the device, the app maintains persistent access without prompting for MFA again

  • This approach maintains security requirements while still enabling the persistent login experience on the shared device

Security Best Practices

To ensure secure deployment of shared devices with persistent login:

  • Create unique shared service accounts for each shared device rather than reusing the same credentials across multiple devices

  • Document which contact record is associated with each physical device for tracking and management purposes

  • Implement SSO with MFA when security policies require additional authentication layers

  • Deactivate contact records immediately when a shared device is decommissioned or lost

  • Regularly review and audit shared device contact records to ensure they remain appropriate and necessary

Related Information

For additional guidance on managing Everbridge 360 mobile app deployments, consider reviewing the following topics:

  • Configuring SSO for Everbridge contacts

  • Managing contact records and authentication methods

  • Deactivating and removing contact records

  • Mobile app security and compliance best practices

Was this article helpful?
0 out of 0 found this helpful