function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Arun JoseArun Jose 

How to restrict a user from logging in to the salesforce mobile application from multiple mobile devices

SwethaSwetha (Salesforce Developers) 
Hi Arun,
I've come across similar asks from the past that can help
https://salesforce.stackexchange.com/questions/224562/restrict-number-of-logging-in-devices-at-a-time

https://help.salesforce.com/s/articleView?id=sf.mobile_security_restrict_device.htm&type=5

Thanks
Arun Kumar 1141Arun Kumar 1141
Hello Arun,

To restrict a user from logging into the Salesforce mobile application from multiple mobile devices, you can implement a custom solution using Salesforce Platform features and code. Here's a general approach:
  • Create a Custom Field: Add a custom field on the User object to track the user's currently logged-in device or session information. This field can be a text or reference field.
  • Mobile Device Identification: Implement a mechanism to identify and store the unique identifier of the user's mobile device. This identifier could be the device's UUID (Universally Unique Identifier) or any other unique identifier specific to the device.
  • Login Trigger: Write a trigger or Apex code that executes when a user logs into Salesforce from the mobile application. This code should update the custom field on the User object with the unique identifier of the device used for login.
  • Validate Device on Login: Modify the login process to include a validation step where the system checks if the user's currently logged-in device matches the stored device identifier in the custom field. If the device identifier doesn't match, prevent the user from logging in and display an appropriate error message.
  • Handle Logout and Session Termination: Implement a mechanism to handle user logout and session termination. When a user logs out or their session expires, clear the device identifier from the custom field on the User object.
Additional Considerations:
- Consider the scenario where a user gets a new mobile device. Provide a way for users to update their device identifier in the custom field.
- Take into account potential edge cases such as users losing their device or multiple users sharing the same device. Plan for scenarios where the device identifier needs to be changed or cleared.

Remember to thoroughly test and validate your custom implementation to ensure it meets your security requirements and provides a smooth user experience. It's recommended to involve your Salesforce administrator or development team to implement and customize this solution based on your specific needs.

Please mark it as best answer, if the above answer helps you.
Thanks.