Skip to main content
Mobile access restrictions redact sensitive information in the incident.io mobile app when users sign in from personal devices. Responders can still acknowledge pages and manage escalations, but won’t see full incident details until they’re on a managed device.
This feature is available for our enterpise customers, reach out to your account team to get it enabled.

How it works

Mobile access restrictions use a secondary SAML provider dedicated to mobile app authentication. This lets you enforce different access policies for managed and unmanaged devices:
  • Primary SAML provider: locked down to managed devices only via your IdP’s conditional access policies, giving full access to the incident.io dashboard
  • Secondary SAML provider: used by the mobile app, allowing authentication from personal devices with redacted data
When a user signs into the mobile app through the secondary provider, sensitive information is automatically redacted. Core context like alert titles, incident names, and team names remain visible so responders can identify and act on pages, but detailed information like incident summaries, custom fields, timeline activity, and follow-ups is hidden.

Setting up mobile access restrictions

To enable mobile access restrictions:
  1. Make sure SAML SSO is configured and working for your organization
  2. Contact incident.io to enable the feature — we’ll work with you to set up the secondary SAML provider
  3. Configure your IdP’s conditional access policies so the primary SAML provider only permits managed devices
  4. Navigate to Settings → Security to review the mobile access configuration