Enabling the mobile application

The Looker mobile application lets users perform the following functions from a mobile device:

Admins can enable the Looker mobile app to let users sign in to their Looker instance on an Android or iOS device.

Enabling the app for your instance

When IP allowlists are enabled, users cannot connect to the instance from their service providers' IP addresses.

Access to the Looker mobile app is enabled for your instance by default. To disable or enable access to the mobile app for your instance:

  1. Open the Settings page in the General section of the Admin panel.
  2. In the Feature Configuration section of the General Settings page, choose Enabled or Disabled under Mobile Application Access.
  3. Select Update to apply your changes.

When the app is enabled for your instance, users can install the app and sign in to your instance on their mobile devices.

If you disable the Mobile Application Access setting for your instance, any existing mobile app sessions will be invalidated.

Assigning mobile app access to specific users

Admins can use the mobile_app_access permission to grant specific users and groups access to the Looker mobile app. To grant mobile app access to a specific user or group, follow these steps:

  1. Ensure that mobile app access is enabled for your Looker instance.
  2. Assign that user or group a role with a permission set that includes the mobile_app_access permission.

Users with the mobile_app_access permission can sign in to the Looker mobile app with email, a QR code, or biometrics. If a user does not have the mobile_app_access permission, Looker displays an error upon trying to sign in to the app.

See the Roles documentation page for information about assigning roles to users or groups.

Forcing users to authenticate each time they log in to the mobile app

Admins can require users to sign back in to Looker every time they open the mobile app by enabling the Force mobile authentication setting in the General Settings section of the Admin panel. Enabling this feature also lets users configure biometric sign-in. To enable this feature, follow these steps:

  1. Navigate to the Settings page in the General section of the Admin panel.
  2. Under Force mobile authentication, select Enabled.

When Force mobile authentication is enabled, users will be required to sign in to Looker every time they open the app on their mobile devices. Additionally, they will be logged out of the mobile app after 30 minutes of inactivity.

Users will also have the option to configure biometric verification. If users enable biometric verification, they will need to verify their identity using biometrics for each subsequent session, which will allow them to bypass other authentication methods such as email/password authentication or single sign on authentication.

Considerations for customer-hosted instances

Admins of customer-hosted instances should consider the following requirements when enabling the mobile app for their instance:

  • The web server and API endpoints must be publicly accessible or otherwise reachable by the mobile app.
    • To test connectivity, try accessing the URL of your Looker instance from a web browser on your mobile device.
  • The API Host URL must have the same hostname as the instance URL and serve traffic on either port 443 or port 19999. The URL should follow this form: https://<instance_name>.looker.com:<port>

For additional information, see the Looker API troubleshooting documentation page.