Share via

Setting up a shared device

Jordan Dantone 20 Reputation points
2026-03-09T20:08:06.51+00:00

Hello,

Could I please get some confirmation/clarity on how to properly assign/set up a shared device for a common area?

For example, in a kitchen, warehouse, or lobby?

Please give me a step by step. Thank you.

Microsoft Teams | Microsoft Teams for business | Other
0 comments
Answer accepted by question author
  1. Q&A Assist
    2026-03-09T20:08:32.0266667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Below is a step‑by‑step outline for setting up a shared/common‑area device for Microsoft Teams in locations like a kitchen, warehouse, or lobby. The steps focus on Teams phones and Android common‑area devices, which are the supported shared device scenarios.

    1. Plan the shared device scenario
    • Decide what the device will be used for:
      • Lobby or reception phone for making/receiving calls.
      • Warehouse/kitchen phone for quick internal or external calls.
    • Ensure the hardware is supported:
      • For desk/handset phones: use a certified Teams Phone device.
      • For Android mobile devices used as common area phones: use a supported Android phone.
    1. Purchase the correct license
    • For a shared Teams phone or common‑area device, use a Microsoft Teams Shared Devices license.
    • In the Microsoft 365 admin center:
      1. Go to Billing > Purchase services.
      2. If needed, go to Purchase from Microsoft > View products and select Collaboration and communication.
      3. Find Microsoft Teams Shared Devices and select Details.
      4. Enter the number of licenses required and select Buy.
    1. Create an identity for the shared device There are two main patterns, depending on device type.

    A. Teams common area phone (desk/handset phone)

    • Create a resource account and assign a Teams Shared Devices license.
    • In the Microsoft 365 admin center:
      1. Go to Users > Active users > Add a user.
      2. Use a descriptive name, for example:
        • First name: Main
        • Last name: Reception
        • Display name: Main Reception.
      3. Set a username such as MainReception or MainLobby.
      4. Manually set the password:
        • Clear Automatically create a password.
        • Clear Require this user to change their password when they first sign in.
        • Use a strong password and store it securely for IT use.
      5. Set the Usage location to the device’s country/region.
      6. Assign the Teams Shared Devices license to this account.
        • Add Calling Plan licenses if PSTN calling via Microsoft Calling Plans is required.
        • If using Operator Connect or Direct Routing, a Calling Plan is not required.

    B. Android mobile phone as a common area phone

    • Create a standard user account for the device and assign a Teams Shared Devices license.
    • In the Microsoft 365 admin center:
      1. Go to Users > Active users > Add a user.
      2. Use a descriptive name, for example:
        • First name: Main
        • Last name: Reception.
        • Display name: Main Reception.
      3. Set a username such as BakeryPhone or DutyManager.
      4. Manually set the password:
        • Clear Automatically create a password and require this user to change their password when they first sign in.
      5. Set the Usage location.
      6. Assign the Teams Shared Devices license and any required Calling Plan licenses.
    1. Prepare and configure the physical device

    A. Teams desk/handset phone (common area phone)

    1. Connect the phone to power and network (Ethernet or Wi‑Fi as supported).
    2. On first boot, select Microsoft Teams as the sign‑in mode if prompted.
    3. Sign in on the phone using the shared device account created above (for example, MainReception@...).
    4. Complete any on‑screen setup steps until the phone shows the Teams interface.
    5. Optionally configure:
      • Speed dials and favorites for common contacts.
      • Sign‑in restrictions and device lock behavior via Teams admin policies (not detailed in the provided context, but typically done in the Teams admin center).

    B. Android mobile phone as a common area phone

    1. Factory‑reset or dedicate the Android device so it is not tied to a personal user.
    2. Sign in to the device with a generic local profile if needed.
    3. Install the Teams app from the app store.
    4. Sign in to Teams using the shared device account (for example, BakeryPhone@...).
    5. Verify that calling and any required features work as expected.
    6. (Optional) Use shared device mode for mobile devices For Android and iOS/iPadOS, shared device mode can be used to make the device multi‑user and sign‑in/out friendly.

    A. Android shared device mode (manual setup)

    1. Ensure the device is managed by an MDM such as Intune if using managed setup.
    2. Install the latest Microsoft Authenticator app.
    3. Using a cloud device administrator account on the device:
      1. Open Microsoft Authenticator.
      2. Go to Settings > under Work & School accounts, select Device Registration.
      3. Allow access to device contacts when prompted.
      4. Under Or register as a shared device, enter the organizational email and select Register as shared device.
      5. Complete sign‑in with administrator credentials.
    4. After registration, the device is in shared device mode. Any sign‑in/sign‑out in apps that support shared device mode (via MSAL and Authenticator) becomes global for the device.

    B. iOS/iPadOS shared device mode (via Intune)

    1. Ensure:
      • An Azure subscription is available.
      • The iOS/iPadOS device is on iOS 14+ and not already registered with Microsoft Entra ID (reset if necessary).
      • The latest Microsoft Authenticator app is installed.
      • The device is managed by an MDM such as Intune.
    2. Use Intune zero‑touch provisioning:
      • Enroll the device into Intune.
      • Deploy the Authenticator app with shared device mode enabled using Intune.
    3. Once enrolled:
      • Launch Microsoft Authenticator, which will initiate and complete shared device registration.
      • Alternatively, open any shared device mode–enabled app, which will launch Authenticator and complete registration.
    4. Manage and monitor shared devices
    • For Teams phones and common area devices:
      • Use the Teams admin center (not detailed in the context) to monitor device health, sign‑in status, and apply device policies.
    • For Android/iOS shared devices:
      • Shared devices appear in the tenant with a Join Type indicating shared device registration.
      • Use Intune or the MDM solution to manage compliance, app deployment, and configuration.
    1. Provide basic usage guidance to users
    • For common area phones:
      • Explain that the phone is tied to a shared account and should not be used for personal sign‑ins.
    • For shared mobile devices:
      • Explain how sign‑in and sign‑out work and that signing out clears access across all shared‑mode‑aware apps.

    References:

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ian-Ng 10,515 Reputation points Microsoft External Staff Moderator
    2026-03-09T22:26:00.1266667+00:00

    Hi @Jordan Dantone,    

    Welcome to the Microsoft Q&A forum. 

    I’m glad to see the previous solution provided by AI was helpful. Regarding your further inquiry, I understand you are looking for a way to set up shared devices such as those in a kitchen, warehouse, or lobby using an identity similar to a Resource Account to avoid the security risks and maintenance burden of expiring passwords across hundreds of sites. 

    After reviewing your inquiry, while Resource Accounts are excellent for virtual routing like Auto Attendants or Call Queues, they are unfortunately not compatible with physical hardware. This is because physical devices require an active "sign-in" to register with Microsoft Entra ID (Azure AD), a capability that is intentionally disabled for Resource Accounts to keep them "headless." 

    For a large-scale deployment involving hundreds of locations, the most efficient approach is to use standard identities assigned a Microsoft Teams Shared Devices license, optimized through the following administrative configurations, for more details, kindly refer to Microsoft Teams Shared Devices licensing - Microsoft Teams | Microsoft Learn

    • Password persistence: Your IT team can use PowerShell to set these specific accounts to Password Never Expires, which removes the need for the tiresome manual resets you mentioned. 
    • Security automation: Through Conditional Access, these accounts can be secured by restricting logins strictly to your corporate network IP ranges, allowing you to bypass MFA hurdles in shared areas while maintaining high security. 
    • Remote provisioning: The Teams Admin Center allows your team to sign in devices across all locations from a central dashboard using a verification code, so you never have to share or manually type passwords at the physical sites. 

     Important considerations 

    • Licenses: Ensure you have purchased the Teams Shared Devices license for each hardware unit. 
    • Policies: Configure appropriate IP phone or mobile policies to control the specific features available on these common area devices. 
    • Sign-In: Use the device login URL (microsoft.com/devicelogin) for an easy, code-based sign-in process. 

    By following these steps, you can successfully set up a common area phone in Microsoft Teams. This setup ensures that anyone can use the phone without needing to log in individually, while keeping the management centralized and secure. 

    Given that your environment involves hundreds of sites, I recommend contacting Microsoft support to ensure your infrastructure is correctly optimized for this rollout. They can provide a specific blueprint for your tenant and assist with the batch configuration of these accounts to ensure they remain correctly. 

    To get started, please open a support ticket within your tenant: 

    1. Navigate to the Microsoft 365 Admin Center. 
    2. In the bottom right corner, select Help & support. 
    3. Enter a summary such as "Scaling Teams Shared Devices: Requesting configuration for hundreds of sites to bypass password expiry." 
    4. Follow the prompts to open a service request to speak with a live agent. 

    This will ensure you receive specialized guidance for managing a high volume of devices efficiently and securely. 

    References you may refer to:

    I appreciate your understanding, and should you have any further questions, please feel free to reach out.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.