Mobile user agents: phones, tablets, in-app
Mobile user agents carry platform descriptors like iPhone or Android and often a Mobile token, but tablets and in-app browsers complicate the picture. An in-app browser (inside a social or messaging app) usually adds its own token to the string. This page explains the patterns and their pitfalls.
Mobile vs desktop tokens
Mobile browsers signal their context through platform descriptors such as iPhone, iPad, or Android in the parenthesised section, and phones commonly include a Mobile token. Desktop strings lack these mobile cues.
Tablets are the messy middle: an Android tablet may omit the Mobile token, and an iPad can present a desktop-class string, so tablet detection from the UA alone is unreliable.
- Phones: platform descriptor (iPhone/Android) plus a Mobile token
- Tablets: may omit the Mobile token or look desktop-class
- Desktop: no mobile platform cues
In-app browser user agents
When a link opens inside another app's embedded browser (a webview in a social or messaging app), the user agent is typically the platform's webview plus an app-specific token identifying the host app. These tokens vary by app and version, so treat them as hints rather than fixed identifiers.
Because exact in-app tokens differ across apps and change over time, confirm specific tokens against the host app's own developer documentation rather than assuming a value.
How it appears in analytics and logs
A user agent with an iPhone or Android descriptor and a Mobile token is typically a phone. Tablets may omit the Mobile token or present desktop-class strings, and in-app browsers add an app-specific token.
Diagnostic use case
Distinguish phone, tablet, and in-app browser traffic from desktop, while accounting for tablets and in-app webviews that blur the line.
What WebmasterID can help detect
WebmasterID parses mobile user agents server-side into a coarse device/browser category, recognising common in-app webview tokens, and leaves ambiguous strings in an honest 'other' bucket.
Common mistakes
- Counting tablets as desktops because the Mobile token is absent.
- Assuming a fixed in-app token shape across different apps.
- Relying on the UA alone for precise device type instead of treating it as a hint.
Privacy and accuracy notes
Mobile user agents describe device class and software, not a person. Parsing them into a coarse device category is privacy-safe. WebmasterID does not store raw visitor user-agent strings.
Related pages
- Safari user agent on iOS and macOS
Safari's user agent is built around WebKit and a Version token, and differs between macOS and iOS. A notable quirk is that iPadOS can present a desktop-class Safari user agent, which can make an iPad look like a Mac in logs. This page covers the pattern and the platform-specific behaviour.
- Browser user agents: how to read them
A browser user-agent string packs several tokens into one line: a legacy Mozilla prefix, a rendering-engine signature, the platform, and the browser itself. This page explains each part so you can read a UA without over-reading it, because the contents are client-controlled and can be copied by any client.
- Bot vs human traffic
Separate real visits from automation across phones, tablets, and desktops.
Sources and verification notes
- MDN — User-Agent header
- MDN — Browser detection using the user agentMobile/tablet detection caveats; in-app tokens verify against host app docs.
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.