Overview
The following Action will help admins check whether a user is logging in with an enterprise connection.
Applies To
- Action
- Enterprise Connection
Solution
- Add action to the Login flow of a tenant.
exports.onExecutePostLogin = async (event, api) => {
// List of enterprise connection strategies
const enterpriseStrategies = [
'waad', // Windows Azure Active Directory
'ad', // Active Directory/LDAP
'auth0', // Auth0 database connections
'google-apps',
'google-oauth2',
'office365',
'okta',
'pingfederate',
'samlp',
'sharepoint',
'daccount',
'exact',
'oidc',
'ip'
];
// Check if the connection strategy is an enterprise type
if (enterpriseStrategies.includes(event.connection.strategy)) {
// Perform actions for enterprise connection logins
console.log(`User ${event.user.email} logged in using an enterprise connection: ${event.connection.name}`);
// Example: Add a custom claim or tag to the user
api.idToken.setCustomClaim('https://myapp.example.com/is_enterprise';, true);
api.accessToken.setCustomClaim('https://myapp.example.com/is_enterprise';, true);
} else {
console.log(`User ${event.user.email} logged in using a non-enterprise connection: ${event.connection.name}`);
}
};
- Using the extension Real-Time Webtask Logs, identify what kind of enterprise connection a user is using to log in.