Problem statement
There is a plan to upgrade our dashboard and users should not login to the system while the upgrade is taking place. Is it possible to permit new signups during this period but block new logins?
Solution
It is possible to define an Action to enforce a temporary access policy, similar to the examples that can be found in the documentation. For this purpose, use the ‘api.access.deny(reason)’ property to create a post-login Action that matches the requirements of the specific use-case.
api.access.deny(reason)
Mark the current login attempt as denied. This will prevent the end-user from completing the login flow. This will NOT cancel other user-related side effects (such as metadata changes) requested by this Action. The login flow will immediately stop following the completion of this action and no further Actions will be executed.
Signups should not be affected while this Action is in place.