Hi !
I´m trying to create users with restricted log in.
I create 2 apps, like admin app and normal app.
Admins can use both of them, but normal users just normal app.
I want to create one user. The user can only have permissions to log in to admin app and not to the rest.
How can I restrict the login to some users ?
I think I am understanding this correctly - If you want to deny access for a specific user, you might want to look into using using api.access.deny(reason) in a Post Login Action. Something like:
if ((event.client.name === "Application Name") && !userRoles.includes("admin"))
api.access.deny(`Access to ${event.client.name} is not allowed.`);
This does assume you have roles assigned to users. You can access those in the Action with event.authorization.roles. For reference: