My app is is for internal and external users. How do I set a security rule for both Single Sign On and a data source login?

My app will be used internally by staff and external users. Internal users will be logging on to the app with their Single Sign On account and external users will login using a Fliplet security component.

How can I set up a security rule for this? I will also have a “landing page” where the user can select the log on method (SSO or other method) so this will need to be whitelisted.

In order to do this you will need to create a custom security rule.

Once you have done that you will see this:

Inside you will need to add a rule similar to this. Please note that you will have to change the screen ID’s with the relevant screen ID’s from your app.

The rule assumes that you have one SSO login component and one Data Source login component. The landing page has link to both login pages hence they all need to be whitelisted. The onboarding page is where you have the onboarding slider component.

The security rule:

change all screen IDs below
var loginScreenSSO = 123456;
var loginScreenDS = 123456;
var onboardingScr = 123456;
var landingPage = 123456;

var isAllowed =
  (session && session.entries && session.entries.dataSource) ||
  (session && session.entries && session.entries.saml2) ||
  (page.id === onboardingScr ||
    page.id === loginScreenSSO || 
    page.id === loginScreenDS ||
    page.id === landingPage);

if (server && page.id !== landingPage && !isAllowed) {
  error = true;
  navigate = { action: 'screen', page: landingPage, transition: 'slide.left' };
}