User AllowList

rule.md

function userWhitelist(user, context, callback) {

    // Skipping rule execution if clientId and connection does not match
    if (context.clientID !== '[Client ID]' && context.connection !== '[Connection Name]'){
        return callback(null,user,context);
    }

    // Access should only be granted to verified users.
    if (!user.email || !user.email_verified) {
      return callback(new UnauthorizedError('Access denied.'));
    }
  
    //authorized users list
    const whitelist = [ '[email protected]', '[email protected]' ]; 

    const  userHasAccess = whitelist.some((email)=> email === user.email);
     
    // Deny Access if does not exist in the list
    if (!userHasAccess) {
      return callback(new UnauthorizedError('Access denied.'));
    }
  
    callback(null, user, context);
  }