"I'm attempting to implement user authentication using Cloud Scale's Authentication option. However, it permits anyone to access the client's HTML files from any browser.
How can I enforce mandatory login to ensure that accessing the web client I've hosted in Catalyst requires authentication?
Ideally, I aim to restrict authentication to Zoho accounts only (specifically Zoho Workplace, with all its authentication conditions), and disable the ability to create new accounts."
Does this version work for you?
To allow only logged-in users to access your Catalyst application, you can add the following Web SDK method in your Javascript code and if the user has not logged in, you can redirect them to your login page.
window.catalyst.auth.isUserAuthenticated().then((result) =>{
//Your app logic
}).catch(error=>{
//redirect to the login page
})
To only allow Zoho Users to access your application, you can add the Zoho Sign-In Provider from the embedded authentication feature and add the Social Login-only form from the Catalyst console so that the login iframe provides only the Zoho Sign-In option for logging in to your application. You can refer to the Zoho Catalyst documentation here.
You can try this Embedded Authentication tutorial where they have used the Zoho Sign-In Provider and the above SDK method to only allow logged-in users to access the User profile.