[WSO2][Asgardeo]This script ensures that only users authenticated via federation can access the application, providing an additional layer of security against unauthorized access attempts via username and password.

gistfile1.js

// Adaptive script to allow access only via federation and block access via login and password
// Error page to redirect unauthorized users,
// can be either an absolute URL or relative URL to server root, or empty/null
// null/empty value will redirect to the default error page
var errorPage = '';

// Additional query parameters to be added to the above URL.
// Hint: Use i18n keys for error messages
var errorPageParameters = {
    'status': 'Unauthorized',
    'statusMsg': 'Access only allowed via federation. Login with username and password is not permitted.'
};

var onLoginRequest = function(context) {
    executeStep(1, {
        onSuccess: function(context) {
            var authenticationStep = context.steps[1];

            // Check if the user authenticated via federation
            if (authenticationStep.idp != 'LOCAL') {
                // Allow access if authenticated via federation
                // executeStep(2);
            } else {
                // Block access and redirect to an error page if authenticated via login/password
                sendError(errorPage, errorPageParameters);
            }
        }
    });
};