@Brendan We plan to use PlayFab's OpenID to connect with Microsoft's Active Directory and have users confirm email login and verification before they can access any other services in the APP.
For security reasons we want to block users who have not verified their PlayFab account from accessing custom cloud scripts (Azure functions). Is there a way to block client users who have logged in using CustomID (a potential BOT or hacker) and have NOT verified via email from accessing custom cloud scripts?