How Secure Is This Idea?

  1. Your page can be found
  2. A popup can just be hidden by the user, it’s not secure.

You need an option set called ‘User Role’. This should, depending on your app, just contain Standard and Admin.

Set your admin user’s User Role to Admin.

Configure privacy rules that allow the data to be seen Only when Current User’s User Role is Admin.

On the admin page, have a page load workflow with a condition that takes the user away when their User Role <> Admin.

Privacy rules stop the user’s data being exposed to people who shouldn’t have it. The page load workflow stops them being able to see the admin panel (though it is wise to make sure the admin panel UI is only visible when Current User’s User Role = Admin, as a user can often cancel the redirect)