#Making it so only specific emails are allowed to login.

I want to set a policy that only allows [email protected] and [email protected] to login and I want it to block everyone else. I cannot get this policy to work for the life of me.. I have this policy set on block

I'm using the One-time Pin btw

All you need is a single Allow action policy, with a single include selector of Emails: <emails>

if they don't match they won't be allowed anyway, and they need an Allow policy to go through