I'm creating a web app that uses a "headless" Drupal 8 backend and I want to leverage the Drupal user entity, but I don't want to allow users to log in to the Drupal site. There will be a frontend app that users can log into.
Is there a way to prevent users from logging into the Drupal admin area based on roles so that admins and content managers CAN log into Drupal, but other users cannot?
I can create a custom module if need be.
Thanks
As a user, if you are not connected yet you only have the "anonymous user" role. So you can't restrict access to your login page to specific roles (As everybody is anonymous before logging in).
I recommand that you disable the login block in your block layout configurations then you could use something like Rename Admin Paths (https://www.drupal.org/project/rename_admin_paths) so only you and your content managers know the login page url.