Distinguish caller in remote EndPoint

I’ve written a Constrained Endpoint where the task to be performed is fixed, and launched from the StartupScript. No other user parameters.

The idea is running it with an empty scriptblock, as

Invoke-Command -ScriptBlock {} -Restofparams  
.
It works perfectly…
… but I’d like to add an extra check in the StartScript.ps1 to avoid allowed users calling instead

Enter-PsSession -InTheSameEndpoint

I’ve found many variables, methods and objects to check the caller identity ($PSSenderInfo, $ExecutionContext,$PSSessionOption, and some calls to Get-WSManInstance)… but how can I get the original way the cmdlet was run in the client ?

TIA,
jc

You can’t, because Remoting doesn’t differentiate. Enter-PSSession is kind of a “hack,” in that it implicitly runs New-PSSession, and then each time you hit Enter, it takes your local command line and implicitly runs it in an Invoke-Command against that session. It’s not like SSH or Telnet where you’re “interactively connected,” although it’s kind of faked-out to make you think you are.

Since you have a startup script expecting input variables, the best I could think of would be to validate those. If they’re empty, then you’ve clearly not connected appropriately.