I'm trying to have a web page accessible only from inside an android app. I can make the app to provide a custom user agent. For example

Mozilla/5.0 (MyAPP) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/ Mobile Safari/537.36
I need to edit the .htaccess file to deny all visitors, except the one with the "MyAPP" string in its user agent.

I've tried using this:

RewriteCond %{HTTP_USER_AGENT} ^.*MyAPP*$ 
RewriteRule .* - [L] 
RewriteRule .* http://mydomain.com/error.html [R,L]
but i get all traffic sent to error.html, including the one from my app.

What am I missing here?