3

I have setup some B2C Custom policies that depend on an external web API (TOTP MFA and OIDC endpoints). This API is running as an app service in Azure and everything is working correctly.

Is there a way to configure the network access restrictions so that I can use the firewall to restrict calls that are not coming from Azure AD B2C based on IP address?

I would even except the ability to restrict IP addresses to only that of Azure resources. I don't want to expose this web API to the entire internet, but currently adding any IP restrictions to the app service prevents Azure B2C from being able to access the API.

ToDevAndBeyond
  • 1,120
  • 16
  • 24
  • 1
    If you want to restrict ip address to access your webapp , this doc will be helpful: https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#adding-and-editing-access-restriction-rules-in-the-portal ,however ,seems msft official has not released a Azure AD B2C IP list, the only thing I can find is Microsoft Azure Datacenter IP Ranges:https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653 – Stanley Gong Oct 24 '19 at 08:29
  • It's been a while and still there is no way to achieve this even today. Is it something on radar of product teams or any clue if how this can be addressed? – Bhushan Jul 09 '22 at 13:06

0 Answers0