How can i restrict access to an Azure app service?

Question

I have an Azure app service. Now i want to restrict access to all users except to a certain few users.

I have tried to give access via the Access Control (IAM), what do is i select ,"Add role assignment" and if i do I make the user a contributor. Meanwhile any other user can come in and just click on the default domain url and they can get in ?

Is there an easy way of doing this ?

Answer 1

To allow only specific users to access the App Service, we can use Microsoft Entra ID(Azure Active Directory) and authenticate the Users.

Check the MSDoc to Configure your App Service to use Microsoft Entra sign-in.

Also refer SO Threads 1 and 2 to configure Microsoft Identity Platform from Connected Services in Visual Studio

• Use Connected Services to configure for an existing app.

restrict access to all users except to a certain few users.

Navigate to the Microsoft Entra ID => App registrations => select your App => App roles => click on How do I assign App roles => Enterprise applications

• Enable the Assignment required option in Properties section and Save.

• Select Users and groups option => click on Add user/group

• Search and assign the Users whom you want to give access to the app and Assign.

Users without access permission will get the below error.

You don't have access to this Your sign-in was successful but you don't have permission to access this resource. 

Sorry, but we’re having trouble signing you in.

AADSTS50105: Your administrator has configured the application RestrictAccess ('****') to block users unless they are specifically granted ('assigned') access to the application. The signed in user '' is blocked because they are not a direct member of a group with access, nor had access directly assigned by an administrator. Please contact your administrator to assign access to this application.

User with access permission