@Josh Hodgson
Please try enabling 'Host Name Override' and set 'Pick Host Name from backend target' in the App Gateway HTTP Setting.
By default, Application Gateway does not change the incoming HTTP host header from the client and sends the header unaltered to the backend. Multi-tenant services like App service or API management rely on a specific host header or SNI extension to resolve to the correct endpoint. Change these settings to overwrite the incoming HTTP host header.
Please let me know the status code you see in the backend health post this change.