Set up CDN to point to authenticated app service origin?

Question

I want to set up a site using both a CDN, an App Service, and Azure active directory authentication. I was able to set up an CDN endpoint and point it to my .Net Core App Service, that was straightforward (doc: https://learn.microsoft.com/en-us/azure/cdn/cdn-add-to-web-app). After adding authentication I am unable to use the site properly. When I hit the cdn endpoint I am redirected to the origin and get an 'error' page. I can't seem to find any guidance for how to implement rules that would allow me to use Azure AD Auth through via the CDN. Ideally the user would log into the app service via the CDN. I have seen some docs on token auth, but am unsure how I could use that in conjunction with Azure AD auth. I need caching and POP due to the large amount of static content my site has.

Reference:
(End User) -> (cdn endpoint) -> app service with auth checks.

I am not 100% sure using a CDN is the right approach because of my Active Directory requirement- would Azure Front door make more sense? It seems to be more of an ADN with caching functionality. Thanks!

Answer 1

@griffen There is a similar document for Application Gateway at the moment here- https://learn.microsoft.com/en-us/archive/blogs/waws/setting-up-application-gateway-with-an-app-service-that-uses-azure-active-directory-authentication

You could implement either AFD or CDN with the same approach. Hope this helps. Please let us know if you have any further questions. Thank you!

Remember:

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

Want a reminder to come back and check responses? Here is how to subscribe to a notification.

Answer 2

@griffen Hi Even I'm trying to achieve something like this. Did you find the solution?