![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 12%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESY%3C/text%3E%3C/svg%3E)
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,213 questions
Hello @Steve Young ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you have an App service with Application gateway configured with your custom domain but on accessing the App via the Application gateway/Front Door, it is getting redirected to the App service URL and you would like to access it with your custom domain URL.
This URL redirection is a known issue with reverse proxy and multitenant PaaS services.
Multitenant PaaS services often require a registered and validated host name in order to route an incoming request to the appropriate tenant's back-end server. This is because there's typically a shared pool of load balancers that accept incoming requests for all tenants. The tenants commonly use the incoming host name to look up the correct back end for the customer tenant.
To make it easy to get started, these platforms typically provide a default domain that's preconfigured to route traffic to your deployed instance. For App Service, this default domain is azurewebsites.net. Each web app that you create gets its own subdomain, for example, contoso.azurewebsites.net.
Having a different host name at the reverse proxy (in your case, Application gateway/Front Door) than the one that's provided to the back-end application server can lead to cookies or redirect URLs that don't work properly. For example, session state can get lost, authentication can fail, or back-end URLs can inadvertently be exposed to end users. This is what is happening in your case.
The recommended solution for this issue is to preserve the original HTTP host name when you use a reverse proxy in front of a web application.
Back-end configuration or the changes required on your web app/App service:
Since you are using an App Service, you can attach a custom domain name to the web app and avoid using the default azurewebsites.net host name towards the back end.
https://learn.microsoft.com/en-us/azure/static-web-apps/custom-domain-external
https://learn.microsoft.com/en-us/azure/app-service/manage-custom-dns-migrate-domain
Reverse proxy configuration or changes required on your Azure Application gateway/Front Door:
- If you use Application Gateway as the reverse proxy, you can ensure that the original host name is preserved by disabling Override with new host name on the back-end HTTP setting. Doing so disables both Pick host name from back-end address and Override with specific domain name. (Both of these settings override the host name.)
- If you use Azure Front Door Classic, you can avoid overriding the host name by leaving the back-end host header blank in the back-end pool definition.
- If you use Azure Front Door Standard or Premium, you can preserve the host name by leaving the origin host header blank in the origin definition.
Once you make the above changes, your Azure Application gateway/Front Door custom domain URL will not redirect to the backend/origin (App service) host name URL anymore.
Refer the below docs for more details on this issue:
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.