Sure, you can connect the web app via VNet integration to a private endpoint at the provider environment. By using VNet integration, you can securely access resources in your virtual network from your web app.
You can use private endpoint for your App Service apps to allow clients located in your private network to securely access the app over Azure Private Link. The private endpoint uses an IP address from your Azure virtual network address space. Network traffic between a client on your private network and the app traverses over the virtual network and a Private Link on the Microsoft backbone network, eliminating exposure from the public Internet.
Using private endpoint for your app enables you to securely connect to your app from on-premises networks that connect to the virtual network using a VPN or ExpressRoute private peering.
How to connect privately to an app with the Azure portal
https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration
Let us know if further query or issue remains.