Share via

Advice needed to hide backend from public

My2ndLovE 40 Reputation points
2023-07-19T23:06:23.4066667+00:00

I have hosted a backend in Azure App Service, which includes a few APIs used within the backend application. One of these APIs is called by HTML pages hosted on a storage account. When the HTML pages call this API, it exposes the backend URL, which I want to hide from the public. Is it possible to wrap this specific API with a different IP or domain name, so that it becomes inaccessible to the public and is accessible only through a specific IP or domain name?

backenddomain.com/ << backend home
backenddomain.com/apis/adminApi1 << backend apis
backenddomain.com/apis/adminApi2 << backend apis
backenddomain.com/apis/adminApi3 << backend apis
backenddomain.com/apis/userApi1 << hide it become something like, someotherip.com/apis/userApi1

someotherip.com/ << not accessible by public
someotherip.com/apis/adminApi1 << not accessible by public

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
674 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,737 questions
Accepted answer
  1. Andriy Bilous 11,421 Reputation points MVP
    2023-07-20T06:46:34.37+00:00

    Hello @My2ndLovE

    Your problem could be solved by using a combination of Azure services like Azure API Management and Azure Front Door or Azure Application Gateway.

    Azure Static Web Apps’ backend integration works by reverse proxying calls made to /api to the linked Azure resource Web App or an API Management instance. When it proxies these calls, it also injects the HTTP headers necessary for authentication and authorization, such as the x-ms-client-principal.

     

    By doing this, the Azure Static Web Apps backend integration feature enables the aforementioned benefits of seamless routing and integrated security. By serving your API from the /api endpoint, no additional CORS configurations are needed for your backend. Additionally, by injecting the required headers, you can access your user credentials if you are using Azure Static Web Apps’ authentication and authorization.

    With Azure Front Door or Azure Application Gateway you can configure custom domains and provide routing

    Here are examples
    Integrating network isolated backends with Azure Static Web Apps

    Integrating network isolated backends with Azure Static Web Apps

    https://techcommunity.microsoft.com/t5/apps-on-azure-blog/integrating-network-isolated-backends-with-azure-static-web-apps/ba-p/3721136

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.