How to limit or control the outbound IP addresses used by Entra ID for authentication?
I am looking for a solution or some kind of work-around regarding the amount of IP-addresses that Entra ID uses for redundancy. I want to somehow control or limit which IP-addresses are used for the outbound traffic when the DNS (login.microsoftonline.com) OAuth2-JWKSURL endpoint resolves the IP address.
We have a system which has Geo-based DDoS protection and it only allows traffic from selected IP addresses, and opening it up for the 600k + dynamically changing IP addresses that Entra ID has is not an option.
Is there a way to control or limit the IP addresses to either specific ones or based on region? Using VNets, LAs or something?