Nick Hughes, Apologies for the delayed response.
Based on my understanding of your issue description, the docker builds successful, but the error message you received indicates that there might be an issue with the authentication.
Just to clarify, is this issue confined to this specific WebApp? does it occur locally? If you haven't done this already, to isolate the issue:
You may navigate, could you please go to your App Service >> Networking> Access Restrictions blade and allow the rule under the scm site.
Set up Azure App Service access restrictions
Verify that the virtual network is set up properly to permit traffic from the WebApp. Also, please ensure that the subnet of the virtual network has a service endpoint for Azure Container Registry (ACR), and check that the web app's subnet is configured to allow traffic from the virtual network.
Please check if the IP address of the web app is allowed to access the virtual network. You can do this by verifying that the virtual network's network security group (NSG) allows traffic from the web app's IP address.
Kindly let us know how it goes, I'll follow-up with you further.