Azure frontdoor exposing backend pool URL when authentication and authorisation is enabled

kalyan kalapala 1 Reputation point
2021-02-25T09:29:42.913+00:00

When more than 1 web app sits behind the front door however, I was seeing the page not rendering correctly, giving different versions of the page. Also when the authentication and authorisation is enabled, the frontdoor URL is exposing or redirecting to the backend pool (webapps) URL. Also when the authentication and authorisation is enabled, the frontdoor URL is exposing or redirecting to the backend pool (webapps) URL.

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
615 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. suvasara-MSFT 10,016 Reputation points
    2021-03-08T04:54:13.337+00:00

    @kalyan kalapala , Apologies for the delay in response. This is expected behavior on enabling A&A in AppService. Please do follow the below steps to overcome this issue,

    1.Setup Azure Front Door with a custom domain.
    2.In your Azure Front Door backend, make the “Backend host header” empty. This will propagate your custom domain as the HOST header, which is what Easy AUTH uses to redirect.
    3.Add https:///.auth/login/aad/callback to your list of Redirect URLs on your AAD app registration.

    Now, if a customer visits your custom domain, they will be redirected back to your custom domain.


    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    1 person found this answer helpful.

  2. Brown, Alex 1 Reputation point
    2022-02-23T21:27:20.99+00:00

    Just wanted to clear this up here, I was able to get an Azure Front Door instance pointing to two separate App Services (located in different regions). You do not need to configure anything special with the DNS. You do need to update authSettingsV2 which is what powers Microsoft's easy auth flow. You can find this file for your app using resources.azure.com and make the necessary edits.

    You will need to update your https settings and supported redirects, reference link attached that covers this. It would be great if Azure App Service/Front door integrated easier on this front and didn't require edits to the file. Hopefully that will come eventually.

    ref link: Secure-resilient-site-with-custom-domain.html