Azure AppService>Networking>Access Restrictions & handling 308 redirects from API Management

mj422-0000 1 Reputation point
2021-02-28T15:41:24.907+00:00

Just wanted to see if there were any Azure App Service or APIM experts that could help me get past something that is puzzling me when it comes to restricting access to my app service endpoint to the IP address of my Azure API Management service.

I can successfully set the APIM's ip address in an "allow" rule, in the Access Restrictions section of the networking tab, in the app service I am targeting. What happens though, is that the APIM redirects my browser to hit the app service endpoint with its own IP address, which of course I just set to be restricted only to allow access from the APIM IP address. A 308 Moved Permanently http code is delivered to my browser and my browser is sent to the app service page.

I am met with a 403 restricted error, because it is indeed my IP address that is accessing the app service. I am expecting to be redirected to my desired app service, and to be allowed access because it was passed from the "allowed" IP address of my APIM. Do I need to adjust this somehow with an APIM policy, or some kind of networking policy inside the targeted app service? When I attempt to hit the app from the APIM endpoint, my redirect causes web app to restrict MY ip address

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,877 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,209 questions
{count} votes