Hello @gaur , Thank you for reaching out to us, and apologies for the delayed response here.
Passthrough client certificate is not supported by Azure Front Door and Application Gateway, as they both need to decrypt the traffic in order to apply the routing rules and rewrite rules set. Although end-to-end TLS is supported by both of them but for it as well the data is decrypted first and then encrypted again using the certificate uploaded at Azure FD/ App Gateway. For more information please go through the end-to-end TLS documentation for App Gateway and Azure Front Door.
Azure Application gateway does have a MTLS feature in preview (currently not recommended for prod scenarios) where you can use server variables to pass information about the client certificate to the backend servers behind the Application Gateway. Since your application gateway is integrated with APIM, I am not sure how viable this solution will be in your scenario as you will need to do some modifications in APIM to recognize the client certificate information. Currently, MTLS is not supported on Azure Front Door. Meanwhile please feel free to upvote this feature request for SSL passthrough for Azure Front Door.
Hope this helps. Please let me know if you have any additional questions. Thank you!