I would like to provide more details how to get this done... For instance, previously, I was asking you for any usage of PIPs addresses on your network design as well as any FQDN or DNS domain using an A record for this. The reason why I asked for those details is because you are referring that traffic is coming from internet but you can either do it like that or use a ER circuit or IPsec Tunnels from on-premises so, no need to use for PIPs addresses since the end-user is located on-promises.
But assuming that this is Internet based traffic and you want to get this app service to be exposure from internet you should need to do it like this:
I hope this last comment can help you to get this working as intended!!
Regards,
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.