Configure password protection (preview)

You can use a password to protect your app's pre-production environments or all environments. Scenarios when password protection is useful include:

  • Limiting access to your static web app to people who have the password
  • Protecting your static web app's staging environments

Password protection is a lightweight feature that offers a limited level of security. To secure your app using an identity provider, use the integrated Static Web Apps authentication. You can also restrict access to your app using IP restrictions or a private endpoint.


An existing static web app in the Standard plan.

Enable password protection

  1. Open your static web app in the Azure portal.

  2. Under Settings menu, select Configuration.

  3. Select the General settings tab.

  4. In the Password protection section, select Protect staging environments only to protect only your app's pre-production environments or select Protect both production and staging environments to protect all environments.

    Screenshot of enabling password protection

  5. Enter a password in Visitor password. Passwords must be at least eight characters long and contain a capital letter, a lowercase letter, a number, and a symbol.

  6. Enter the same password in Confirm visitor password.

  7. Select Save.

When visitors first go to a protected environment, they're prompted to enter the password before they can view the site.

Password prompt

Next steps