Secure azure App Service using AD framework 4.5

Question

i have a question about securing access to azure App Services, i have two App services, App service 1 and App service 2, my App service 1 is basically call my App service 2 , my App service 2 should be secured and allow access only from App Service 1 , i did used Ip Adress restrictions but my client said that its not enough so my question what can i use else to secure that access. the framework used here : 4.5. i did some search about Managed identities and Azure active directory but i dont know if i'm following the right path or not.

thanks for helping.

Answer 1

You could register two AD Apps in Azure AD, one for client-app, and one for backend-app. In Azure AD, grant permissions to allow the client-app to call the backend-app.

1. Register an application in Azure AD to represent the API

2. Register another application in Azure AD to represent a client application

3. Grant permissions in Azure AD

You can also refer to this doc - Scenario: Protected web API.