question

rahgarg avatar image
0 Votes"
rahgarg asked ·

Secure backend Appservice


I have an application that consists of a "front-end" website, and a back-end web API. Iwant the end users of my application to be able to access the front-end website, but ionly want the front end to be accessible to the end users. The back-end should be locked down so it is only callable from the front-end.

Please suggest some better solution, I have tried multiple things but did not get any proper solution.

azure-webapps
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Then you asked an invalid question. The so called "front-end" is just HTML+JavaScript, so everything is visible to your end users, and they can feel free to call your back-end in the same way. There is no way to prevent your end users from doing so (things like headless Chrome are even more convenient for them). Don't waste your time on such, but harden your back-end with proper authentication/authorization.

1 Vote 1 · ·

1 Answer

bpelikan avatar image
2 Votes"
bpelikan answered ·
· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I tried service endpoints, after that my web app is not able to connect with API app, getting 403 IP forbidden error.

0 Votes 0 · ·