Today I want to walk through how to configure Azure App Service Authentication when your App Service sits behind Azure Front Door and is accessed through a Private Link. On a dreadful day in october 2025, I received something that most IT people fear - a request from a client! The request included information from the client, that they were struggling with authentication on a Web App deployed behind Azure Front Door using Private Link. What looked like a straightforward setup

In Part 1 of this mini-series, we explored the what, why, and how of Microsoft Entra Authentication Contexts, laying the foundation for what they are and how they work. In this second part, we’ll build on that foundation with real-world examples of how Authentication Contexts can secure user access and critical actions. Along the way, we’ll walk through configurations, share recommendations, and look at the Conditional Access policies that tie it all together. So, let’s dive

In my last post I covered how to monitor the GOD Mode in Azure (Coined by the great John Savill ). While visibility and monitoring are great capabilities, there’s a big issue: the permanent  nature of the access. - Let's fix that! The way Elevated Access currently works, there’s no built-in way to manage, or restrict it—not through PIM for time- and approval-based access, not with access reviews, and not with entitlement management either. Once access is enabled for a user,