Authentication

App Service Authentication is off

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

By Enabling Authentication, every incoming HTTP request passes through it before being handled by the application code. It also handles authentication of users with the specified provider, validation, storing and refreshing of tokens, managing the authenticated sessions and injecting identity information into request headers.
  • Recommended Mitigation

    Under App Settings, select Authentication/Authorization, and set 'App Service Authentication' to On