| title | description | services | author | ms.service | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|
Enable password protection for Azure Static Web Apps |
Prevent unauthorized access to your static web app with a password. |
static-web-apps |
craigshoemaker |
static-web-apps |
how-to |
03/13/2022 |
cshoe |
You can use a password to protect your app's pre-production environments or all environments. Scenarios when password protection is useful include:
- Limiting access to your static web app to people who have the password
- Protecting your static web app's staging environments
Password protection is a lightweight feature that offers a limited level of security. To secure your app using an identity provider, use the integrated Static Web Apps authentication. You can also restrict access to your app using IP restrictions or a private endpoint.
An existing static web app in the Standard plan.
-
Open your static web app in the Azure portal.
-
Under Settings menu, select Configuration.
-
Select the General settings tab.
-
In the Password protection section, select Protect staging environments only to protect only your app's pre-production environments or select Protect both production and staging environments to protect all environments.
:::image type="content" source="media/password-protection/portal-enable.png" alt-text="Screenshot of enabling password protection":::
-
Enter a password in Visitor password. Passwords must be at least eight characters long and contain a capital letter, a lowercase letter, a number, and a symbol.
-
Enter the same password in Confirm visitor password.
-
Select the Save button.
When visitors first navigate to a protected environment, they're prompted to enter the password before they can view the site.
:::image type="content" source="media/password-protection/password-prompt.png" alt-text="Password prompt":::
[!div class="nextstepaction"] Authentication and authorization