Similar to Kubernetes Architectures that implement Authentication Proxy Layers for OAuth2.0, how can I implement Single-Sign-On with Azure B2C to protect all in-coming requests to Azure Application Gateway, that is protecting multiple backend Azure App Services that are routed with path prefixes (e.g. "/orders", "/warranty", etc.)
We would also like to get the current user's authentication information (e.g. Azure B2C Object ID, user attributes, etc.) in the downstream request to Azure App Service so we can implement Authorization in the App Service.
We tried to create Azure Application Gateway with tier "Web Application Firewall" and managed rule sets, but cannot find a single place to configure Single-Sign-On at the Application Gateway level.