We used to configure allowed IP addresses for a Static Web App (SWA) using SWA's application configuration's allowedIpRanges. Then the SWA was configured behind a private endpoint and Application Gateway, so allowedIpRanges configuration was removed. In QA environment we can use Web Applic...
Limit access to visitors who are logged in or allowed by IP addresses. Includes many options for handling blocked visitors. - 10up/restricted-site-access