I have a container application deployed to Azure which uses an Azure SQL backend. This application is a customer portal, whose userbase is not tech savvy and will have problems with things like MFA or providing an IP for whitelisting.

I simply want to give my userbase a username and a password, and they have no static logging in.

I am not sure how things need to work or the steps I need to do to get this application avaialble to my userbase without login static. Currently, unless the user is on a whitelisted IP, they get an error during login.
Do I need to open the database firewall?
Do I need to mess with the firewall settings on the container app?
As an aside, why is security the biggest hurdle in modern application development?

ChatGPT is useless here as I am pretty sure these security requirements are newer than its training. and Microsoft technical support is useless and their documentation terrible. Can anybody point me at a resource?