How to properly restrict access to an azur eweb application?

I have an application built with Azure web app service + Azure B2C for handling account registration and authentication. I want to restrict the access to the application only to a select number of users from a list of emails. The mentioned list will also evolve throughout time

Right now, I have achieved this by listing those emails in the key:value store of the azure App Configuration resource and writing a decorator to verify if the email address passed in the auth token matches any in the store. It seems weird and I am wondering if there is a proper way to do this. Ideally, I'd like to only allow owners of specific email addresses to create an account and authenticate through B2C.

Thank you

Azure AD B2C allows you to implement custom policies to restrict access based on user attributes, such as an email address.

How It Works:

1. Custom Policy: Modify the B2C user journey to include a validation step that checks if the user's email matches an approved list.
2. Dynamic List: Store the list of approved emails in a centralized place like Azure Table Storage, Azure Cosmos DB, or an external API.
3. Validation Step: During authentication or account creation, Azure B2C calls a REST API endpoint to validate the email.