diff --git a/budget-app/src/middleware.ts b/budget-app/src/middleware.ts
index 2f8fff3..4ba98a6 100644
--- a/budget-app/src/middleware.ts
+++ b/budget-app/src/middleware.ts
@@ -38,6 +38,12 @@ export function middleware(request: NextRequest) {
 // See "Matching Paths" below to learn more
 export const config = {
   matcher: [
+    /*
+    https://github.com/Azure/static-web-apps/issues/1427
+   * Match all request paths except for the ones starting with:
+   * - .swa (Azure static web apps)
+   */
+    '/((?!.swa).*)',
     "/((?!public|_next|api/auth|api/auth/logout).*)", // match all paths not starting with 'public' or 'auth' or '_next' or 'api/auth'
   ],
 };
diff --git a/budget-app/staticwebapp.config.json b/budget-app/staticwebapp.config.json
new file mode 100644
index 0000000..a5f017b
--- /dev/null
+++ b/budget-app/staticwebapp.config.json
@@ -0,0 +1,16 @@
+{
+  "routes": [
+    {
+      "route": "/*",
+      "allowedRoles": [
+        "authenticated"
+      ]
+    }
+  ],
+  "responseOverrides": {
+    "401": {
+      "statusCode": 302,
+      "redirect": "/.auth/login/aad"
+    }
+  }
+}
\ No newline at end of file