any answer to this question – how to restrict azure appservice to a domain

I posted the following question on stackoverflow and but never got any answer. hopefully, someone can help me out with this one.

I have a WCF service running on a azure app service. I want to restrict this WCF to a few azure website, external IPs and some other deployments. I am using IPSecurity tag for that in my WCF web.config

My issue is the IP restrictions work, but the azure website domains that i allow access to, dont seem to work.

for exmaple, i have an azure website with a custom domain, i am trying to give this domain access to wcf, but it doesnt seem to be working. below is my configuration.

<ipSecurity enableReverseDns="true" allowUnlisted="false">
        <add ipAddress="" allowed="true" /> 
        <add ipAddress="xx.xx.xx.xx" allowed="true" />  (IP of azure website i got after nslookup)  
        <add domainName="" allowed="true" />
        <add domainName="" allowed="true" /> (custom domain tied to my azure website)    

i was assuming that one of the last 3 settings here will whitelist my wcf client running to azure website to access WCF but so far nothing.

Will appreciate any help. Thanks.