SNAT Port Exhaustion

Best guidance is here: https://docs.microsoft.com/en-us/azure/app-service/troubleshoot-intermittent-outbound-connection-errors . Beyond that, a somewhat more involved approach would be to switch the back-end connection to go over a vnet connection to the downstream endpoint. https://azure.github.io/AppService/2021/04/22/Site-with-secure-backend-communication.html shows one general approach, and the idea would be to have downstream app services setup with private endpoints so the app service to app service communication goes over a vnet. Another somewhat less invasive approach would be to instead use Azure's NAT Gateway and route all outbound traffic from an app through a vnet and through the NAT gateway. That will get you a dedicated outbound IP address and a dedicated IP port space for outbound calls.