diff --git a/internal/services/maps/maps_account_resource.go b/internal/services/maps/maps_account_resource.go
index 9afdfa527e25..71e32f648e52 100644
--- a/internal/services/maps/maps_account_resource.go
+++ b/internal/services/maps/maps_account_resource.go
@@ -18,6 +18,7 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
+	"github.com/hashicorp/terraform-provider-azurerm/utils"
 )
 
 func resourceMapsAccount() *pluginsdk.Resource {
@@ -78,6 +79,12 @@ func resourceMapsAccount() *pluginsdk.Resource {
 				Computed:  true,
 				Sensitive: true,
 			},
+
+			"local_authentication_enabled": {
+				Type:     pluginsdk.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
 		},
 	}
 }
@@ -110,6 +117,9 @@ func resourceMapsAccountCreateUpdate(d *pluginsdk.ResourceData, meta interface{}
 			Name: accounts.Name(d.Get("sku_name").(string)),
 		},
 		Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
+		Properties: &accounts.MapsAccountProperties{
+			DisableLocalAuth: utils.Bool(!d.Get("local_authentication_enabled").(bool)),
+		},
 	}
 
 	if _, err := client.CreateOrUpdate(ctx, id, parameters); err != nil {
@@ -166,6 +176,14 @@ func resourceMapsAccountRead(d *pluginsdk.ResourceData, meta interface{}) error
 		d.Set("secondary_access_key", model.SecondaryKey)
 	}
 
+	localAuthenticationEnabled := true
+	if props := resp.Model.Properties; props != nil {
+		if props.DisableLocalAuth != nil {
+			localAuthenticationEnabled = !*props.DisableLocalAuth
+		}
+	}
+	d.Set("local_authentication_enabled", localAuthenticationEnabled)
+
 	return nil
 }
 
diff --git a/internal/services/maps/maps_account_resource_test.go b/internal/services/maps/maps_account_resource_test.go
index 1ad50aed3efb..525efd3f5d13 100644
--- a/internal/services/maps/maps_account_resource_test.go
+++ b/internal/services/maps/maps_account_resource_test.go
@@ -100,6 +100,30 @@ func TestAccMapsAccount_tags(t *testing.T) {
 	})
 }
 
+func TestAccMapsAccount_disableLocalAuth(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_maps_account", "test")
+	r := MapsAccountResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.disableLocalAuth(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("local_authentication_enabled").HasValue("false"),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.enableLocalAuth(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("local_authentication_enabled").HasValue("true"),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func (MapsAccountResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
 	id, err := accounts.ParseAccountID(state.ID)
 	if err != nil {
@@ -174,3 +198,43 @@ resource "azurerm_maps_account" "test" {
 }
 `, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
 }
+
+func (MapsAccountResource) disableLocalAuth(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_maps_account" "test" {
+  name                         = "accMapsAccount-%d"
+  resource_group_name          = azurerm_resource_group.test.name
+  sku_name                     = "S0"
+  local_authentication_enabled = false
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
+
+func (MapsAccountResource) enableLocalAuth(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_maps_account" "test" {
+  name                         = "accMapsAccount-%d"
+  resource_group_name          = azurerm_resource_group.test.name
+  sku_name                     = "S0"
+  local_authentication_enabled = true
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
diff --git a/website/docs/r/maps_account.html.markdown b/website/docs/r/maps_account.html.markdown
index 43f32c0d8c22..1b41c3939e0f 100644
--- a/website/docs/r/maps_account.html.markdown
+++ b/website/docs/r/maps_account.html.markdown
@@ -19,9 +19,10 @@ resource "azurerm_resource_group" "example" {
 }
 
 resource "azurerm_maps_account" "example" {
-  name                = "example-maps-account"
-  resource_group_name = azurerm_resource_group.example.name
-  sku_name            = "S1"
+  name                         = "example-maps-account"
+  resource_group_name          = azurerm_resource_group.example.name
+  sku_name                     = "S1"
+  local_authentication_enabled = true
 
   tags = {
     environment = "Test"
@@ -39,6 +40,8 @@ The following arguments are supported:
 
 * `sku_name` - (Required) The SKU of the Azure Maps Account. Possible values are `S0`, `S1` and `G2`. Changing this forces a new resource to be created.
 
+* `local_authentication_enabled` - (Optional) Is local authentication enabled for this Azure Maps Account? When `false`, all authentication to the Azure Maps data-plane REST API is disabled, except Azure AD authentication. Defaults to `true`.
+
 * `tags` - (Optional) A mapping of tags to assign to the Azure Maps Account.
 
 ## Attributes Reference