But it is animated (you don't need authorization to watch it). Is it possible to fasten authorization in front of it in any way?

Confluence has some kind of its own authorization, if I confuse correctly, i.e. you need to turn it on. But you were rightly noted above, if you don’t need problems - use a VPN, although it may be inconvenient for users, it will cure the admin’s mass of gimoroy.
Well, or as an intermediate and simple (but nevertheless effective) option - use authorization by SSL certificates.

The strongest thing is to let him through the VPN

Wow, someone else is using dead Atlassian products...
Confluence has awesome built-in authorization. Nasozdat internal users and start up by login-password. External authorization can be screwed only if it is allowed through some intermediate site - because Confluence works on the tomcat - it is its own server.
But the best way is of course to let through vpn

Via VPN
Attach authorization to the site...
Restrict in external IP

Yes, you can add different types of authorization (local\AD\AAD\Open ID), this option is available out of the box, including MFA\2FA.
You need to contact a specialist who deals with his support for you - he should know all this.