<<Re-sharing the information here from comments for broader community usage>>
anonymous user In general the UPN is missing when the caller is not a user principal, but a service principal (could be a service to service call from another resource provider, a manually created service principal, or a Managed Identity).
Please review the reference document on claims in access tokens here : Microsoft identity platform access tokens - Microsoft identity platform | Microsoft Learn
Hope the information helps, please let us know if you have any further queries. Thanks