Authentication between Azure Functions and Angular running on an App Service

Question

I have an Angular SPA hosted on an app service that has some basic features - view products, log in, purchase, etc. I am using azure functions on the backend to keep things quick and easy, but I'm seeing some issues with authentication.

1. using built in azure authentication, it doesn't seem like you can have a mix of authenticated APIs and unauthenticated HTTP trigger functions - so to use this feature would I have to create a second function app to house the unauthenticated APIs? Isn't there a simple attribute that can be added to the functions above the signature like in MVC?
2. It doesn't seem like I can use a managed identity with MSAL for Angular. I am planning on having users log in using Azure AD B2C so that they can log in with their private emails, social, etc - but if I do that then I will need to grant API access to those credentials, not something like a traditional service account. Is there a better way to do this?

Thanks,
Krystian

Answer 1

Apologies for the delayed response @krystian polak . According to this wiki for Microsoft.Identity.Web, you can configure your function app just like any regular web api requiring authentication. You should be able to configure your Azure Function to receive a bearer token passed from your React front end. If you run into any issues, please do comment down below.