I have azure function A which needs to call azure function B via an http request. Currently, this is secured by a function key on function B. This works well but I'd like to secure function B using "system assigned" managed identity instead.
What I've tried:
Enabled system assigned managed identity on function A
On function B, used the portal to add a role assignment of Contributor for a service principal with the name of function A
When function A calls function B, a 401 unauthorised error is returned. Have I missed a step? Do I need to wait 24 hours from adding the role assignment before I can be sure it will take effect? I had hoped to be able to make this work without adding code to function A to obtain and present the bearer token.