How to Access APIM API from Azure Function with Managed Identity without OAuth authentication call

Dixan Lal Thomas 60 Reputation points
2024-07-02T11:56:11.2633333+00:00

I have created a function app to call an API from APIM and I have added security of Auth 2.0 in the API settings. Also I have added Managed identity to the function app , and added that managed identity in APIM IAM to give API Management Service Reader role. If I call the APIM API from postman with An Auth token I'm able to access the API and retrieve the data .
Is it possible to call the API in APIM without Auth 2.0 as I have given API Management Service Reader role for the function app.
While calling the API from function app with managed identity getting below UnAuthorized Error .I need to bypass the Authentication Token as it is Azure resources and in same resource group.

I don't want to make a separate API call for Token from function App fro accessing the API.

var tokenCredential = new DefaultAzureCredential();
var accessToken = await tokenCredential.GetTokenAsync(new Azure.Core.TokenRequestContext(new[] { "https://management.azure.com/.default" }));
_logger.LogInformation("Attempting to acquire token...");
accessToken = await tokenCredential.GetTokenAsync(tokenRequestContext);
_logger.LogInformation($"Access Token: {accessToken.Token}");
// Use the acquired token to authenticate the request to APIM
httpClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken.Token);
var response = await httpClient.GetAsync(apimEndpoint);

Is it possibel to acheive this anyway?

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
707 questions
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,175 questions
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,112 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
830 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.