Hi @a8ree1 ,
For your client app, you can use the system managed identity on your client app to delegate impersonation privileges to your back-end app. https://learn.microsoft.com/en-us/azure/app-service/tutorial-auth-aad?pivots=platform-windows#enable-authentication-and-authorization-for-back-end-app it a tutorial for how you can configure your front-end app.
Feel free to comment below should you run into any issues.
Regards,
Ryan