Call between two function apps with authentication enabled

Question

Hi.
I have two function apps, both written in javascript and HTTPtriggered.
Is it possible call an Azure Function App (with AAD Authentication enabled) from another Function app without having to authenticate with, let's say, msal-node?

Answer 1

Hello @Hector Romo ,
You can achieve the required functionality by registering AAD enabled function app as an API and then expose the API with the required scopes so that other applications can use it. Then you have to register the other http triggered function app with AAD and add permissions to it to call your AAD enabled function app. You can refer this blog for implementation and additionally you can read this post for any further understanding.
Please let me know if this helps resolving the issue faced or not, I will be glad to continue with our discussion.

Answer 2

Hello @Hector Romo , apologies for the delay, yes you can definitely use the service-service authentication as mentioned here in the documentation (Please remember to set correct App Role) and then use the Client ID and Client Secret in your code to generate a new token and grant access to you client app or else you can also set an managed identity for you function app to generate the token. I found this blog very helpful for understanding of the concept. Apologies I could not find exact JavaScript specific examples regarding implementation but you can go through these samples if it helps. Please let me know if you need any additional help, I will be glad to continue with our discussion.