I have an Angular SPA hosted on an app service that has some basic features - view products, log in, purchase, etc. I am using azure functions on the backend to keep things quick and easy, but I'm seeing some issues with authentication.
using built in azure authentication, it doesn't seem like you can have a mix of authenticated APIs and unauthenticated HTTP trigger functions - so to use this feature would I have to create a second function app to house the unauthenticated APIs? Isn't there a simple attribute that can be added to the functions above the signature like in MVC?
It doesn't seem like I can use a managed identity with MSAL for Angular. I am planning on having users log in using Azure AD B2C so that they can log in with their private emails, social, etc - but if I do that then I will need to grant API access to those credentials, not something like a traditional service account. Is there a better way to do this?