Hi @Devidasan Nirmala Thanks for reaching out. To be able to request a token for the APIM, the managed identity enabled on step 1 needs to be given permission to access that application created in 3rd step and have a role assigned. This is not something that can be done in the portal today. please follow this document to assign a managed identity to a role using powershell command https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-assign-app-role-managed-identity-powershell?WT.mc_id=AZ-MVP-5002438&tabs=azurepowershell.
this allows you to get access tokens from a specific resource within Azure Active Directory, allowing you to define which identity you require to request that token. By this way Azure Function will restricts only the APIM Managed Identity to access the Azure Function.
Please let me know incase of further queries, I would be happy to assist you.
Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.