If your Logic App's managed identity is not recognized by the Azure Function App, follow these steps to resolve the issue:
1. Enable Managed Identity for the Logic App: Ensure that the managed identity is enabled for your Logic App. Go to the Azure portal, navigate to your Logic App, open the Identity blade under Settings, and toggle the Status to On. Save your changes[3][4].
2. Register the Logic App in Azure AD: After enabling managed identity, Azure automatically creates an application registration for your Logic App. You can find this registration under Azure Active Directory > Enterprise applications. Ensure it is correctly configured[10].
3. Configure Azure AD Authentication for the Azure Function App: Enable Azure AD authentication for your Azure Function App. This will create an app registration in Azure AD. Use the express configuration to simplify the setup[7].
4. Grant Permissions to the Logic App's Managed Identity: Ensure that the Logic App's managed identity has the necessary permissions to access the Azure Function App. You can do this by adding a role assignment in the Azure Function App's Access control (IAM) settings. Assign a role like Contributor to the Logic App's managed identity[1].
5. Specify the Audience in the Logic App's HTTP Action: When using the HTTP action in your Logic App to call the Azure Function, ensure you specify the correct Audience. This should be the App ID URI of the Azure Function App's Azure AD app registration. You can find this in the Azure portal under Azure AD > App Registrations > Your Function App Registration > Properties**[7].
6. Test the Connection: After configuring these settings, test your Logic App to ensure it can successfully call the Azure Function using the managed identity for authentication[5][7].
Citations:
[1] https://www.cloudsma.com/2019/04/managed-identity-logic-app/
[2] https://turbo360.com/blog/azure-managed-service-identity-for-logic-apps
[3] https://laurakokkarinen.com/how-to-securely-trigger-azure-functions-from-azure-logic-apps/
[4] https://docs.azure.cn/en-us/logic-apps/logic-apps-securing-a-logic-app
[5] https://rakhesh.com/azure/connecting-to-an-azure-function-using-a-logic-app-managed-identity/
[6] https://www.youtube.com/watch?v=B69Pb9CKLRA
[7] https://stackoverflow.com/questions/55739326/authenticate-from-azure-logic-app-to-azure-function-using-managed-identity
[8] https://docs.azure.cn/en-us/logic-apps/create-single-tenant-workflows-azure-portal
[9] https://community.dynamics.com/blogs/post/?postid=5e75eb01-9dd6-4d2e-bad4-cea4562e351e
[10] https://learn.microsoft.com/en-us/azure/logic-apps/call-azure-functions-from-workflows