I'm currently facing what appears to be a basic scenario, but there doesn't seem to be any documentation on it.
I have on-prem resources I would like to grab data from - these resources are exposed by an API that is linked to Azure Proxy.
The Azure Proxy object (let's call it "InternalAPI") has Microsoft Entra pre-authentication enabled.
I separately am working on an Azure Web App that needs to authenticate to the Azure Proxy object without User_Impersonation - I simply want the Managed Identity of the Web App (let's call it "AzureCloudAppWithOnPremData") to authenticate directly to the Azure Proxy object for data flow.
Is there a way to accomplish this? Entra pre-authentication seems to assume some browser interaction, not API<->API. What I want is the AzureCloudAppWithOnPremData to automatically authenticate to the Proxy without user interaction, since the user will already have signed in to the WebApp through IAM.