I have created a Google cloud function, and in the permissions I've added the 'Cloud Functions Invoker' role to the 3 individual users I want to be able to trigger the function.
The function is accessible at the trigger endpoint provided, similar to this: https://us-central1-name-of-my-app.cloudfunctions.net/function-name
I have assigned myself the invoker role on the function. When I enter the URL I get a 403
Your client does not have permission to get URL /function-name from this server.
Since I am signed into my Google account already, I had assumed I would have permissions to access this function.
If not, how can I show the authentication prompt as part of the function without exposing the entire function via allUsers?