I linked this earlier but I had another very large thread with someone all around using Identity & Functions together. You will do yourself a big favor by reading it. The one thing I didn’t get around to mentioning there is just make sure you refresh the JWT on the client side before dispatching the request to a Function. I tested this morning to make sure, but if you call a Function with a stale JWT, the User object doesn’t even get passed to the function.
https://answers.netlify.com/t/questions-about-netlify-identity-serverless-functions/