Is it safe to send sensitive data in the post body to an azure function?
Sending sensitive data in a post request is a common approach. Take any form-based authentication mechanism for example. A user enters his credentials in the web-frontend (browser) and a post request is sent to the web-server in the backend. If this backend actually is a classical web application or an Azure function doesn't matter.
It is important though to ensure transport security. Using HTTPS (with TLS) is state-of-the-art in this regard. Appropriate algorithms, key-lengths and modes for your HTTPS configuration are defined in public standards and guidelines. I recommend the document SOG-IS Crypto Evaluation Scheme Agreed Cryptographic Mechanisms but there are others (with very similar recommendation). Depending on your location and/or your industrial sector, there might be specific standards and guidelines that are required for compliance.
One caveat in the end - just because it is appropriate, doesn't mean it is the best option you have. I do not know your actual requirements, so I cannot advise in this regard. That's something you have to evaluate.