Entra Agent ID

Learning Status

📖 Initial overview complete — deeper dive pending. Last updated: 2026-04-04.

☕ Café Analogy

Every human staff member has an ID badge — it says who they are, what role they have, and what rooms they can access. Without a badge, they can't enter the kitchen.

Now your robot baristas need the same thing. Entra Agent ID is the ID badge system for AI agents — unique identity, defined permissions, everything logged.

---

What Is Entra Agent ID?

A new identity type in Microsoft Entra purpose-built for AI agents — distinct from user accounts, devices, and traditional service principals.

	Detail
What	Unique identity for each AI agent in your org
Where	Microsoft Entra ID (same place you manage user identities)
Status	Public Preview (2026)
Key concept	Agents are now first-class citizens alongside users and devices

---

Why a New Identity Type?

Before Entra Agent ID, organisations used service principals or managed identities for automation — but these were designed for apps and services, not autonomous AI agents:

• Service Principal: "Who ran that query?" → "Some app" → Which team? No idea.
• Shared credentials: 5 agents use the same secret → one compromised, all at risk
• No metadata: Can't tell WHAT the agent does, WHO owns it, or WHY it exists
• No lifecycle: Orphaned service principals live forever with full permissions

---

The Identity Comparison

	Service Principal	Managed Identity	Entra Agent ID
Designed for	Apps & services	Azure resources	AI agents
Credential management	You manage secrets	Azure manages	Platform-managed
Metadata	❌ No purpose/owner info	❌ No	✅ Purpose, owner, environment, capabilities
Azure only?	No (works anywhere)	Yes (Azure only)	No (works anywhere)
Lifecycle management	Manual	Tied to resource	✅ Create → deploy → review → retire
Conditional Access	Basic	Basic	✅ Rich, agent-specific policies
Audit trail	Generic app logs	Generic	✅ Every action attributed to specific agent
Best for AI agents?	⚠️ Workaround only	❌ Not designed for it	✅ Purpose-built

💡 Key insight for customers: If they're using service principals for AI agents today, they're doing it the old way. Entra Agent ID is the proper way forward.

---

How It Works — Blueprints

Agents are created from blueprints — templates that define:

┌─────────────────────────────────────┐
│          AGENT BLUEPRINT            │
│                                     │
│  Name:        "Sales Forecast Bot"  │
│  Owner:       john@contoso.com      │
│  Purpose:     Quarterly forecasting │
│  Environment: Production            │
│  Capabilities:                      │
│    - Read Excel files               │
│    - Access SharePoint Sales site   │
│    - Send emails (with approval)    │
│  Parent app:  Copilot Studio        │
│  Permissions: Least-privilege       │
└─────────────────────────────────────┘
          │
          ▼  Creates
┌─────────────────────────────────────┐
│        ENTRA AGENT ID               │
│                                     │
│  Object ID: abc-123-def-456         │
│  Type:      Agent (new!)            │
│  Auth:      Short-lived OAuth 2.0   │
│  CA Policy: "Agents-Production"     │
│  Audit:     Every action logged     │
│  Lifecycle: Active → Review → Retire│
└─────────────────────────────────────┘

---

Security Features

Feature	How It Protects
Short-lived tokens	OAuth 2.0 tokens expire quickly — no long-lived secrets
Conditional Access	Apply policies like "block agent outside business hours"
Least privilege	Only grant permissions the agent actually needs
Access reviews	Periodic reviews — is this agent still needed?
Shadow agent detection	Discover unsanctioned agents in your environment
Orphan prevention	Mandatory owner assignment — no agent without an accountable human

---

How It Connects to Agent 365 and Copilot Cowork

Entra Agent ID  ←→  Agent 365  ←→  Copilot Cowork
   (identity)       (governance)     (execution)

      WHO               HOW              WHAT
  "Who is this     "What rules     "What is the
   agent?"          apply?"         agent doing?"

1. Entra Agent ID = the agent's identity (name badge)
2. Agent 365 = the governance dashboard (manager's office)
3. Copilot Cowork = the agent doing actual work (the robot barista)

---

Customer FAQ

Question	Answer
"Why can't we just use service principals?"	You lose metadata, lifecycle, owner attribution, and agent-specific CA policies. It's like using a shared login instead of personal accounts.
"Does this replace managed identities?"	No — managed identities are still best for Azure resource-to-resource auth. Agent ID is for autonomous AI agents.
"Is this free?"	Included with Entra ID P1/P2. Advanced governance with Agent 365 ($15/user/month).
"Can we audit what agents did?"	Yes — every action logged with the specific Agent ID. Full audit trail in Purview.
"What about third-party agents?"	Can be registered in the Entra agent registry and governed the same way.

---

Official Sources

• Microsoft Learn: What is Entra Agent ID?
• Agent identities, service principals, and applications
• Practical Guide to Blueprints and Agent Identities
• How Agent ID Secures AI Agents in Entra