Entra Agent ID¶
Learning Status
📖 Initial overview complete — deeper dive pending. Last updated: 2026-04-04.
☕ Café Analogy¶
Every human staff member has an ID badge — it says who they are, what role they have, and what rooms they can access. Without a badge, they can't enter the kitchen.
Now your robot baristas need the same thing. Entra Agent ID is the ID badge system for AI agents — unique identity, defined permissions, everything logged.
What Is Entra Agent ID?¶
A new identity type in Microsoft Entra purpose-built for AI agents — distinct from user accounts, devices, and traditional service principals.
| Detail | |
|---|---|
| What | Unique identity for each AI agent in your org |
| Where | Microsoft Entra ID (same place you manage user identities) |
| Status | Public Preview (2026) |
| Key concept | Agents are now first-class citizens alongside users and devices |
Why a New Identity Type?¶
Before Entra Agent ID, organisations used service principals or managed identities for automation — but these were designed for apps and services, not autonomous AI agents:
- Service Principal: "Who ran that query?" → "Some app" → Which team? No idea.
- Shared credentials: 5 agents use the same secret → one compromised, all at risk
- No metadata: Can't tell WHAT the agent does, WHO owns it, or WHY it exists
- No lifecycle: Orphaned service principals live forever with full permissions
The Identity Comparison¶
| Service Principal | Managed Identity | Entra Agent ID | |
|---|---|---|---|
| Designed for | Apps & services | Azure resources | AI agents |
| Credential management | You manage secrets | Azure manages | Platform-managed |
| Metadata | ❌ No purpose/owner info | ❌ No | ✅ Purpose, owner, environment, capabilities |
| Azure only? | No (works anywhere) | Yes (Azure only) | No (works anywhere) |
| Lifecycle management | Manual | Tied to resource | ✅ Create → deploy → review → retire |
| Conditional Access | Basic | Basic | ✅ Rich, agent-specific policies |
| Audit trail | Generic app logs | Generic | ✅ Every action attributed to specific agent |
| Best for AI agents? | ⚠️ Workaround only | ❌ Not designed for it | ✅ Purpose-built |
💡 Key insight for customers: If they're using service principals for AI agents today, they're doing it the old way. Entra Agent ID is the proper way forward.
How It Works — Blueprints¶
Agents are created from blueprints — templates that define:
┌─────────────────────────────────────┐
│ AGENT BLUEPRINT │
│ │
│ Name: "Sales Forecast Bot" │
│ Owner: john@contoso.com │
│ Purpose: Quarterly forecasting │
│ Environment: Production │
│ Capabilities: │
│ - Read Excel files │
│ - Access SharePoint Sales site │
│ - Send emails (with approval) │
│ Parent app: Copilot Studio │
│ Permissions: Least-privilege │
└─────────────────────────────────────┘
│
▼ Creates
┌─────────────────────────────────────┐
│ ENTRA AGENT ID │
│ │
│ Object ID: abc-123-def-456 │
│ Type: Agent (new!) │
│ Auth: Short-lived OAuth 2.0 │
│ CA Policy: "Agents-Production" │
│ Audit: Every action logged │
│ Lifecycle: Active → Review → Retire│
└─────────────────────────────────────┘
Security Features¶
| Feature | How It Protects |
|---|---|
| Short-lived tokens | OAuth 2.0 tokens expire quickly — no long-lived secrets |
| Conditional Access | Apply policies like "block agent outside business hours" |
| Least privilege | Only grant permissions the agent actually needs |
| Access reviews | Periodic reviews — is this agent still needed? |
| Shadow agent detection | Discover unsanctioned agents in your environment |
| Orphan prevention | Mandatory owner assignment — no agent without an accountable human |
How It Connects to Agent 365 and Copilot Cowork¶
Entra Agent ID ←→ Agent 365 ←→ Copilot Cowork
(identity) (governance) (execution)
WHO HOW WHAT
"Who is this "What rules "What is the
agent?" apply?" agent doing?"
- Entra Agent ID = the agent's identity (name badge)
- Agent 365 = the governance dashboard (manager's office)
- Copilot Cowork = the agent doing actual work (the robot barista)
Customer FAQ¶
| Question | Answer |
|---|---|
| "Why can't we just use service principals?" | You lose metadata, lifecycle, owner attribution, and agent-specific CA policies. It's like using a shared login instead of personal accounts. |
| "Does this replace managed identities?" | No — managed identities are still best for Azure resource-to-resource auth. Agent ID is for autonomous AI agents. |
| "Is this free?" | Included with Entra ID P1/P2. Advanced governance with Agent 365 ($15/user/month). |
| "Can we audit what agents did?" | Yes — every action logged with the specific Agent ID. Full audit trail in Purview. |
| "What about third-party agents?" | Can be registered in the Entra agent registry and governed the same way. |