Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Entra Agent ID is an identity and security framework that extends Microsoft Entra capabilities to AI agents. As organizations deploy assistive, autonomous, and user-like agents, they need purpose-built identity constructs to authenticate, authorize, govern, and protect these nonhuman identities. Microsoft Entra Agent ID addresses these needs by providing a unified platform for managing agent identities at enterprise scale.
Important
Microsoft Entra Agent ID is currently in PREVIEW. This information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.
Microsoft Entra Agent ID brings together identity management, access protection, governance, and compliance for AI agents.
Agent identity platform
The Microsoft Entra Agent identity platform enables developers to create and manage agent identities—specialized identity constructs built for AI agents. Agent identity blueprints serve as templates for creating individual agent identities with parent-child relationships, enabling consistent security policies across large numbers of agents. The platform supports standard protocols such as OAuth 2.0, MCP, and A2A for authentication and agent-to-agent communication.
Security and governance for agents
Microsoft Entra Agent ID extends existing Microsoft Entra security and governance capabilities to agent identities. Agents receive the same identity-driven protections as users and workloads, including adaptive access policies, real-time risk detection, lifecycle management, and network-level controls. All agent authentication and activity is logged for compliance and audit.
For details on how these capabilities work for agents, see:
- Microsoft Entra security for AI overview
- Conditional Access for agents
- Identity Protection for agents
- Identity governance for agents
- Secure Web and AI Gateway for agents
- Sign-in and audit logs for agents
How to get started
Microsoft Entra Agent ID is part of Microsoft Agent 365. Both are available through the Frontier program in Microsoft 365. To access these features you must have a license for Microsoft 365 Copilot and have enabled Frontier for your users.
Follow the Frontier getting started guide or use the following steps to check if Frontier is enabled:
- Sign in to the Microsoft 365 admin center as a Billing Administrator.
- Browse to Copilot > Settings > User access > Copilot Frontier and make sure it's enabled for users. If you don't see these options, contact your administrator to check your Microsoft 365 Copilot licensing.