entra-agent-id

Solid

Microsoft Entra Agent ID (preview) for creating OAuth2-capable AI agent identities via Microsoft Graph beta API. Covers Agent Identity Blueprints, BlueprintPrincipals, Agent Identities, required permissions, sponsors, and Workload Identity Federation. Includes Microsoft Entra SDK for AgentID (containerized sidecar) for polyglot agent authentication (Docker/Kubernetes), 3P agent integration, autonomous and interactive agent patterns. Triggers: "agent identity", "agent id", "Agent Identity Blueprint", "BlueprintPrincipal", "entra agent", "agent identity provisioning", "Graph agent identity", "entra sidecar", "agent id sidecar", "auth sidecar", "3P agent", "third-party agent identity", "polyglot agent auth".

DevOps & Infrastructure 2,418 stars 270 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Microsoft Entra Agent ID Create and manage OAuth2-capable identities for AI agents using Microsoft Graph beta API. > **Preview API** — All Agent Identity endpoints are under `/beta` only. Not available in `/v1.0`. ## Before You Start Search `microsoft-docs` MCP for the latest Agent ID documentation: - Query: "Microsoft Entra agent identity setup" - Verify: API parameters match current preview behavior ## Conceptual Model ``` Agent Identity Blueprint (application) ← one per agent type/project └── BlueprintPrincipal (service principal) ← MUST be created explicitly ├── Agent Identity (SP): agent-1 ← one per agent instance ├── Agent Identity (SP): agent-2 └── Agent Identity (SP): agent-3 ``` ## Prerequisites ### PowerShell (recommended for interactive setup) ```powershell # Requires PowerShell 7+ Install-Module Microsoft.Graph.Beta.Applications -Scope CurrentUser -Force ``` ### Python (for programmatic provisioning) ```bash pip install azure-identity requests ``` ### Required Entra Roles One of: **Agent Identity Developer**, **Agent Identity Administrator**, or **Application Administrator**. ## Environment Variables ```bash AZURE_TENANT_ID=<your-tenant-id> AZURE_CLIENT_ID=<app-registration-client-id> AZURE_CLIENT_SECRET=<app-registration-secret> ``` ## Authentication > **⚠️ `DefaultAzureCredential` is NOT supported.** Azure CLI tokens contain > `Directory.AccessAsUser.All`, which Agent Identity APIs explicitly reject (40...

Details

Author
microsoft
Repository
microsoft/skills
Created
4 months ago
Last Updated
yesterday
Language
TypeScript
License
MIT

Integrates with

Azure · Cloud Docker · Infrastructure Kubernetes · Infrastructure OAuth · Auth Model Context Protocol · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

entra-agent-user

Create Agent Users in Microsoft Entra ID from Agent Identities, enabling AI agents to act as digital workers with user identity capabilities in Microsoft 365 and Azure environments.

34,158 Updated yesterday
github
DevOps & Infrastructure Solid

entra-app-registration

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), general Azure resource security guidance.

607 Updated 1 months ago
microsoft
DevOps & Infrastructure Listed

entra-app-registration

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), Azure resource security (use azure-security).

335 Updated today
aiskillstore
Code & Development Solid

entra-app-registration

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), general Azure resource security guidance.

1,998 Updated 1 months ago
microsoft
Code & Development Listed

azure-identity-dotnet

Azure Identity SDK for .NET. Authentication library for Azure SDK clients using Microsoft Entra ID. Use for DefaultAzureCredential, managed identity, service principals, and developer credentials. Triggers: "Azure Identity", "DefaultAzureCredential", "ManagedIdentityCredential", "ClientSecretCredential", "authentication .NET", "Azure auth", "credential chain".

335 Updated today
aiskillstore