Organizations often do not know which AI agents are active in their own systems. Like Okta, Microsoft hopes to identify this blind spot with its identity solution Entra ID. In addition, the entire Entra platform will be easier to manage and AI resources will remain under lock and key.
Microsoft Entra Agent ID has been released in an extensive form in public preview. This gives organizations a “complete inventory of their agent fleet,” according to Microsoft. Thanks to an agent registry, AI agents appear in exactly the same interface as human users. This makes it immediately clear what permissions an agent has and whether it is consulting the resources that are to be expected. Built-in lifecycle management prevents agents from wandering around and potentially being used by malicious parties. Various forms of access management also prevent agents from gaining access to valuable information, whether they are actively in use or not.
In all respects, it closely resembles what Microsoft’s main identity security competitor, Okta, presented in October. There, too, agents are now considered manageable accounts, visible in the usual UI. In that respect, the two largest identity players are in agreement: agents are often similar to human users when looking purely at the logs and traces, and require roughly the same management capabilities as humans.
The use of AI is also protected. Protection against prompt injections, filtering of network files, and even detection of undocumented use of AI help administrators to harness the technology. In addition, MCP servers can no longer be accessed via the URL with Entra Agent ID.
Fundamental protection
For many organizations, agentic AI is still a long way off. That is why Microsoft is not only emphasizing it during Ignite. The Entra Suite is getting general improvements to make admins’ work easier. The new features are appearing in public preview. Admins can now perform periodic access reviews for critical applications, grant access to high-risk solutions, use threat intelligence to automatically block links, and give external users temporary access to private apps.
AI not only needs to be protected, but can also protect. This is done within Entra with agents. Three new agents help to remove traditional management functions from administrators. The Conditional Access Optimization Agent continuously monitors user protection and zero trust compliance. The Identity Risk Management Agent is designed to help accelerate remediation, for example by offering solutions with a single click. Finally, there is the Access Review Agent, which, like real administrators, keeps track of whether the chosen access per user is still correct.
Conclusion: identity in step with the times
The improvements to Microsoft Entra are not too surprising. However, they are effective, easy to understand, and prevent agents from remaining out of sight at organizations. For many companies, AI (let alone agentic AI) is still in the experimental phase. This move by Microsoft makes it more likely that the actual adoption of AI will happen safely.