Microsoft says we’re entering an era where humans work alongside AI agents. It’s the rise of what it calls Frontier Firms—businesses that summon bots on demand to support knowledge workers in what Microsoft’s Chief Marketing Officer for AI at Work, Jared Spataro, describes as the “elastic workforce.” However, keeping track of the agents may prove difficult, especially as teams become more dependent on them. Which ones are legitimate? Are workers using non-human actors with the proper credentials?
An LDAP for Bots?
This is why Microsoft is introducing Entra Agent ID, an identification and access management system for all “non-human” identities developed on its platform. Available through a public preview, this offering aims to provide developers and knowledge workers with a layer of authentication, permissioning, identity protection, governance, and visibility. Initially, Agent ID supports agent identities across Microsoft Copilot Studio, Azure AI Foundry, and Microsoft Security Copilot.
It’s built on top of Microsoft Entra, the company’s identity and network access product line. With it, organizations can enact a Zero-Trust security strategy, which means strict identity verification for every user and device attempting to access any resource. Protecting systems against unauthorized access by humans is tough enough, but it’ll be more challenging when dealing with an untold number of AI agents who come and go.
Administrators can log into their Microsoft Entra console to view which agent identities are visible. Starting today, by default, they can see every agent built in Azure AI Foundry and Copilot Studio by any team member.
Could the Entra Agent ID be the bot equivalent of the Lightweight Directory Access Protocol (LDAP)? There are parallels: Microsoft’s offering provides organizations with a centralized directory for managing agent identities and gives administrators the power to grant role-based permissions and track access. With AI agents becoming more autonomous and operating behind the scenes, businesses must be able to track them to see what they’re doing, and having it consolidated in a central dashboard doesn’t hurt.
Microsoft isn’t the only one tackling this issue. Other tech providers offering Zero-Trust solutions include Okta, CyberArk, HashiCorp Vault, Google Cloud Identity, and AWS. However, what might give Microsoft an advantage is that it appears to be the only one, at this point, addressing AI agents.
With more proverbial cooks in the kitchen, it’s feasible that at some point, we might see information be leaked from an agent—inadvertently or not—and having security from a tool like Entra Agent ID could prevent that from happening. What if a bot somehow gained unauthorized access to data (e.g., human resource records or classified meeting notes) and then used it to generate a response to a worker, customer, or the general public? It’s perhaps easier to track down the humans responsible, but digital suspects that could easily be disabled or deleted?
That said, Microsoft doesn’t believe in going at this problem alone. “We’ve always believed Security [sic] is a team sport, and this is going to be especially true in protecting AI agents and their identities,” Alex Simons, the company’s corporate vice president for Entra, writes in a blog post. It has partnered with two workforce management systems, ServiceNow and Workday, to integrate their platforms with Entra Agent ID.
“This will allow for automated provisioning of agent identities that perform duties alongside human employees,” Simons explains. “In parallel, we’re working to integrate ServiceNow and Workday agent-enabled applications with Microsoft Entra Agent ID, so every agent created in ServiceNow or Workday apps has its own identity.”
Subscribe to The AI Economy
The Future of Entra Agent ID
Microsoft states that it will add more access management, security, and identity governance capabilities for Entra Agent ID later this year. Simons reveals the company plans to support bots built on third-party platforms, not just those developed on its platform.
For developers, Entra Agent ID will soon receive built-in security controls. These controls will allow agent identities to be controlled using a “least-privileged approach,” meaning bots will be limited to only those rights they need to perform their job function. Agents can request just-in-time, scoped tokens to access the resources required. Moreover, Microsoft will add instant enterprise onboarding, streamlining the process for developers to discover, approve, and audit agents using pre-existing tools with no additional security reviews or custom OAuth flows.
Identity practitioners will be interested to know that Microsoft plans to introduce three key capabilities: more granular access controls with Conditional Access policies and fine-tuned permissions, improved access management tools, and enhanced auditing and monitoring for greater visibility and accountability.
Featured Image: An AI-generated image of robots inside a database server room being checked by security workers. Credit: Adobe Firefly
Subscribe to “The AI Economy”
Exploring AI’s impact on business, work, society, and technology.
Leave a Reply
You must be logged in to post a comment.