Microsoft Agent 365 (with Entra Agent ID)
Microsoft’s umbrella product for agentic-AI governance, positioned by Microsoft as “the control plane for agents” (Vasu Jakkal, Microsoft Security Blog, March 2026). Agent 365 reached general availability on May 1, 2026 as part of the new Microsoft 365 E7: The Frontier Suite SKU (bundled with Microsoft 365 Copilot, Microsoft Entra Suite, and Microsoft 365 E5).
Agent 365 includes capabilities across three Microsoft Security pillars:
- Microsoft Entra — agent identity, conditional access, governance (this product page’s primary focus).
- Microsoft Defender — agent runtime threat detection (covered separately on the Microsoft org page).
- Microsoft Purview — data oversharing prevention for agent flows (covered separately).
Entra Agent ID is the identity-credential layer underneath Agent 365. The Agent 365 Registry is the catalog / governance layer. Together they are the Microsoft-native equivalent of what Okta for AI Agents offers for Okta-anchored organizations.
Components
Entra Agent ID is the identity credential layer: each agent is registered as a distinct identity in the Microsoft Entra directory (analogous to a service principal but typed as an agent). It supports:
- Scoped OAuth 2.1 tokens issued per agent, per task-scope
- Short-lived credentials enforced by the identity platform rather than by the agent
- RBAC policy assignment at the agent-identity level
- Integration with Conditional Access for risk-based step-up
Agent 365 Registry is the catalog and governance layer: a centralized registry of all agents deployed in an organization’s Microsoft 365 tenant. It provides:
- Agent discovery (including shadow agents not explicitly enrolled)
- Lifecycle event tracking (creation, rotation, suspension, decommission)
- Programmatic management via the Microsoft Graph API
- Owner-to-agent binding (every agent traces to a human principal in the directory)
ZT4AI integration
Entra Agent ID and Agent 365 Registry are core components of Microsoft’s ZT4AI (Zero Trust for AI) framework, announced March 2026. Within ZT4AI, these products implement:
- Agent Governance pillar — enrollment, approval workflows for high-risk agents, lifecycle management
- Action-to-identity tracing — every agent action is attributed to the registered agent identity, creating a durable audit trail accessible via Microsoft Purview
The Anthropic Compliance API (announced March 24, 2026) provides a complementary audit capability for Claude-powered agents: API-level attribution of model-generated actions to specific deployment identities, compatible with Entra Agent ID as the authoritative identity source.
Relation to the RA Identity plane
In the Agentic AI Security RA, Entra Agent ID appears in two Identity plane rows:
| Capability | Role |
|---|---|
| Agent identity & lifecycle | Primary enterprise COTS choice for M365/Azure-native organizations |
| Action-to-identity tracing | Native via Agent 365 + Purview; vendor-stack-locked |
The enterprise recommended stack pairs Entra Agent ID with Microsoft Agent Governance Toolkit (Apr 2026) in the Control plane for policy management.
Comparison with Okta for AI Agents
| Dimension | Okta for AI Agents | Microsoft Entra Agent ID |
|---|---|---|
| GA date | April 30, 2026 | May 1, 2026 |
| Best fit | Okta-as-IdP organizations | M365 / Azure-native organizations |
| Registry | Okta Universal Directory + Agent Discovery | Agent 365 Registry (Graph API) |
| Audit integration | Okta System Log | Microsoft Purview |
| Third-party agent support | Broader (IdP-agnostic agents) | Optimized for Microsoft Copilot agents; third-party via OIDC |
| Action tracing | Via Okta Workflows | Via Anthropic Compliance API + Purview (Claude-specific) |
CMM positioning
Equivalent to Okta for AI Agents in CMM positioning: organizations adopting Entra Agent ID reach L3 CMM on the D2 identity track. The Purview integration for action tracing enables L4 on D8 (Audit, Accountability, and Forensics).
Vendor-stack constraint
Action-to-identity tracing via Purview is deeply integrated with the Microsoft stack. Organizations using non-Microsoft models or agent frameworks may find the tracing coverage incomplete; the Anthropic Compliance API integration covers Claude-on-Azure deployments specifically.