entra-agent-id
Microsoft Entra Agent ID OAuth2 identities via Graph API
Developer Setup
Setup & Installation
npx skills add https://github.com/microsoft/skills --skill entra-agent-idnpx skills add https://github.com/microsoft/skills --skill entra-agent-idOverview
What This Skill Does
Microsoft Entra Agent ID lets you create and manage OAuth2-capable identities for AI agents using Microsoft Graph beta API. It uses a Blueprint model where each agent type gets an application object, and individual agent instances get their own service principals under that blueprint. Supports Workload Identity Federation and a containerized sidecar for polyglot agent authentication.
Application
When to use this Skill
- Configuring integration settings for custom agent workflows.
- Optimizing query execution and response latency in production.
- Developing clean, standard-compliant implementations for enterprise services.
- Troubleshooting connection timeouts and authentication handshakes.
- Monitoring API rate limits and execution pipelines programmatically.
Documentation
Show Skills.md file
Microsoft Entra Agent ID
Create and manage OAuth 2.0-capable identities for AI agents using Microsoft Graph. Every agent instance gets a distinct identity, audit trail, and independently-scoped permission grants.
Quick Reference
| Property | Value |
|---|---|
| Service | Microsoft Entra Agent ID |
| API | Microsoft Graph (https://graph.microsoft.com/v1.0) |
| Required role | Agent Identity Developer, Agent Identity Administrator, or Application Administrator |
| Object model | Blueprint (application) → BlueprintPrincipal (SP) → Agent Identity (SP) |
| Runtime exchange | Two-step fmi_path exchange (autonomous and OBO) |
| .NET helper | Microsoft.Identity.Web.AgentIdentities |
| Polyglot helper | Microsoft Entra SDK for AgentID (sidecar container) |
When to Use This Skill
- Provisioning a new Agent Identity Blueprint and BlueprintPrincipal
- Creating per-instance Agent Identities under a Blueprint
- Configuring credentials (FIC, Managed Identity, or client secret) on the Blueprint
- Implementing the two-step
fmi_pathruntime token exchange (autonomous or OBO) - Cross-tenant agent token flows
- Deploying the Microsoft Entra SDK for AgentID sidecar for polyglot agents (Python, Node, Go, Java)
- Granting per-Agent-Identity application (
appRoleAssignments) or delegated (oauth2PermissionGrants) permissions
Recommendations
Explore other random skills
github-actions
GitHub Actions workflow patterns for React Native iOS simulator and Android emulator cloud builds with downloadable artifacts. Use when setting up CI build pipelines or downloading GitHub Actions artifacts via gh CLI and GitHub API.
github
GitHub patterns using gh CLI for pull requests, stacked PRs, code review, branching strategies, and repository automation. Use when working with GitHub PRs, merging strategies, or repository management tasks.
react-native-best-practices
Provides React Native performance optimization guidelines for FPS, TTI, bundle size, memory leaks, re-renders, and animations. Applies to tasks involving Hermes optimization, JS thread blocking, bridge overhead, FlashList, native modules, or debugging jank and frame drops.