Microsoft Entra Agent ID explained

8 snips

Feb 11, 2026

Leandro Iwase, Microsoft Entra Senior Product Manager who demos Entra Agent ID, explains how to treat AI agents as real identities. He shows a dashboard for discovering agents, demos blueprints for least-privilege defaults, and walks through scoping access, agent-specific Conditional Access, real-time risk blocking, and handling ownerless agents.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Treat Agents As First-Class Identities

Microsoft Entra Agent ID treats AI agents as first-class identities with lifecycle controls.
This lets organizations apply identity protections and governance to agents like they do for humans.

INSIGHT

Unified Agent Registry For Visibility

The Agent Registry and identities provide visibility across platforms and agent origins.
Each agent gets an immutable identity record similar to users or app registrations for tracking.

ADVICE

Use Blueprints And Disable Over-Permissioned Agents

Use agent blueprints to ensure new agents inherit correct controls and policies at creation.
Disable overly-permissioned agents immediately to prevent unauthorized access.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Control AI agents as they are created across your environment by treating them like real identities with Microsoft Entra Agent ID. See every agent in one place, understand what it can access, detect agent sprawl early, and apply least-privilege permissions using the same Microsoft Entra tools you already use for users—without introducing new governance models.

Approve and scope agent access with accountability, enforce agent-specific Conditional Access in real time, automatically block risky behavior, and ensure every agent always has an owner, even as people change roles or leave.

Leandro Iwase, Microsoft Entra Senior Product Manager shows how to keep agents operating securely, transparently, and predictably across their entire lifecycle.

► QUICK LINKS:

00:00 - Treat AI Agents Like Real Identities

00:42 - Stop Agent Sprawl

02:26 - Least Privilege with Agent Blueprints

03:39 - Scope Agent Access

05:10 - Create agent specific Conditional Access policies

06:12 - Protect against a sponsor account

07:01 - Agents flagged as risky

07:50 - Ownerless agents

09:00 - Wrap up

► Link References

Check out https://aka.ms/EntraAgentID

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics