Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Ignite 2025 delivers groundbreaking innovations across the Microsoft Entra portfolio, with the flagship introduction of Microsoft Entra Agent ID bringing first-class identity and access management to AI agents. This release represents the largest expansion of Microsoft Entra capabilities to date, extending Zero Trust principles to AI workloads while delivering major enhancements across authentication, governance, security, and access management.
Release Highlights
Microsoft Entra Agent ID: Revolutionary AI agent identity and access management with 50+ new articles and comprehensive platform support
Advanced Authentication: Next-generation passwordless capabilities including self-service account recovery and advanced passkey support
Enhanced Security: AI-powered protection with Security Copilot integration and comprehensive risk management
Intelligent Governance: Advanced lifecycle workflows, risk-based approvals, and automated compliance capabilities
Cloud Security: Comprehensive Internet and Private Access enhancements with AI Prompt Shield and advanced filtering
Enterprise Scale: Enhanced application lifecycle management, device identity, and comprehensive monitoring capabilities
Microsoft Entra Agent ID
The future of AI security is here. Microsoft Entra Agent ID introduces revolutionary identity and access management capabilities specifically designed for AI agents. This groundbreaking service provides first-class identity constructs for AI agents, bringing the same Zero Trust principles that protect human users to autonomous AI systems.
- What are agent identities (Agent IDs)? (New)
- Microsoft Entra agent identities for AI agents (New)
- Security for AI (New)
- Agent ID creation channels (New)
- Control user access to agents (New)
- Grant agent access to Microsoft 365 (New)
- Sign-in and audit logs for agents (New)
- Agent access packages (New)
- Configure inheritable permissions blueprints (New)
- Manage agent in end user experience (New)
- Manage agents without identity (New)
- Authorization for Agent ID (New)
- Reference registry roles (New)
Microsoft Entra Agent Platform
Developer-first platform for AI agent integration. The Microsoft Agent Identity Platform provides comprehensive developer tools, SDKs, and protocols for integrating AI agents with Microsoft Entra ID, featuring specialized OAuth flows, token management, and agent registry capabilities.
- What is Microsoft agent identity platform (New)
- Key concepts (New)
- Agent OAuth protocols (New)
- Agent autonomous app OAuth flow (New)
- Agent on-behalf-of OAuth flow (New)
- Agent user OAuth flow (New)
- Agent blueprint (New)
- Agent's user account (New)
- Agent identities (New)
- Agent service principals (New)
- Agent token claims (New)
- Agent metadata and discoverability (New)
- Agent owners, sponsors, and managers (New)
- Agent lists (New)
- Create blueprint (New)
- Create and delete agent identities (New)
- Manage agent blueprint (New)
- Autonomous agent request tokens (New)
- Autonomous agent request agent user tokens (New)
- Autonomous agent request authorization from Entra admin (New)
- Authenticate users and acquire tokens for interactive agents (New)
- Call API: Azure services (New)
- Call API: Custom (New)
- Call API: Microsoft Graph (New)
- Microsoft Entra SDK for agent identities (New)
Security Copilot + Microsoft Entra
AI-powered identity and access management. Enhanced Security Copilot integration brings advanced AI assistance to Microsoft Entra operations, providing intelligent insights, automated optimization, and comprehensive risk management capabilities across the entire identity platform.
- Entra agents with Security Copilot (Updated)
- Conditional Access agent optimization (Updated)
- Entra enterprise user management (Updated)
- Entra governance optimization (Updated)
- Entra ID governance scenarios (Updated)
- Entra ID scenarios (Updated)
- Entra Internet Access and Private Access scenarios (Updated)
- Investigate incidents with Entra (Updated)
- Investigate risky apps with Entra (Updated)
- Entra lifecycle workflows (Updated)
- Entra monitoring and operations (Updated)
- Entra security and access control (Updated)
- Entra security scenarios (Updated)
Microsoft Entra Suite
Microsoft Entra ID Governance
Next-generation identity governance with AI integration. Enhanced lifecycle workflows, intelligent risk-based approvals, and streamlined access package management deliver comprehensive identity governance at enterprise scale.
- What are agent identities (Agent IDs)? (New)
- Microsoft Entra agent identities for AI agents (New)
- Entitlement management: Configure ID Protection approvals (New)
- Entitlement management: Configure Insider Risk Management approvals (New)
- Workflow sensitivity labels (New)
- Catalog Access Reviews (New)
- Custom data as a provided resource in catalog Access Reviews
- Entitlement management: Access package eligible assignment (Updated)
- Entitlement management: Dynamic approval (Updated)
- Entitlement management: Verified ID settings (Updated)
- Lifecycle workflow: inactive users (Updated)
- Lifecycle workflow tasks (Updated)
- Reprocess workflow (Updated)
- PIM: Add role to user (Updated)
Microsoft Entra Internet Access
Advanced AI-powered cloud security. New AI Prompt Shield, comprehensive data loss protection, network content filtering, and cloud firewall capabilities deliver cutting-edge protection for modern workloads.
- AI prompt injection protection (New)
- Configure cloud firewall (New)
- Full data loss protection (New)
- Network content filtering (New)
- IP addresses advertised by remote network connectivity (New)
- Troubleshoot Transport Layer Security inspection errors (New)
- Netskope integration concept (Updated)
- What is Transport Layer Security inspection? (Updated)
- Assign traffic profile to remote network (Updated)
- Create remote networks (Updated)
- Manage remote networks (Updated)
- Configure Transport Layer Security inspection settings (Updated)
- Configure Transport Layer Security inspection policies (Updated)
- Current known limitations (Updated)
Microsoft Entra Private Access
Enhanced secure access for private resources. Improved remote network connectivity, advanced traffic profiling, and streamlined configuration deliver enterprise-grade private access capabilities.
- Assign traffic profile to remote network (Updated)
- Create remote networks (Updated)
- Manage remote networks (Updated)
- Enable Intelligent Local Access
Microsoft Entra Verified ID
Expanded verification ecosystem. New integration guidance and enhanced partner ecosystem deliver comprehensive digital identity verification capabilities for modern authentication scenarios.
- Integration guidance (New)
- Identity verification partners (Updated)
Microsoft Entra ID Protection
AI agent risk protection and enhanced reporting. Extended risk detection capabilities for AI agents, comprehensive risk management agents, and advanced user risk reporting deliver next-generation identity protection.
- Risky agents concept (New)
- Risky user report concept (New)
- Identity risk management agent: Get started (New)
- Identity risk management agent: Risky user report (New)
- Identity risk management agent: Settings (New)
- Identity Protection policies (Updated)
- Identity Protection user experience (Updated)
- Risk detection types (Updated)
- Risk reports (Updated)
- Configure risk policies (Updated)
- Identity Protection overview (Updated)
Microsoft Entra External ID
Built-in protection with third-party partner solutions. New partner integrations provide comprehensive protection across the identity lifecycle, including edge security, sign-up fraud prevention, and unified monitoring. Customers can configure sign-in using a unique username or alias.
- Akamai WAF integration (New)
- Cloudflare WAF integration (Updated)
- Arkose Labs and HUMAN Security fraud protection (New)
- Azure Monitor and Microsoft Sentinel integration (Updated)
- Sign in with an alias (New)
Microsoft Entra ID
Conditional Access
Revolutionary AI agent support and enhanced policy capabilities. Conditional Access extends Zero Trust principles to AI agents while delivering advanced policy management, intelligent optimization, and comprehensive access control across all identity types.
- Conditional Access and agent identities (New)
- Block high-risk agent identities (New)
- Conditional Access: Cloud apps (Updated)
- Conditional Access: Conditions (Updated)
- Conditional Access: Grant (Updated)
- Common Conditional Access policy templates (Updated)
- Conditional Access: Users, groups, agents, and workload identities (Updated)
- Managed policies (Updated)
- Conditional Access overview (Updated)
- Risk-based user policy (Updated)
- What-if tool (Updated)
Authentication
Next-generation passwordless authentication. Revolutionary self-service account recovery, advanced passkey capabilities, platform credential support, and comprehensive authentication method management deliver the future of secure authentication.
- Account recovery overview (New)
- Passkeys (FIDO2) authentication (New)
- Platform credential for macOS (New)
- Windows Hello for Business (New)
- Account recovery cost savings estimator (New)
- Enable account recovery (New)
- Account recovery for users (New)
- Passkey profiles (New)
- Synced passkeys (New)
- Self-service account recovery (New)
- Passkey FAQ (New)
- Microsoft Authenticator app (Updated)
- Manage authentication methods (Updated)
- Authentication methods (Updated)
- Phone authentication options (Updated)
- FIDO2 hardware vendor considerations (Updated)
- Deploy phishing-resistant passwordless authentication (Updated)
- Enable passkey (FIDO2) (Updated)
- Plan persona-based phishing-resistant passwordless authentication (Updated)
- Plan prerequisites for phishing-resistant passwordless authentication (Updated)
- Register passkey with security key (Updated)
- Register passkey (Updated)
- Sign in with passkey (Updated)
- Getting started with MFA (Updated)
- Kerberos authentication (Updated)
- Authentication overview (Updated)
- Troubleshoot authentication strengths (Updated)
Role-based Access Control
Comprehensive AI agent administration. New specialized roles for Agent ID management deliver granular administrative control over AI agent identities, blueprints, and registry operations.
- Agent ID Administrator role (New)
- Agent ID Developer role (New)
- Agent Registry Administrator role (New)
- Manage roles in portal (Updated)
- Permissions reference (Updated)
Monitoring and Health
Enhanced identity monitoring and operational insights. Improved monitoring capabilities, comprehensive audit logging, and advanced health analytics support modern identity operations and compliance requirements.
- Identity monitoring and health (Updated)
- Sign-ins concept (Updated)
- Customize filter logs (Updated)
- Monitoring health overview (Updated)
Microsoft Identity Platform
Enhanced enterprise application management. Comprehensive AI-powered application lifecycle management, intelligent app owner identification, and advanced risk assessment deliver next-generation application governance capabilities.
- Agent app lifecycle: Discovery and onboard (New)
- Agent app lifecycle management (New)
- Agent app lifecycle: Remediation plans (New)
- Agent: Contact app owners (New)
- Agent: Identify and prioritize risky apps (New)
- Assign user or group access (Updated)
- Disable user sign-in (Updated)
- Manage app consent policies (Updated)
- Plan application integration (Updated)
- Govern and monitor tutorial (Updated)
- Application management overview (Updated)