Agent 365 CLI query-entra command reference

Provides options to query Microsoft Entra ID for agent information including scopes, permissions, and consent status. You can check the configuration and consent status for both agent blueprints and agent instances.

Minimum role required: Directory Reader

Syntax

a365 query-entra [command] [options]

Options

Option	Description
-?, -h, --help	Show help and usage information

query-entra blueprint-scopes

List configured scopes and consent status for the agent blueprint.

a365 query-entra blueprint-scopes [options]

This command retrieves and displays the configured scopes and their consent status for the agent blueprint application in Microsoft Entra ID.

blueprint-scopes options

Option	Description
-n, --agent-name <name>	Agent base name. When you provide this option, you don't need a config file.
--tenant-id <tenantId>	Azure AD tenant ID. Overrides autodetection. Use with --agent-name.
-v, --verbose	Enable verbose logging.
-?, -h, --help	Show help and usage information.

query-entra instance-scopes

List configured scopes and consent status for the agent instance.

a365 query-entra instance-scopes [options]

This command retrieves and displays the configured scopes and their consent status for the agent instance application in Microsoft Entra ID.

instance-scopes options

Option	Description
-n, --agent-name <name>	Agent base name. When you provide this option, you don't need a config file.
--tenant-id <tenantId>	Azure AD tenant ID. Overrides autodetection. Use with --agent-name.
-v, --verbose	Enable verbose logging.
-?, -h, --help	Show help and usage information.

Note

Reading tenant-wide OAuth2 permission grants requires the admin-only DelegatedPermissionGrant.Read.All scope. If you sign in without that scope, the command directs you to Microsoft Entra admin center to verify consent status rather than reporting "admin consent has not been granted".