Blog Post

Microsoft Entra Blog
5 MIN READ

The future of AI agents—and why OAuth must evolve

Alex_Simons's avatar
Alex_Simons
Icon for Microsoft rankMicrosoft
May 27, 2025
I believe we're at the beginning of something extraordinary.  Today's AI agents are already impressive—they're helping software engineers write code, assisting site reliability teams in troubleshoo...
Updated May 30, 2025
Version 3.0
agent id
Alex_Simons's avatar
Icon for Microsoft rankMicrosoft
Joined May 01, 2017
View Profile
Microsoft Entra Blog
Stay informed on how to secure access for employees, customers, and non-human identities, from anywhere, to multicloud and on-premises resources, with comprehensive identity and network access solutions powered by AI.
yaron_zehavi's avatar
yaron_zehavi
Copper Contributor
Jul 18, 2025

Dear Alex,
Thank you for this clear and well articulated article.

Why do you think agents need to be distinct from OAuth clients? And what does that mean in practical terms?

Will an agent work without an OAuth client? Or be identified as an actor alongside an OAuth client?
If we're talking about the identity of an agent to be unique and prove-able, a trust framework would be required, along the lines of confidential OAuth clients.

What if we were to keep the well established concept of OAuth clients as actors acting on behalf of themselves (client credentials grant) or using access delegated by a resource owner. And reuse the existing trust establishment: Clients can be pre-registered, dynamically registered using RFC7591 and in the future automatically registered through OpenID Federation on the fly establishment of trust.

And then the missing pieces of the puzzle could be supported thru:

  • Adding client metadata to identify a client is an AI agent
  • Preserving the auditable chain of events as requests traverse trust domains, thru a profile on top of OAuth Identity Chaining which preserves in tokens the full chain of delegation