Microsoft Entra Blog articles

Microsoft’s perspective on agentic identity standards

Pamela Dingle — Fri, 24 Apr 2026 17:54:58 GMT

A new identity inflection point

If you’ve gotten past the headline to this first sentence, you’re probably my kind of people. You’re probably a professional in the world of IAM (Identity and Access Management) who’s looking after their own enterprise; and you may even have opinions about what the future holds that range from salty to optimistic. In the world of granting access to enable productivity while preventing fraud, we’ve been supporting impulsive humans and predictable non-human identities… and now we are in the wild and wooly world where the software could be way more YOLO than the employees.

In the last year, AI agents have moved quickly from experimentation into real business roles, and identity infrastructure is necessarily along for the ride, absorbing new constructs and adapting old ones. The landscape of standards has been evolving rapidly as well, and I believe it's important to share updates with those who may not be immersed in these discussions day-to-day. In this fast-changing environment, staying informed about developments is crucial. My goal here is to talk about what is changing in the industry at large, why it is changing, and how we at Microsoft view this critical architectural identity layer.

From a standards perspective, I think the biggest industry change has been mental. There were always entities in the standards world that were non-human and needed resource access, but a clear line in the sand existed as to what those non-human entities would be allowed to accomplish. Different kinds of non-human entities were described by their task orientation and given different names that seemed separate – OAuth Clients, SPIFFE workloads, Token Exchange Actors. These standards had different taxonomies partly so that the security promise of non-human and human interactions could be kept straight. If software needed an access token to act on behalf of “something”, the aligned delegation request flows presumed that the “something” in that sentence was a real person; the idea of “user present” transactions became a critical part of our access management threat model and vocabulary. In the absence of a user, different flows and standards apply. Because consent is a human concept, software cannot grant access on behalf of other software, and a separate decision-making mechanism is required. Yet here we are in a world where agents are delegating, because they have enough reasoning capability to make choices.

You may come to the logical conclusion that the agentic revolution therefore must have caused a standards revolution to match – but no. The mindset change was pretty quick. In my opinion it has been aided in great part by the community developing the Model Context Protocol (MCP). MCP developed an incredible amount of momentum, and their choice to adopt OAuth for MCP authorization created a forcing function that all of us in the Enterprise world will be benefitting from for a long time to come.

Identity standards innovation

There’s a growing set of identity standards we’re paying close attention to, and each merits deeper discussion. For now, I’ll anchor on three broad areas of interest that are shaping how identity standards are evolving for agentic systems: bootstrapping of trust, delegation, and shared secrets. As a broad statement, a lot of work is going on to connect the agentic dots between families of standards, especially in areas for which manual processes could previously bridge automation gaps.

The first area of work is the bootstrapping of trust between non-human entities. If you are wondering what a non-human entity is, it could be anything from an infrastructure endpoint like an OAuth authorization server to a directory-based service principal representing an application, to a workload identity working within in a hypervisor context, or now an agentic identity such as an LLM harness or an autonomous business agent. In the federation world, SAML standardized an IDP discovery protocol in 2008, OpenID Connect v1 included a discovery spec in 2014 and OAuth 2.0 Protected Resource Metadata became RFC 9728 in 2025. Despite widespread ratification, IAM admins typically uploaded metadata manually from installation guides or app galleries. The data was static, and admins themselves served as the explicit trigger that established a clear starting point of authority for each federation contract. Agents, however, operate at different scale, and the incentive is finally in place to consistently automate a non-human entity announcing itself and requesting access, not just in one identity silo but across the entire technical landscape. The result will be a much more connected and consolidated embrace of all sorts of secure non-human onboarding options, including OAuth CIMD (ClientID Metadata Document), a lot of work in the WIMSE working group at IETF that help SPIFFE and OAuth work better (SPIFFE is an open standard that operates similarly to Managed Identities for Azure). It’s also worth calling out IoT and identity wallet standards, but those deserve a deeper dive, which we’ll save for later.

In addition to bootstrapping, the standards world is debating the question of delegation. This is another place where bifurcation between human and non-human identity is breaking down. We have multiple existing concepts in identity standards like token exchange, identity chaining, transaction tokens, OBO (on behalf of), token upscoping/downscoping, and a slew of new IETF proposals all occupying everyone’s minds. Take a look through Khaled Zaky’s blog on this topic, and stay tuned – this debate has not yet concluded in any way.

One quieter thread of work is worth calling out here. The standards world is filling those connective tissue gaps around eliminating shared secrets from agentic use. We are already seeing abuse (and perhaps a blurring of the line between what is use and what is abuse) of shared secrets such as API keys in agent contexts – for anyone taking the time to look, bearer token abuse will be next. Looking ahead, there will be a follow-up blog where my colleagues will explore how we’re building critical standards in this area and what that enables next.

Perspective on agentic identity standards

The deep nature of our Microsoft agentic investment is clear for all to see, but it isn’t always obvious just how much of that investment lies in collaborative spaces such as the standards community. We have already created a foundational identity layer built on open standards, with a continued commitment to a standards‑based approach to trust for AI authentication, authorization, and management - one that can scale across the many industries we work with every day. Participation in communities of interest for agentic identity such as AAIF, MCP, IETF, FIDO Alliance and OpenID Foundation are ways in which we stay relevant, and they are communities I’d encourage you to follow as well. We have a lot of learnings about what works and does not work in our very large environment and I look forward to the writing of my brilliant colleagues as they share that hard-won wisdom. In addition, for anyone who does enjoy the technical complexity of agentic standards, follow me on LinkedIn for much deeper content. One last important perspective – while I have a job title that sounds lofty in this area, the truth is that many people are working on this goal all over the company. It is those contributions, those daily decisions to care about whether any given identity standard serves its purpose, that mean a lasting success. Cheers to them.

-P. Dingle, Director of Identity Standards

Additional resources

Learn more about Microsoft Entra Agent ID:

Get ahead of agent sprawl: manage and govern AI agents at scale

NgoziNwoko — Fri, 24 Apr 2026 15:00:00 GMT

Recently, my team and I met with customers across several industries including finance, retail, telecommunications, and the public sector regarding the topic of agent adoption. During our time with them, several key themes bubbled to the surface. While AI agent adoption is growing rapidly, we need to ensure governance is built-in right from the start and that it is designed for the rapid proliferation of agents. Our customers see agents appearing within their admin portal, but accountability, lifecycle management and access guardrails are lacking, creating situations that could lead to significant security concerns.

Without clear ownership and access boundaries, risk can build quickly without clear insight about what those agents can access or do.

Agents are a new type of identity

From an identity perspective, agents can authenticate, access resources, and take action. As outlined in the Secure Access in the Age of AI report, security leaders need to find ways to manage, govern, and protect agent identities with the same rigor as human identities, especially as they scale agents across the enterprise. What makes agents different is that they do not fit neatly into existing categories. Sometimes an agent acts as an assistive agent and at other times it behaves more autonomously. Unlike traditional apps, agents are not static. As models and workflows evolve, agents can acquire new capabilities, which in turn can change what they are able to accomplish over time.

Without a unique agent identity, customers struggle to address key questions such as:

Which agent identity is acting?
What can it access?
What actions did it take?

These questions point to a fundamental gap in how identity has traditionally been applied. As agents take on more responsibilities across multiple workflows, treating them simply as applications or as extensions of a user's identity is no longer sufficient. Agents need to be recognized and managed as first-class identities. Microsoft Entra Agent ID provides an identity foundation that applications and platforms can integrate with, enabling agents to authenticate, access resources, and be governed using familiar identity controls

When platforms integrate with Entra as their identity provider, organizations gain clearer visibility into which agent is acting, what it can access, and how its permissions evolve as models and workflows change. Built on this foundation, Microsoft Entra Agent ID organizes agent identity around three pillars, helping organizations manage AI agents at scale, govern agent identities and lifecycle, and protect agent access to resources.

Manage AI agents at scale

Organizations consistently face the same initial challenge: gaining visibility into the AI agents operating across their environment. According to our study, 80% of leaders report that AI agent usage has increased over the past year. This underscores the need for a clear view of which agents exist throughout the organization. Microsoft Agent 365 was purpose-built to serve as the control plane for AI agents, tackling the challenges of agent management head-on. With Microsoft Agent 365, organizations can streamline management for AI agents in their environment. Its agent registry provides a unified inventory of all agents operating across the organization, including both Microsoft and non‑Microsoft agents.

Get a complete view of all agents in your organization, including agents built with Microsoft AI platforms, agents from our ecosystem partners, and any agents you register yourself.

A key building block in Microsoft Entra Agent ID is the agent blueprint. An agent identity blueprint serves as a reusable template for creating agents. It defines how agents are created, authenticated, and governed, while still allowing individual agents to be provisioned or deprovisioned independently, as needed. With the agent blueprint, security teams can consistently apply consistent access controls to every agent that is created from that specific template.

Govern agent identities and lifecycle

Once your agents are up and running, one of the biggest challenges organizations face is governing agent identities at scale. As teams experiment and deploy agents across environments, agent proliferation can happen quickly, often without consistent sponsorship, review, or retirement processes.

Effective identity governance must therefore include automated lifecycle management to address agent sprawl. This means ensuring every agent has a designated sponsor, enforcing policies for how agents are created and reviewed, and automatically removing access when agents are no longer needed. Without automated lifecycle controls, dormant or inactive agents can persist and retain access long after their purpose has ended, increasing security risk and administrative burden.

Microsoft Entra Agent ID helps organizations apply identity governance practices across the full agent lifecycle, from creation through decommissioning, so agent growth remains intentional, auditable, and manageable as environments become larger and more complex.

Entra Agent ID supports structured governance by allowing organizations to:

Identify orphaned agents and ensure every agent always has an accountable human to ensure accountability is maintained as users move or leave the organization
Automate agent lifecycle management from creation through deactivation to help prevent agent sprawl
Ensure agent's access is intentional, auditable and time bound with access packages

Identify orphaned agents and automate sponsor assignments.

Protect agent access to resources

One final, and key, pain point they anticipate is maintaining operational control as agents evolve. Our recent whitepaper, Protect Identities in the Era of AI reveals how identity attacks are rapidly increasing as organizations embrace cloud and AI technologies. As agents gain new capabilities and interact with more resources, organizations need confidence that access is adaptive and secure.

Entra Agent ID extends familiar identity controls to agents, thereby providing organizations with the ability to:

Apply Conditional Access policies tailored to agents, enforcing requirements based on the agent identity and access.
Block agent access automatically when risk signals increase and detect anomalous behavior such as unusual sign-in spikes or unfamiliar resource access.

Apply Conditional Access for agents: Enforce Conditional Access policies with custom security attributes, and agent compromise risk assessments.

Built for an expanding agent ecosystem

Enterprise environments are incredibly diverse, with organizations building agents across Microsoft platforms as well as a broad ecosystem of non‑Microsoft frameworks and tools. To support this reality, the Microsoft Agent 365 SDK enables developers to extend agents built using any agent SDK or platform with enterprise‑ready identity, observability, security, and governed access to Microsoft 365. By integrating with Microsoft Agent 365, the SDK helps organizations onboard and operate agents from any source using consistent management and identity controls.

Get started

To learn more about Microsoft Entra Agent ID and how it empowers organizations to secure access for AI agents:

Learn: Microsoft Entra Agent ID
Explore: Microsoft Agent 365
Watch: Microsoft Entra Agent ID Explained
View a demo: Secure access for AI agents, the new frontier of identity

- Ngozi Nwoko, Director of Product Marketing, IDNA

Related resources:

Learn more about Microsoft Entra

Tenant Configuration Management APIs are now generally available

AdityaMukund — Thu, 23 Apr 2026 16:57:53 GMT

In our previous post, we introduced Microsoft Entra Tenant Governance and how it helps organizations secure and manage multi-tenant environments at scale. Today, we’re excited to announce that the Tenant Configuration Management (TCM) APIs are now generally available, providing the foundation for managing configuration at scale with greater consistency and control.

Before we dive deeper, let’s clarify the distinction:

Microsoft Entra Tenant Governance is the product experience. It delivers a centralized control plane for visibility, policy enforcement, and governance across tenant configurations.
The TCM APIs are the underlying Microsoft Graph API that powers Tenant Governance’s configuration management capabilities. It enables organizations to programmatically define, export, monitor, and manage configurations across services.

Why this matters

As organizations grow, configuration complexity increases across identity, security, and productivity workloads. Over time, even well-configured environments can drift due to incremental changes, operational overhead, and lack of centralized control.

The challenge isn’t just setting configurations correctly. It’s maintaining that state continuously.

The TCM API addresses this by enabling a shift from reactive configuration management to a declarative and continuous model, where desired state is defined and automatically validated over time. This helps organizations reduce risk, improve compliance, and simplify operations.

Core concepts of the TCM API

At its core, the TCM API brings configuration-as-code to Microsoft Entra. It introduces a model built around four connected concepts: snapshots, baselines, monitors, and configuration drifts:

Snapshot: Captures the current state of tenant configurations at a point in time. This is often the starting point, helping organizations understand what’s deployed today or to establish a “known good” reference.
Baseline: Represents the desired configuration state. Instead of manually checking settings across portals, organizations can define what compliant configuration looks like in a structured, repeatable way.
Monitor: Continuously compares the live environment against that baseline. Any deviation is surfaced as configuration drift, giving teams clear insight into where their environment no longer aligns with expectations.
Configuration drifts: Represents the delta between the desired configuration state and the current configuration state.

Together, these concepts create a closed loop: capture current state, define desired state, and continuously monitor alignment between the two.

A scalable model for configuration management

What makes the TCM API powerful is not just visibility, but repeatability and scale. Because everything is exposed through Microsoft Graph, configuration management can now be:

Integrated into automation workflows
Connected to existing security and compliance systems
Applied consistently across multiple tenants and services

This introduces a true configuration-as-code approach, where tenant settings are no longer static or manually enforced, but programmatically defined and continuously evaluated.

How this fits into Tenant Governance

The TCM API is the foundation that enables many of the capabilities within Microsoft Entra Tenant Governance.

While the API provides raw access to configuration data and state comparison, Tenant Governance builds on top of it to deliver a unified experience for administrators. This includes surfacing insights, highlighting drift, and enabling governance actions without requiring customers to build their own tooling.

In the near future, Tenant Governance will provide a single pane of glass for managing multiple tenants centrally, powered by the TCM API. This relationship is key:

Customers can rely on Tenant Governance for an out-of-the-box solution.
Partners and advanced organizations can use the TCM API directly to build custom workflows, integrations, or managed services.

Final thoughts

Tenant configuration is no longer a one-time activity. It is an ongoing process that directly impacts security, compliance, and operational consistency.

With the general availability of the TCM API, organizations now have a scalable way to define, monitor, and enforce configuration across their environments. Whether used directly or through Microsoft Entra Tenant Governance, it enables a more proactive and automated approach to managing tenant configuration.

-Aditya Mukund

Additional resources

Learn more about Microsoft Entra

Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.

Now generally available: License usage insights in Microsoft Entra

Joseph Dadzie — Thu, 23 Apr 2026 18:13:19 GMT

Organizations rely on Microsoft Entra to secure access in an ever-changing identity threat landscape without sacrificing workforce productivity. As organizations adopt advanced identity and access capabilities, IT teams often need greater transparency into how those capabilities are being used, particularly around licensing. You need to see which identity protections are securing your users and identify gaps from unused controls.

Today, we’re excited to announce the general availability of Microsoft Entra license usage insights, a redesigned experience in the Microsoft Entra admin center that helps you better understand your license entitlements and how your security controls are being used across your organization.

Why it matters

With license usage insights, you can:

Strengthen your security posture by ensuring critical identity protections are not just licensed, but actively protecting your users.
Close protection gaps faster by identifying underutilized controls and bringing them into production.
Reduce exposure to identity-based attacks by increasing adoption of capabilities like risk-based access policies.
Stay ahead of compliance and risk with visibility into usage trends, helping you proactively address gaps as your organization evolves.

What’s new in the GA release

Since public preview, we’ve introduced several enhancements to make license entitlement and feature usage data easier to find and act on:

Six-month usage trends: Understand historical patterns for better forecasting.
Clear differentiation between active and guest users for precise reporting.
Copilot prompt suggestions to help you explore license usage insights faster.

The main license usage report view (Billing > Licenses).

Where to find the license usage insights

Navigate to Billing > Licenses in the Microsoft Entra admin center. You’ll see two key widgets: License entitlements and Product usage insights.

License entitlements: Displays your total Entra license entitlements, such as Microsoft Entra ID P1, P2, Microsoft Entra Suite, and standalone SKUs. For example, 250 Microsoft Entra Suite licenses entitle your organization to 250 each of Private Access, Internet Access, ID Governance, and Verified ID.

The License entitlements view.

Product usage insights: View product and feature usage over the past six months in one place, giving you a clear picture of which security protections are licensed, in use, and where gaps may exist. Quickly compare licenses in use versus available and spot adoption trends. Hover over the bar chart for more details or contact your Microsoft representative for guidance.

The Product usage insights view.

Next steps

Visit Billing > Licenses in the Microsoft Entra admin center to explore license usage insights today and start identifying where your existing identity protections can be strengthened. With clear visibility into how your controls are being used, you can take action to close gaps, increase adoption of critical safeguards, and improve your overall security posture.

We’d love your feedback on how this visibility into your Microsoft Entra usage supports your workflows and what additional insights would be most valuable. Share your thoughts in the comments or through the Feedback portal.

-Joseph Dadzie, Vice President of Product Management

Additional resources

Learn more about Microsoft Entra

What’s new in Microsoft Entra – March 2026

ShobhitSahay — Fri, 24 Apr 2026 20:16:41 GMT

From January through March 2026, Microsoft Entra introduced key updates to help organizations strengthen identity security, simplify governance, and improve user experience. This Q1 roundup highlights the latest feature releases and important changes—organized by product—so you can quickly see what’s new, what’s changing, and what actions you may need to take.

Microsoft Entra ID

New releases

Change announcements

Security improvements

Jailbreak detection in Authenticator app

[Action may be required]

Starting February 2026, Microsoft Authenticator introduced jailbreak/root detection for Microsoft Entra credentials in the Android app. The rollout progresses from warning mode → blocking mode → wipe mode. Users must move to compliant devices to continue using Microsoft Entra accounts in Authenticator. Learn more.

New risky user reports in Entra ID Protection

Elevate your identity security with Entra ID Protection. For admins, one question comes up repeatedly: "Why is this user risky?" The redesigned Risky Users report brings identity security to the center of investigations and makes that answer clear, with new visual insights, richer timelines, easier searchability, and more. Identity and security teams can triage faster, understand what’s driving risk, and remediate with clear insights to protect the organization. Learn more.

Microsoft Entra Agent ID

Change announcements

Simplifying agent management with Agent 365

[Action may be required]

We’re consolidating agent management experiences to make it easier to observe, govern, and secure all agents in your tenant. Agent 365 will be the single source of truth, offering a unified catalog, consistent visibility, and simplified management.

What’s changing

The Agent registry and Agent collections blades in the Entra admin center will be retired on May 1, 2026.
No action is required by administrators. Agent functionality and management remain unaffected. You can still access the agent inventory in the All agents view within the Microsoft 365 admin center (MAC).

With this change:

Agent 365 becomes the unified registry and control plane for agents.
Microsoft Entra continues to provide the identity foundation through Agent ID.
The existing registry Graph API will be deprecated and replaced by a new API powered by Agent 365. Agents registered via the current API will need to be re-registered. You'll be notified soon about the deprecation date and the availability of the new registry Graph API.
All agent access and governance capabilities remain fully available through Agent ID and Agent 365.

Learn more.

Microsoft Entra ID Governance

New releases

Change announcements

Identity Modernization

Microsoft Entra Connect security update to block hard match for users with Microsoft Entra roles

[Action may be required]

What is hard matching in Microsoft Entra Connect Sync and Cloud Sync?

When Microsoft Entra Connect or Cloud Sync adds new objects from Active Directory, the Microsoft Entra ID service tries to match the incoming object with a Microsoft Entra object by looking up the incoming object’s sourceAnchor value against the OnPremisesImmutableId attribute of existing cloud managed objects in Microsoft Entra ID. If there's a match, Microsoft Entra Connect or Cloud Sync takes over the source or authority (SoA) of that object and updates it with the properties of the incoming Active Directory object in what is known as a "hard match."

To strengthen the security posture of your Microsoft Entra ID environment, we are introducing a change that will restrict certain types of hard match operations by default.

What’s changing

Beginning June 1, 2026, Microsoft Entra ID will block any attempt by Microsoft Entra Connect Sync or Cloud Sync from hard-matching a new user object from Active Directory to an existing cloud-managed Microsoft Entra ID user object that hold Microsoft Entra roles.

This means:

If a cloud managed user already has onPremisesImmutableId (sourceAnchor) set and is assigned a Microsoft Entra role, Microsoft Entra Connect Sync or Cloud Sync will no longer be able to take over the Source of Authority of that user by hard-matching with an incoming user object from Active Directory.
This safeguard prevents attackers from taking over privileged cloud managed users in Microsoft Entra by manipulating attributes of user objects in Active Directory.

What’s not changing

Hard match operations for cloud users without Microsoft Entra roles are not affected.
Soft match behavior isn't affected.
Ongoing sync from Active Directory to Entra ID for previously hard-matched objects will not be affected.

Customer action required

If you encounter a hard match error after June 1, 2026, see our documentation for mitigation steps.

Learn more.

Microsoft Entra External ID

New releases

Global Secure Access

New releases

-Shobhit Sahay

Learn more about Microsoft Entra

Microsoft Entra expands SCIM support with new SCIM 2.0 APIs for identity lifecycle operations

Joseph Dadzie — Thu, 09 Apr 2026 18:38:08 GMT

Modern organizations rely on a growing ecosystem of applications, platforms, and services to run their business. Managing users and groups consistently across these systems is essential for security and operational efficiency. Many teams rely on the System for Cross-domain Identity Management (SCIM) standard to maintain predictable integrations, reduce custom provisioning work, and simplify lifecycle tasks across their environment.

Microsoft Entra has long supported SCIM‑based provisioning to SaaS applications and API‑driven inbound provisioning from HR systems. Today, we’re extending our support for standards‑based identity lifecycle automation by introducing Microsoft Entra SCIM 2.0 APIs, which allow external SCIM‑compatible identity sources to provision users and groups directly into Microsoft Entra. In this model, Microsoft Entra acts as the SCIM service provider (server), allowing external SCIM‑compatible clients—such as orchestration tools or custom automation frameworks—to provision and manage users and groups in Entra using standard SCIM operations. This is particularly valuable for customers who already use SCIM‑based automation frameworks or identity governance platforms and want to reuse their existing SCIM provisioning patterns when integrating with Microsoft Entra.

What you can do with Microsoft Entra SCIM 2.0 APIs

Microsoft Entra SCIM 2.0 APIs let identity teams, developers, and partners manage user and group lifecycle operations using a standards‑based approach that aligns with existing SCIM tooling.

With these APIs, you can:

Provision and deprovision users in Microsoft Entra from HR systems, SaaS platforms, or custom applications.
Update user attributes using the SCIM schema and supported extensions.
Manage Microsoft Entra ID security groups and Microsoft 365 groups, including membership.
Integrate with existing SCIM clients and automation frameworks, reusing established provisioning patterns.
Discover supported schemas and capabilities through standard SCIM endpoints.

A common scenario is synchronizing users from an HR system into Microsoft Entra, mapping attributes using the SCIM schema, and managing group membership based on role or department. Teams already using SCIM for other SaaS integrations can extend those same patterns to Microsoft Entra with minimal changes.

Get started

Follow the Microsoft Learn documentation to enable SCIM APIs and begin integrating with your SCIM client.

Licensing model

The Microsoft Entra SCIM 2.0 APIs follow a consumption-based pricing model. Refer to the pricing page for eligibility and pricing details.

Learn more

The Microsoft Entra SCIM 2.0 APIs are now generally available in the Microsoft Entra public cloud and will be available in Microsoft Entra ID for US Government by the end of June 2026.

To explore Microsoft Entra SCIM 2.0 APIs in more detail, review the following resources on Microsoft Learn:

-Joseph Dadzie

Vice President, Product Management

Additional resources

Learn more about Microsoft Entra

Evolving identity security: How the Conditional Access Optimization Agent helps you adapt

Swaroop Krishnamurthy — Tue, 31 Mar 2026 20:17:05 GMT

Organizations are expanding Zero Trust across more users, applications, and now a growing population of AI agent identities, making it even more challenging to maintain visibility and control at scale. As environments grow more complex and change daily, static best-practice approaches can’t keep up. Security teams are left trying to reason across dozens of access policies, shifting conditions, and evolving risks, often without clear visibility into where gaps exist.

That’s exactly what we’re hearing from customers.

“The recommendations are great, but they don’t always match how our organization works.”

With this latest set of enhancements, the Conditional Access Optimization Agent moves beyond static guidance to continuous, context-aware identity posture optimization. The agent now understands your organization’s business context, surfaces gaps that manual reviews miss, helps you act on insights safely, and proves the impact of your improvements—all as part of a new operating model for identity security.

Here’s a quick look at what’s new in the Conditional Access Optimization Agent, now in public preview:

Context-aware recommendations tailored to your environment.
Continuous deep gap analysis to identify persistent or emerging policy gaps.
Automated least-privilege enforcement to reduce unnecessary permissions.
Enhanced phased rollout for gradual, controlled deployment.
Passkey deployment campaigns that streamline phishing-resistant authentication rollout.
Zero Trust posture reporting that helps demonstrate measurable improvements.

These new capabilities are designed to work together as part of a continuous operating model for identity security.

To make this concrete, let’s walk through how the agent works in practice across four key steps – from tailoring recommendations to your environment, to identifying gaps, safely deploying changes, and measurable impact.

This is a view of the agent overview dashboard, showing analyzed coverage, identified gaps, and recommended actions to strengthen your access policies.

Step 1: Make recommendations match your reality

Every organization runs Conditional Access a little differently. Naming conventions, policy design patterns, and exception processes – these all vary across environments.

Until now, the agent's recommendations were based on industry and Microsoft best practices, sign-in data, and your Conditional Access policies. However, guidance needs to reflect how your organizations actually operate.

Context-aware policy recommendations – teach the agent your standards

With context-aware policy recommendations, you can upload internal documentation directly to the agent. Think about the guidance your team already relies on, such as documents that outline authentication strength requirements, device compliance baselines, and internal or external policy standards. These often live as PDFs, wiki pages, or long policy docs that admins manually cross-reference during periodic reviews.

The agent securely uses that context to tailor recommendations for your organization, so they align with how your team designs and manages Conditional Access.

For example, the Australian government publishes Conditional Access guidance for organizations operating in regulated environments. The agent is able to reason over this guidance and produce recommendations aligned to Australian compliance standards.

In the agent’s settings page, you can upload organization-specific policies and guidance so the agent can tailor recommendations to your environment

Step 2: Surface gaps humans can’t easily see

As environments grow more complex, Conditional Access policies become increasingly difficult to reason over. Organizations often manage dozens, or even hundreds, of policies across user groups, applications, authentication strengths, and device requirements, making it hard to fully understand how they interact.

Continuous deep gap analysis

Enterprise customers average 83 Conditional Access policies. The number of possible interactions between those policies – layers, overlaps, and coverage gaps – is challenging to reason over. Manual review typically focuses on recently changed policies. But some of the most critical gaps have been there all along. They are persistent configuration issues that have existed for years.

The agent evaluates how policies interact with one another, understands how authentication requirements are enforced across the policies, and identifies gaps where coverage falls short. This means it can detect:

newly introduced gaps caused by policy changes or configuration drift
persistent structural gaps cause by policy overlap, constantly evolving exceptions, and more

Instead of reviewing policies one by one, the agent evaluates the entire access control system as a whole.

The agent identifies uncovered users and policy gaps by analyzing how Conditional Access policies interact across your environment.

Zero Trust least-privileged enforcement for agent identities

Nowadays, access is no longer just about people. Gartner stated that by 2029, most secure access requests will come from non-human identities—up from less than 5% today.

As AI agents become a rapidly growing part of the workforce, they also introduce new risks. Many of these identities can be over-privileged, making them attractive targets for attackers!

The Conditional Access Optimization Agent identifies agent identities with excessive or unused permissions and recommends least-privilege adjustments.

This extends continuous Zero Trust enforcement beyond workforce identities to the fastest-growing population in your environment.

Step 3: Turn insight into action without breaking things

Finding gaps is important. Fixing them safely is where the real operational challenge begins.

We all know the risk of making access policy changes without understanding their real-world impact. A single misconfigured policy can lock out users or disrupt critical applications.

These enhancements help your teams move from insight to execution with confidence.

Phased rollout for any Conditional Access policy

With our updated Phased Rollout capability, you can now deploy any Conditional Access policy gradually, not only agent-recommended ones like in our previous release.

For each rollout, the agent proposes low-impact phases, monitors real user impact at every stage, and intelligently suggests progression or roll back so you can easily deploy policies while minimizing end-user impact. This means your team no longer needs to manually move policies from report only to enabled. The agent handles that progression for you.

This allows your team to strengthen access protections in a way that works for your business, without widespread lockouts, helpdesk spikes, or disruption to critical workflows.

The agent creates a phased rollout plan, allowing policies to be deployed gradually while monitoring user impact and minimizing disruption.

Passkey deployment campaigns – structured adoption of phishing-resistant authentication

Phishing-resistant authentication is one of the most important steps organizations can take to strengthen identity security – and passkeys deliver both security and usability. The challenge isn't whether to adopt passkeys, but how to roll them out without creating operational friction.

Microsoft data shows consumer users are 3× more successful signing in with passkeys compared to legacy authentication methods. That's where the agent's passkey campaign experience comes in, helping you run structured adoption campaigns across your organization.

Start with your highest-impact users such as administrators, executives, or employees most targeted by phishing. The agent tracks registration progress, identifies users that haven’t enrolled yet, communicates with them via teams, and helps you expand adoption wave by wave.

No more ad hoc enforcement or spreadsheet-driven tracking across teams.

The agent guides passkey adoption with structured campaigns, targeting users, tracking progress, and expanding rollout in stages.

Step 4: Prove progress and communicate impact

Closing gaps is only just a piece of the whole story. Security leaders increasingly need to demonstrate measurable progress, to both internal stakeholders and your executive leadership.

The built-in reporting dashboard provides a clear summary of posture improvements driven by you and the agent. You can track:

Exactly how many Conditional Access policy gaps the agent has discovered
Users, Apps, and Agent IDs you have improved policy coverage for
Remaining users, apps, and agent IDs requiring additional coverage

This makes it easier to demonstrate the value of your Zero Trust investments and communicate progress to your leadership.

The reporting dashboard tracks Conditional Access posture improvements, showing gaps closed, coverage gained, and remaining areas to address.

The new operating model for identity security

These enhancements aren't incremental improvements to a recommendation engine.

They represent a shift in how identity security operations work. Moving from static rule management to continuous, context-aware optimization leveraging the power of AI.

Identity security is no longer a periodic audit exercise. It becomes a continuous operational capability - helping you secure both human and non-human identities across authentication, access, and risk.

Get started today

If you have Microsoft 365 E5, the Conditional Access Optimization Agent will become available through a phased rollout. Once available in your tenant, you can enable it directly in the Microsoft Entra admin center and start using it right away.

We are continuing to expand these capabilities and will evolve the agent based on your feedback.

Enable the Conditional Access Optimization Agent → Security Copilot agents - Microsoft Entra admin center

Swaroop Krishnamurthy

Principal Product Manager, Microsoft Entra

Swaroop Krishnamurthy | LinkedIn

Additional resources

Learn more about Microsoft Entra

Microsoft Entra Tenant Governance: Secure and manage multi-tenant environments at scale

Joseph Dadzie — Tue, 31 Mar 2026 20:18:20 GMT

Managing identity across multiple tenants is a growing challenge for organizations of all sizes. Mergers, acquisitions, and the rise of shadow IT often lead to a fragmented tenant landscape—creating security and compliance blind spots that attackers are quick to exploit. Even a single poorly secured tenant can put your entire organization at risk.

Many of these shadow tenants may lack critical controls like MFA, Conditional Access, or privileged role protections. Recent high-profile incidents have reinforced an important reality: attackers can move laterally from an unmanaged tenant into production environments, bypassing controls organizations assumed were in place.

Microsoft Entra Tenant Governance addresses this challenge by providing a centralized, risk-informed way to discover, govern, and continuously secure all related tenants—without relying on custom scripts or fragmented administrative models. From small tenant estates to large enterprises, Entra Tenant Governance enables least-privilege access, enforces configuration baselines, and maintains continuous visibility from a single control plane.

Why Tenant Governance Matters

Built on Microsoft’s own experience securing a large and complex tenant estate, Entra Tenant Governance is designed to make tenant relationships visible, governance enforceable, and security posture continuously verifiable—at scale. Tenant Governance provides a centralized model for managing tenants with different workloads, security requirements, and operational owners, enabling consistent governance across tenants without forcing a one-size-fits-all approach.

With Entra Tenant Governance, organizations can:

Discover and inventory all related tenants, including production, non-production, and employee-created tenants.
Establish governance relationships for least-privilege cross-tenant access.
Monitor and enforce consistent tenant policies to maintain a strong security and compliance posture.
Securely create new tenants with governance applied from day one.

So what does this look like in the real world? Let’s walk through four scenarios.

Real-World Scenarios

1. Discovering Related Tenants

An organization is trying to reduce tenant-to-tenant risk across a growing identity estate shaped by mergers, acquisitions, and shadow IT. The security team recognizes that effective mitigation starts with visibility, so they begin by identifying which other tenants are connected to their production tenant and what exposure those connections might create.

Related Tenants experience automatically generates a continuously updated list of tenants that have observable connections to the organization’s tenant. This is not intended to be a definitive ownership or organizational inventory, but a risk-informed discovery view designed to surface tenants that may warrant governance attention. The tenant governance service keeps this inventory current by detecting relationships based on discovery signals for B2B access, multi-tenant applications, and Microsoft billing. In practice, the organization finds that tenants requiring governance attention typically leave these discoverable “traces” in production environments, making it possible to identify and prioritize them without relying on a manual inventory.

Screenshot of related tenants discovery view.

Next, the organization uses the metrics associated with each discovery signal to triage. These metrics help determine which related tenants should be brought into governance and whether any existing relationships represent immediate security exposure that needs to be mitigated.

When the team drills into a specific related tenant, the experience consolidates signals into a single view that clarifies how the tenant is connected and what risks the relationship may introduce. For example, the organization may see users using B2B to access administrative experiences in the related tenant. The team may also see a Microsoft billing relationship indicating that a billing account in the organization’s tenant is paying for an Azure subscription in the other tenant. Together, these signals suggest the tenant should likely be governed as part of the organization’s tenant landscape. If the related tenant also hosts a multi-tenant app with access to the organization’s tenant data, that becomes a priority indicator. The team can then validate and strengthen security controls to reduce the risk of data exposure if the related tenant or its applications are not adequately secured.

Screenshot of related tenants discovery signals.

Learn more about related tenants.

2. Creating Tenant Governance Relationships

After identifying tenants that require governance, an organization needs reliable administrative access across those tenants to perform resource management and governance tasks. The identity team wants to avoid the overhead and risk of managing separate local admin accounts or managing permissions of B2B accounts in every tenant.

Using Microsoft Entra Tenant Governance, the organization establishes tenant governance relationships between its central governing tenant and each governed tenant. Each relationship is set up through a request and approval workflow that formalizes which tenant is governing and which is governed, and the degree of access that the governing tenant has to the governed tenant. This approach scales so that as the organization’s tenant landscape grows, the governing tenant can manage relationships with many governed tenants with different security, compliance, and organizational requirements.

Screenshot of governed tenants view.

Once relationships are established, the organization assigns least-privilege delegated administration by mapping security groups in the governing tenant to built-in Entra roles in each governed tenant. Administrators can then sign in from the governing tenant and manage resources in governed tenants across Microsoft administration experiences, without requiring a B2B guest account or a local user account in those tenants. This creates a more streamlined and consistent admin experience across environments.

Centralized access administration also improves control. The organization can view, audit, and manage administrative access in one place, and keep permissions aligned to job changes by updating group membership in the governing tenant.

Screenshot of tenant governance policy template details.

Learn more about tenant governance relationships.

Administrators of Microsoft Defender and Sentinel are also able to leverage delegated access in the Defender multi-tenant management experience. To learn more about this, read the Defender blog post.

3. Tenant Configuration Management

An organization has established administrative access to the tenants it governs, and the next priority is keeping those tenants aligned with security and compliance requirements over time. The challenge is consistency. Settings often drift as admins make changes, new policies are introduced, or service configurations evolve. The identity and security teams need a repeatable way to define what “good” looks like across different tenants in its estate, and to detect when a tenant deviates.

With tenant configuration management, the organization defines a configuration baseline that represents the desired state of tenant resources. The baseline is expressed in a standard .json format and can cover more than 200 resource types across Microsoft services, including items like Conditional Access policies in Entra and transport rules in Exchange, as well as supported resources in Intune, Defender, Purview, and Teams. The organization can use different configuration baselines depending on the workloads and requirements in a particular tenant.

Screenshot of tenant configuration baseline view.

To accelerate adoption, the organization uses configuration snapshots to capture settings from a known-good tenant and uses that output as a starting point for the baseline, rather than authoring everything from scratch.

Screenshot of tenant configuration monitors.

The organization then sets up configuration monitors that run automatically on a schedule and validate the actual state of resources against the baseline. The results provide recent run summaries, and a configuration drift report highlights where configurations differ from the desired state so teams can prioritize remediation.

Screenshot of tenant configuration drift report.

To match operational ownership, the organization creates up to 30 monitors and commonly aligns them by service, such as one monitor for Entra and another for Exchange. Each monitor can include as many resources as the organization is licensed to monitor.

Organizations that are currently leveraging the open-source Microsoft365DSC solution can easily migrate to Entra tenant configuration management. The Entra solution offers several improvements over the open-source project, is fully supported by Microsoft, and is the recommended approach for organizations looking to manage their tenants’ configuration with declarative code.

Learn more about configuration management. To see the full list of resource types that are supported for tenant configuration management, see our documentation: Entra, Exchange, Intune, Defender and Purview, and Teams.

4. Secure Tenant Creation

Now that the organization has discovered its related tenants and brought them under governance, the next priority is ensuring that any new tenants created in the future follow the same governed pattern from day one. The organization still needs flexibility to support real business needs, so the identity team designs a controlled process that allows only approved users, in the engineering group, to create add-on tenants for testing new capabilities in a test environment.

With secure tenant creation, the organization can enable this delegated creation model while helping ensure governance from the start. When an approved user creates a new tenant, it is configured to be well-governed from day one. The new tenant is created with a built-in tenant governance relationship to the organization’s governing tenant, ensuring the governing tenant has the cross-tenant administrative access needed to apply governance and perform ongoing management without delay.

Newly created tenants are also linked to the organization’s Microsoft billing account at creation time. This provides proof of commercial ownership and reduces operational risk. If administrative access to the tenant is lost, the billing linkage helps streamline tenant recovery, so the environment does not become orphaned.

Screenshot of secure tenant creation process.

Learn more about secure tenant creation.

Licensing and Availability

Microsoft Entra Tenant Governance capabilities are available in Entra ID P1 (also included in Microsoft 365 E3), Entra ID P2 (also included in Microsoft 365 E5), and Microsoft Entra ID Governance (also included in Entra Suite and Microsoft 365 E7). See the Microsoft Entra licensing page for more details.

Tenant configuration management APIs are generally available. Other tenant governance experiences are in public preview. These new capabilities are now rolling out, with deployment expected to complete over the next few days.

How to Get Started

To get started, read our Tenant Governance documentation to learn more about these features and how they enable you to address important security and compliance scenarios.

High-quality tenant governance tooling and operational processes are foundational for organizations to achieve their security and compliance objectives. We’re eager to get your feedback on these new Entra capabilities that empower you to achieve your goals – feel free to drop a note below in the comments section of this article.

-Joseph Dadzie
Vice President, Product Management

Additional Resources

Learn More About Microsoft Entra

Prevent identity attacks, ensure least-privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.

Strengthen identity resilience: Recover with confidence using Microsoft Entra Backup and Recovery

Joseph Dadzie — Tue, 31 Mar 2026 20:31:16 GMT

Identity is the backbone of modern security. When identity systems fail, access breaks down, productivity stops, and security controls weaken across the organization. That is why Microsoft invests deeply in resilience across Microsoft Entra, designing the service not only to meet a 99.99% availability SLA, but also to continue supporting sign-ins even when parts of the cloud experience disruption.

This resilience is built into the foundation of the service. Microsoft Entra is hardened at the core, supported by a parallel backup authentication system, and reinforced through resilient SDKs and applications. Together, these layers help ensure that critical identity scenarios continue to function during service level incidents.

However, resilience is not only about keeping the service available. It is also about recovering when changes inside your tenant do not go as planned. Identity environments evolve constantly as policies are updated, integrations expand, and administrative responsibilities shift. Without a reliable way to understand, validate, and recover those changes, even routine updates can introduce significant risk.

A misaligned policy can block user or administrator access. A provisioning error can overwrite thousands of user attributes leading to increased support calls. A compromised privileged account can quietly modify critical group memberships in ways that are difficult to detect and even harder to reverse at scale. While service resilience keeps Microsoft Entra available, Microsoft Entra Backup and Recovery helps organizations recover when changes inside their environment introduce risk or disrupt users.

Microsoft Entra Backup and Recovery now available in Public Preview

Microsoft Entra Backup and Recovery helps you build identity resilience into daily operations using an always‑on, Microsoft‑managed solution that rapidly restores critical identity objects to a known‑good state. It provides automatic backups, point‑in‑time visibility into configuration changes, and backups are protected by a built‑in safeguard that prevents them from being disabled, deleted, or altered. This helps reduce recovery time and maintain business continuity.

For Public Preview, we are announcing new capabilities that help you recover with confidence: Restoring core directory objects 1 backup a day within the last 5 days, including users, groups, applications, service principals, Conditional Access policies, authentication method policy, authorization policy, and named locations.

Entra Backup and Recovery strengthens the core of your identity resilience strategy, helping you minimize downtime, protect your tenant, and recover quickly from both accidental changes and security compromises while maintaining confidence in the integrity of your environment.

Note: Microsoft Entra Backup and Recovery is available today and requires an Entra ID P1 or P2 license. Learn more on the Microsoft Entra Backup and Recovery learn docs page.

Get started today by navigating to Microsoft Entra Backup and Recovery under the Entra ID blade in the Microsoft Entra admin center.

Next, let’s explore how Entra Backup and Recovery helps organizations respond quickly and confidently by examining three common disaster recovery scenarios. These include an erroneous Conditional Access update that blocks user access, widespread user‑attribute corruption caused by an HR system issue, and malicious modifications to identity configurations.

Scenario 1: Recovering from an erroneous Conditional Access change that locks out users

Conditional Access policies are central to enforcing Zero Trust, and many organizations rely on them to control access across users, applications, and locations. While safeguards such as report-only mode and change validation help reduce risk, organizations need a reliable way to quickly recover from mistakes that can have an outsized impact.

In this scenario, an identity team is updating an existing Conditional Access policy as part of routine maintenance. During the update, an exclusion group is unintentionally removed from the policy assignments. The change applies right away. Some users are no longer able to sign-in, authentication failures increase, and helpdesk tickets begin to spike.

To restore access without prolonged disruption, the identity team turns to Microsoft Entra Backup and Recovery. Using the Backup and Recovery experience in the Microsoft Entra admin center, they review available backups and select a recent snapshot that reflects the last known-good configuration.

Identify the right backup to restore

You can easily view available backups in the Microsoft Entra Admin center and take action on accidental changes.

Next, the team generates a Difference Report scoped to Conditional Access policies. The report clearly shows what changed, including the removal of the exclusion group from the affected policy. This allows the team to confirm the root cause before taking action and to ensure no unrelated policies are included in the recovery scope.

After validating the changes, the team runs a targeted recovery job to restore the affected Conditional Access policy to its previous state. Within minutes, access is restored for impacted users, without requiring manual policy edits or custom scripts.

By using Microsoft Entra Backup and Recovery to identify the exact change and revert only the affected configuration, the organization resolves the incident quickly, limits disruption, and maintains confidence in its identity controls.

Scenario 2: Restoring user attributes after an HR system error pushes incorrect data at scale

Many organizations rely on an HR system as the authoritative source for user identity data. Attributes such as job title, department, and manager name often flow automatically into Microsoft Entra and downstream applications to power access decisions, workflows, and reporting.

In this scenario, a configuration issue in the HR system causes incorrect attribute values to be pushed to multiple user accounts during a scheduled provisioning cycle. Job titles and departments are overwritten at scale, reporting structures become inaccurate, and applications that depend on consistent identity data begin to behave unpredictably. To prevent further impact, the identity team pauses inbound provisioning while they assess the situation.

To investigate, the identity team uses Microsoft Entra Backup and Recovery to compare the current state of user attributes with a backup taken two days prior.

Validate configuration changes with a Difference Report

Admins can use the Difference Report to gain visibility into attribute changes, with a clear, itemized view across affected users.

The generated Difference Report clearly shows which users were affected and exactly which attributes changed, giving the team an immediate, actionable view of the impact.

To ensure the correct scope before recovery, the team applies granular filters to narrow the recovery to the affected users and attributes. This allows them to precisely target the recovery job without overwriting unrelated or valid updates made elsewhere in the directory.

You can apply granular filters in the difference report to quickly pinpoint the exact object that needs recovery.

After examining the changes and applying the right filters, administrators initiate the recovery job. Throughout execution, they monitor progress from the recovery history page, which surfaces real‑time status through the modified objects column, giving teams clear visibility into recovery progress and scope.

Once the HR system configuration is corrected, inbound provisioning is resumed with confidence, knowing the directory has been returned to a previously known good state and the organization can trust the accuracy of its identity data going forward, and normal operations continue without prolonged disruption.

Scenario 3: Recovering after malicious changes to identity configurations

In this scenario, a compromised privileged account is used to make malicious changes to identity configurations. MFA requirements are weakened and sensitive group memberships tied to critical applications are altered. Security teams detect suspicious activity and escalate the incident for investigation and remediation.

Once the immediate threat is contained, the identity team must determine exactly what changed and restore trusted configurations as quickly as possible. Manually reviewing and rebuilding identity settings across multiple objects would be time consuming and increases the risk of missing subtle but impactful changes. In addition to malicious configuration changes, malicious actors may also delete critical identity objects, which Microsoft Entra Backup and Recovery can restore by integrating with soft‑deletion as part of the same recovery process.

To assess the impact, the team uses Microsoft Entra Backup and Recovery to compare the current tenant state with a backup that reflects the last known good configuration prior to the compromise.

Execute the recovery job with confidence

You can quickly verify configuration changes and execute the recovery job with Microsoft Entra Backup and Recovery.

Once admins identify which directory object they want to recover, they select Recover this object, to remove the attacker’s malicious modifications and restore the trusted configuration. After running the recovery job, trusted configurations are reinstated and malicious modifications are removed, and the team verifies that MFA enforcement, access conditions, and group memberships have been returned to their expected state without requiring manual cleanup or reconstruction.

By using Microsoft Entra Backup and Recovery to quickly identify and revert malicious changes, the organization limits the blast radius of the incident, restores confidence in its identity environment, and resumes normal operations with minimal disruption.

Getting started with Microsoft Entra Backup and Recovery

Microsoft Entra Backup and Recovery is available today in Public Preview. If you’re a Microsoft Entra customer with Entra ID P1 or P2 license, you can start using these capabilities immediately in the Microsoft Entra admin center.

Microsoft Entra Backup and Recovery is built as an API‑first, extensible platform that gives customers the flexibility to design backup and recovery workflows aligned to their operational needs. These same APIs enable independent software vendors (ISVs) to integrate and deliver complementary solutions that extend Entra with their domain expertise.

To get started, sign-in to the Microsoft Entra Admin center as an Entra Backup Administrator role. In the left navigation, select Backup and Recovery to explore your automatic backups, generate Difference Reports, and run recovery jobs. From here, you can review your snapshot history, investigate configuration changes across your directory, and begin restoring objects as needed.

Identity resilience isn’t optional—it’s essential. With Microsoft Entra Backup and Recovery, you can minimize downtime, protect your tenant, and recover confidently from accidental changes or security compromises. Start using Entra Backup and Recovery in Public Preview today and join the conversation in the Microsoft Entra Tech Community.

-Joseph Dadzie

Vice President, Product Management

Additional resources

Learn more about Microsoft Entra

External MFA in Microsoft Entra ID is now generally available

Swaroop Krishnamurthy — Tue, 31 Mar 2026 20:33:33 GMT

Multifactor authentication remains a foundational control for securing user identities, especially as organizations adopt Zero Trust and respond to increasingly targeted identity attacks.

Microsoft’s research shows that MFA reduces the risk of account compromise by more than 99 percent. Microsoft Entra ID already offers a broad set of native MFA options.

Now, with the GA of external multifactor authentication (external MFA)—previously known as external authentication methods—you can integrate trusted third-party MFA providers while continuing to rely on Microsoft Entra ID as your central identity control plane.

Why External MFA matters

External MFA is designed for organizations that:

Use a third-party MFA solution to meet regulatory or business requirements
Need to support specific scenarios, such as mergers and acquisitions
Want to unify MFA experiences under a modern identity system

Built on the OpenID Connect (OIDC) standard, external MFA allows you to integrate your preferred MFA provider into Microsoft Entra ID without sacrificing security or policy enforcement.

Figure 1: Configure external MFA in Microsoft Entra ID

How it works

Once configured, external MFA is managed alongside native Microsoft Entra ID authentication methods—giving administrators a single pane of glass for all authentication methods.

Every sign-in still goes through full policy evaluation, including real-time risk assessment and Conditional Access.

Figure 2: Sign-in with external MFA

Integrating external MFA with Conditional Access allows administrators to align authentication prompts with their organization’s security and business objectives by using sign-in frequency and session controls. When these policies are properly tuned, they strike the right balance between reauthentication and user productivity. However, overly frequent reauthentication can degrade user experience and can even increase phishing risk by conditioning users to approve prompts without careful review. To avoid these issues, we recommend following Microsoft’s reauthentication guidance when configuring your Conditional Access policies.

Migration from Custom Controls

External MFA replaces Custom Controls, which will be deprecated on September 30, 2026. Existing configurations will continue to work during the transition period. We’ll share detailed migration guidance soon to help you move to external MFA before the retirement date.

Start integrating external MFA today by following our step-by-step guide on Microsoft Learn.

Thank you to our customers and MFA solution partners for your feedback during the preview phase. Your input helped shape this release.

-Swaroop Krishnamurthy

Principal Product Manager
Microsoft Entra ID

Additional resources

How to manage external MFA in Microsoft Entra ID - Microsoft Entra ID | Microsoft Learn

Learn more about Microsoft Entra

⁠Microsoft Entra News and Insights | Microsoft Security Blog

⁠⁠Microsoft Entra blog | Tech Community

⁠Microsoft Entra documentation | Microsoft Learn

Microsoft Entra discussions | Microsoft Community

Microsoft Entra innovations announced at RSAC 2026

Irina_Nechaeva — Mon, 30 Mar 2026 15:54:53 GMT

Agentic AI is reshaping how organizations work, and it is fundamentally changing how we must think about protecting identity and access. As AI accelerates innovation, the number of users, devices, apps, and agents is exploding, creating an unprecedented number of digital identities across disparate systems. Every new identity, whether human or non-human, represents another potential entry point for attackers and another potential gap in visibility. In the 2026 Secure Access report, 97% of organizations experienced an identity or network access incident in the past year, and 70% reported incidents tied to AI-related activity.

The attack surface is growing faster than traditional security approaches can keep up, forcing organizations to rethink how they protect their identities and data at scale. This is why security must start with an access fabric, which creates a common identity foundation for employees, workloads, and AI agents, continuously shares signals and evaluates risk, and enforces access decisions in real time across every identity and session.

The latest Microsoft Entra innovations advance this vision, so you can protect access for people and agents and strengthen your Zero Trust posture. With those new capabilities you can:

Protect agent identities with the same rigor as users, apps and devices, using familiar protections like identity governance and Conditional Access in Microsoft Entra Agent ID, the identity foundation of Microsoft Agent 365.
Secure employee access in the AI era, from shadow AI discovery and prompt injection protection to strong phishing-resistant authentication enabled by flexible passkey deployments, extensibility to the broad range external MFA providers, and adaptive risk remediation.
Strengthen your identity foundation by protecting your multi-tenant environments with Tenant governance, adding a layer of resilience with Backup and Recovery, making it possible to restore critical identity objects with confidence and accelerating Identity Security by improved identity risk detection, analytics and remediation, connecting identity and SecOps team to respond faster and proactively improve your identity security posture.
Supercharge your identity team with new Conditional Access agent capabilities, including context-aware recommendations, phased rollout for any policy, and automated least-privilege enforcement. You can also discover and extend identity integrations with Microsoft Security Store.

Throughout the week at RSAC, we’ll be demonstrating these capabilities and sharing practical guidance on how to build a more resilient, comprehensive identity and access security strategy. Below is a closer look at the innovations and where to see them in action at the RSAC.

Protect agent identities

As organizations adopt AI agents at scale, many are deployed without consistent controls. As shared earlier this month, Microsoft Entra Agent ID, the identity foundation of Microsoft Agent 365, helps secure agent identities and their access to resources by assigning a unique ID to AI agents built with Microsoft Foundry, Microsoft Copilot Studio and our Agent 365 ecosystem partners. This gives identity teams a consistent way to apply the same rigor they use for users, apps and devices identities.

With that foundation in place, we are integrating ID Governance access packages into Microsoft Agent 365 Security Policy Templates, so agents can start secure as they are onboarded. We are also extending existing Conditional Access user policies to secure agents that work on behalf of users. These protections help make real-time access decisions based on risk signals and custom security attributes. Together, they help prevent compromise and reduce the risk of misuse by malicious actors.

Secure employee access in the AI era

As AI becomes embedded in daily work, organizations need consistent controls governing access to apps, data, and AI services. Microsoft Entra Suite unifies identity and network access under a single policy framework to help deliver Zero Trust access to any resource, including AI applications and agents.

Microsoft Entra Internet Access extends identity-based Zero Trust controls to web, SaaS, and AI traffic. It provides visibility into AI tools and agents and helps secure employee access as usage grows.

Key innovations in Internet Access include:

Shadow AI detection complementing Microsoft Defender for Cloud Apps to discover and monitor unsanctioned AI applications, track usage, and instantly enforce Conditional Access to allow or block those apps (generally available).
Prompt injection protection to block malicious AI prompts (generally available).

Microsoft Entra continues to advance passwordless authentication experiences, strengthening how users prove who they are and ensuring secure, low‑friction access as AI usage accelerates:

Synced passkeys and passkey profiles to enable seamless, phishing‑resistant sign‑in and deployment across your organization (generally available).
Microsoft Entra Passkeys on Windows to extend Windows Hello experiences, making passkeys even more seamless for users on Windows devices (preview).
External MFA (formerly called External Authentication Methods) to enable integration of MFA providers directly with Microsoft Entra ID and your existing Conditional Access policies (generally available).
Adaptive risk remediation enables passwordless users to securely regain access without help-desk friction. Entra ID Protection supports appropriate automatic self-remediation across all authentication methods, passwordless and those that still use passwords, adapting to where customers are in their modern authentication journey (generally available in April 2026).

These updates help protect identities and access points while moving organizations closer to a passwordless future.

Strengthen your identity foundation

Organizations require the ability to proactively govern multi-tenant environments and recover quickly from misconfigurations or compromises. To address this need, we're introducing new capabilities that strengthen identity resilience and minimize risk of managing complex, multitenant environments:

Microsoft Entra Backup and Recovery enables confident recovery of critical directory objects to a known good state after accidental changes or security compromises. Automated, high-performance backups and point-in-time restore capabilities help reduce recovery time and support operational continuity (preview).
Microsoft Entra Tenant Governance helps you centrally govern multi-tenant environments, reduce risk from shadow IT tenants, and enforce a consistent security posture. You can discover and inventory tenants, establish governance relationships, monitor tenant configurations, and securely create new tenants (preview). The tenant configuration API helps you simplify and standardize how tenant settings are managed across Microsoft workloads with JSON-based configuration baselines (generally available).
Microsoft Entra cross-tenant group synchronization helps organizations securely manage access across related tenants by enabling governed, policy-driven group sharing without duplicating identities or increasing administrative overhead. By centralizing group lifecycle management and enforcing consistent governance controls across tenants, organizations can reduce access sprawl, simplify collaboration, and maintain least‑privilege access in complex multi-tenant environments (preview).

Accelerate your identity security

But resilience alone isn’t enough. Modern identity security means stopping attacks before they escalate. And, as identities expand beyond human users, organizations need to extend their identity security tools to protect users, apps, and agentic identities across their identity fabric.

We're advancing identity security with unified risk and enhanced detections across Entra and Defender. Powered by trillions of signals across Microsoft Security, risk-based Conditional Access can now make more informed and intelligent access decisions based on aggregated risk across identity accounts. This improves identity protection for high-impact scenarios like lateral movement and privilege escalation and strengthens protection across cloud and hybrid environments. With shared visibility across Identity and Security Operations teams, admins gain a deeper understanding of their risky identities and can respond more efficiently across their cloud and hybrid infrastructure.

Supercharge your identity team

Conditional Access is central to Zero Trust architecture, but policies can drift as environments change. The Conditional Access Agent in Microsoft Entra helps continuously analyze access policies and deliver recommendations aligned to your unique environment. It identifies persistent gaps and helps strengthen protections without disrupting productivity.

We’re introducing new capabilities that make the Conditional Access Agent more intelligent, personalized, and actionable (preview):

Context-aware recommendations tailored to your environment.
Enhanced phased rollout for gradual, controlled deployment.
Continuous deep gap analysis to identify persistent or emerging policy gaps.
Automated least-privilege enforcement to reduce unnecessary permissions.
Zero Trust posture reporting that helps demonstrate measurable improvements.
Passkey deployment campaigns that streamline phishing-resistant authentication rollout.

Discover and extend identity integrations with Microsoft Security Store

Security Copilot agents help teams optimize and act, while the Microsoft Security Store helps them extend and scale. As identity environments expand, organizations increasingly rely on partner capabilities to address specialized needs. By bringing the Microsoft Security Store directly into Microsoft Entra, teams can now find trusted, Microsoft Entra‑ready agents and integrations within the product experience.

The Microsoft Security Store helps customers discover identity solutions from Microsoft and partners, including integrations with Entra External ID and Entra Verified ID, plus more than 15 identity agents powered by Security Copilot that surface identity posture gaps, strengthen identity verification, reduce fraud across workforce, consumer, and external identities, and more. This centralized discovery and purchasing experience reduces friction and helps teams deploy solutions more quickly through the Microsoft Security Store. Read more.

Where to find Microsoft Entra at RSAC 2026

Before RSAC begins, Microsoft Security product leaders will host a pre-day session on Sunday, March 22 at 4:00pm PST in the Palace Hotel to share how security is the foundation of Frontier Transformation. Learn more about our security vision, top threat intelligence trends, and product demos ahead of the event. Secure your spot today.

During the week, come connect with the Microsoft Entra team at RSAC. Visit the Microsoft booth #5744 to experience live product demonstrations and participate in our expert-led theater sessions.

Executive Lunch and Learn Session at the Palace Hotel

Session Title

Session Description

Date & Time (PT)

Microsoft Entra Secure Access Lunch

Join us for a special lunch and learn focused on Microsoft Entra and how it helps organizations modernize identity and network security and move toward a more resilient access fabric. This discussion will provide insights on how to secure access for all identities across your Zero Trust journey – whether human or agentic. You don’t want to miss this! Sign up for the session here.

· Date: March 23, 2026

· Time: 12pm – 1:30pm

· Location: Twin Peaks Room in the Palace Hotel

Microsoft Entra Theater Sessions in booth #5744

Session Title	Session Description	Date & Time (PT)
Control agent sprawl and secure access with Microsoft Entra	Learn how to control agent sprawl and secure AI agent access to apps, resources and other agents. This technical review and real-world demo of Microsoft Entra Agent ID—the identity foundation of the Microsoft Agent 365 control plane for agents—demonstrates how familiar tools like Conditional Access, access governance, and lifecycle workflows extend to agent identities, enforcing least privilege access (or Zero Trust access) for AI agents in your enterprise.	· Date: March 23, 2026 · Time: 6:40- 7:00PM · Location: Booth #5744
From Crisis to Control: Governance, Backup, and Recovery with Microsoft Entra	Learn how to protect your organization from service misconfigurations, operational errors, and security compromises using Microsoft Entra. This session shows how Microsoft Entra Tenant Governance enables continuous discovery, configuration insight, and tenant‑level oversight, while Microsoft Entra Backup and Recovery provides rapid restoration of critical identity objects including users, groups, and Conditional Access policies and more.	· Date: March 24, 2026 · Time: 11:30-11:50 AM · Location: Booth #5744
Accelerate your Identity Security for Modern Identity Defense	Identity underpins every interaction in the modern enterprise but protecting the vast ecosystem of human users, non-human entities and agents can be a daunting task. Join our experts to hear how Microsoft is leveraging its expertise in identity (IAM) and security (XDR) to provide seamless Identity Security protection comprehensively across our customers unique identity footprint.	· Date: March 25, 2026 · Time: 3:30-3:50pm · Location: Booth #5744
Secure Workforce Access to AI with Microsoft Entra Suite	Your workforce is already using AI. In this theater session, see how Microsoft Entra Suite secures access to AI so your workforce can stay productive while protected from new risks like prompt injection and unsanctioned AI tools. We will show unified identity and network controls and risk‑based session policies, plus how Global Secure Access and AI Gateway expose and block risky connections in real time.	· Date: March 25, 2026 · Time: 4:30-4:50 PM · Location: Booth #5744
Defend identity autonomously with agentic AI in Microsoft Entra	Learn how agentic AI is transforming identity security workflows from investigation to remediation. This review and real-world demo of Security Copilot in Microsoft Entra and agents shows how identity teams are using AI to surface risk, close policy gaps, and continuously govern access across users, apps, and devices, reducing manual effort while strengthening Zero Trust at scale.	· Date: March 26, 2026 · Time: 12-12:20 PM · Location: Booth #5744

We look forward to seeing you in March at RSAC 2026. Visit the Microsoft booth, join our theater sessions, and explore how Microsoft Entra helps secure your access fabric in the age of AI.

-Irina Nechaeva

General Manager, Identity and Network Access Product Marketing

Additional resources

Learn more about Microsoft Entra

As AI adoption scales, is your access strategy still viable?

Kaitlin_Murphy — Thu, 09 Apr 2026 16:19:33 GMT

As AI moves from experimentation into everyday workflows and AI agents begin operating more autonomously across systems, access environments are changing in scale, complexity, and speed. Our latest research, Secure access in the age of AI , looks at how security leaders are navigating one of the fastest shifts in enterprise technology adoption, and where existing access models are starting to show strain.

For organizations, AI brings meaningful opportunity. But every new AI tool or agent also introduces additional identities, permissions, and access paths. As a result, identity and network access are no longer just foundational controls. They are central to how organizations manage risk in the age of AI.

AI Is Expanding the Access Landscape

Every AI tool, integration, or agent introduces new identities, permissions, and pathways to systems and data. In many cases, these identities don’t behave like traditional users. They operate continuously, interact with multiple systems, and often require broad access to function as intended.

Security leaders are already seeing the effects of this expansion. In our research, 97% of organizations experienced an identity or network access incident in the past year, and 70% reported incidents tied to AI‑related activity. Threats such as AI‑assisted phishing and agent privilege escalation are now part of the real‑world threat landscape, not edge cases.

What’s notable is that these incidents aren’t always driven by novel attack techniques. Just as often, they stem from environments that have grown complex faster than governance and controls can keep up. As AI adoption scales, that gap becomes increasingly visible.

6 in 10 leaders anticipate more access incidents due to AI agents and employee use of GenAI.

Fragmentation Was Already a Challenge. AI Raises the Stakes.

Long before AI entered the picture, many organizations were already managing fragmented identity and network access environments. Multiple identity providers, overlapping network access tools, and point solutions from different vendors are common, especially in large enterprises.

The research shows that this fragmentation is persistent. On average, organizations use five identity solutions and four network access solutions, often from different vendors. Nearly half of security leaders say they are overwhelmed by vendor sprawl, a figure that has increased year over year.

That fragmentation has real consequences:

Visibility becomes partial and delayed
Policy changes take longer to propagate
Gaps emerge between tools, creating opportunities for misuse and attack

These gaps don’t just create operational overhead. They slow decision‑making and make it harder to respond consistently as risk changes. In an environment where AI systems and attackers alike can move quickly, those delays matter more than they used to.

32% of organizations say their access management solutions are duplicative, 40% say they have too many different vendors.

Access Incidents Are Not Always Malicious

Another important takeaway from the research is that access‑related incidents are not solely the result of attacks. Organizations report a near‑even

split between malicious incidents (53%) and accidental ones (47%).

This points to risk driven by complexity, unclear ownership, and misaligned controls, not just adversarial behavior. As employees adopt generative AI tools and teams deploy agents faster than policies can be updated, unintentional misuse becomes more likely.

AI doesn’t create these conditions on its own, but it does amplify them. When permissions are broad, visibility is limited, and enforcement is inconsistent, even small mistakes can escalate quickly.

Top causes of identity and network access incidents. 97% of organizations have had an incident in the past 12 months.

Why an Access Fabric Matters Now

As access environments grow more complex, security leaders are rethinking how access decisions are made and enforced across the enterprise. The research suggests that organizations using fewer, more integrated access tools have better visibility into activity and can respond more quickly as risk changes.

This shift is often described as moving toward an access fabric. An access fabric is not a single product or control layer. It is an architectural approach that treats access as a continuous, end‑to‑end system – using identity as the consistent decision point and enforcing those decisions across environments in near real time.

In practice, an access fabric enables:

A common identity foundation for employees, workloads, and AI agents
More immediate enforcement of access decisions across the network
Continuous signal sharing across identity, network, and security tools
Faster propagation of policy and risk changes without manual stitching

This model matters because AI systems and automated attacks operate at machine speed. Static access decisions or delayed enforcement create gaps that are difficult to detect and harder to close.

As a result, 64% of security leaders say they are consolidating identity and network access tools, citing complexity, visibility gaps, and slower response times in fragmented environments. Fewer, better‑integrated tools make it easier to apply consistent policy and adapt as new identities and access paths are introduced.

64% of organizations are consolidating tools across identity and network access. 94% of organizations prefer a comprehensive and integrated identity and access management platform.

Read the full report

To explore the full research, including practical insights and recommendations for building a unified access strategy, read the Secure access in the age of AI report.

- Kaitlin Murphy

Learn more about Microsoft Entra

Upcoming Conditional Access change: Improved enforcement for policies with resource exclusions

Swaroop Krishnamurthy — Tue, 17 Mar 2026 17:10:54 GMT

In alignment with Microsoft’s Secure Future Initiative, we are taking the following proactive security measures for defense-in-depth. Please review the changes and take any required actions to prepare.

Note: We’ve adjusted the rollout timeline, with enforcement now starting on May 13, 2026. To support a smooth transition, customers will receive additional details and guidance through Microsoft 365 Message Center messages.

What is changing?

Today, when a user signs in through a client application that requests only OIDC scopes or a limited set of directory scopes, Conditional Access policies that target All resources are not enforced if the policy has one or more resource exclusions.
After this change, Conditional Access policies that target All resources will be enforced for these sign-ins, even when resource exclusions are present. This ensures that policies are consistently applied regardless of the scope set requested by the application. Read more about this change.

When will you see this change?

We’ve adjusted the rollout timeline, with enforcement now starting on May 13, 2026. To support a smooth transition, customers will receive additional details and guidance through Microsoft 365 Message Center messages.

Who will be affected by this change?

This change only affects tenants that have a Conditional Access policy targeting All resources with one or more resource exclusions, and these tenants will be notified through M365 Message Center messages. Tenants without this policy configuration will not be impacted.

How will this affect your organization?

When a user signs in through a client application that requests only the scopes listed above, they may now receive Conditional Access challenges (such as MFA or device compliance) where previously they were allowed access without enforcement. The specific challenge depends on the access controls configured in your policies that target All resources or explicitly target Azure AD Graph as the resource.

What do you need to do to prepare?

✔ Most customers: No action required

Most applications request additional scopes beyond the scopes listed above and are already subject to Conditional Access enforcement. In such cases, there is no change in behavior. We’re working with popular software vendors where updates may be needed to ensure their applications handle Conditional Access challenges appropriately.

⚠ Apps registered in your tenant and requesting only these scopes: Review recommended

If you have custom applications that are intentionally designed to request only the scopes listed above, evaluate whether they can handle Conditional Access challenges such as MFA or device compliance.

If they already handle Conditional Access challenges: no changes are required. If they do not, updates may be needed. Refer to the Microsoft Conditional Access developer guidance on how to update your application appropriately.

-Swaroop Krishnamurthy

Additional resources

Learn more about Microsoft Entra

Simplify your identity landscape, reduce risk, and modernize access for any identity

Kaitlin_Murphy — Mon, 16 Mar 2026 16:50:00 GMT

Organizations everywhere want easier ways to manage identities, reduce risk, and update access for people, apps, devices, and even agents. In her recent identity priorities blog, Joy Chik shared a clear direction for the future: identity isn’t only about security—it’s becoming the foundation for everything. The path ahead includes uniting identity and network access with an Access Fabric, improving governance, and bringing AI-powered protection and operations to every team. The possibilities have never been greater.

But vision only becomes impact when teams can do something with it.

That’s why we’re launching a new Microsoft Entra Access Priorities Series: a new, practitioner‑focused webinar series designed to help you turn Joy’s strategic guidance into actionable, demos-first steps you can take immediately.

Think of this series as your guided path to making the most of your Microsoft Entra portfolio: secure foundations, quick wins, and repeatable patterns you can put into practice to strengthen your access strategy and make the most of the Microsoft Entra portfolio.

In four sessions, our experts will show you how to build secure identity and network access, move away from legacy VPNs, enable secure AI access, and simplify operations with Copilot in Microsoft Entra. Each session includes demos and templates to speed up your identity strategy.

All sessions are now available on demand

Build a unified access foundation

Levent Besik, VP of Product Management; Melanie Maynes, Director of Product Marketing; and Rahul Prakash, Principal Product Manager

In her 2026 identity priorities blog, Joy Chik outlines the Access Fabric as the future of access security, but how do organizations get there? Find out why establishing a strong access foundation is critical, starting with phishing‑resistant authentication, adaptive access, and consistent, continuous and contextual identity controls that reduce risk from the outset.

We will walk through the foundational steps your organization can take to prepare for an Access Fabric that extends seamlessly across users, apps, devices, and AI workloads. Leave with a clear, actionable Zero Trust checklist you can apply immediately.

Watch on demand

Secure access for the workforce in the AI era

Sanjay Shah, Global Black Belt and Josh Lanier, Global Black Belt

AI has fundamentally changed how attackers target employees, making identity compromise faster, more convincing, and harder to detect. Explore why unifying identity and network access is critical to protecting the workforce in the era of AI. See practical demos across three real‑world scenarios: enforcing least privilege access, securing employee access to AI, and modernizing access to all resources with the Microsoft Entra Suite.

Watch on demand

Secure access for AI agents, the new frontier of identity

Nick Wryter, Principal Product Manager and Leandro Iwase, Senior Product Marketing Manager

Once your workforce is secured, it’s essential to extend the same protection to their newest colleagues: AI agents. Tune in to explore the shift beyond human identities and see how Microsoft Entra Agent ID and unified access policies bring Zero Trust to non‑human identity in your environment. Get practical tips to help you register, govern, and protect AI agents with the same rigor as employees, ensuring your access strategy keeps pace with how work is truly getting done.

Watch on demand

Increase security and productivity with AI agents

Chad Hasbrook, Senior Product Manager and Mamta Kumar, Senior Product Manager

Strong access strategy isn’t about initial setup: it’s about keeping operations fast, safe, and scalable as environments constantly change. Learn how Microsoft Security Copilot agent can be used within Microsoft Entra to help you move from manual, reactive workflows to AI-driven identity operations. Dive in to real scenarios where agents assist with Conditional Access, identity risk investigation, and access troubleshooting, working alongside admins to turn signals into action.

Watch on demand

Ready to take the next step?
Visit the session pages to watch the Microsoft Entra Access Priorities Series, now available on demand.

-Laura Viarengo
Product Marketing Manager

Learn more about Microsoft Entra

Securing the AI era starts with identity

isakhnov — Fri, 19 Dec 2025 16:00:00 GMT

Generative AI (GenAI) is quickly transforming how organizations innovate, collaborate, and compete. Adoption rates are impressive, with 75% of knowledge workers already using it. Yet only one in four enterprise AI initiatives are properly secured.

Identity and Security leaders cite data leakage to GenAI tools as their top concern, and just 9% of organizations feel prepared to address risks like prompt injection attacks, Shadow AI, and fragmented security controls. Without a cohesive approach to securing AI, enterprises risk losing control of sensitive data.

Introducing the first identity-centric secure web & AI gateway

At Ignite 2025, Microsoft unveiled a breakthrough in AI security: Microsoft Entra Internet Access now includes a secure web and AI gateway. This brings AI-aware protections into the network layer to close security gaps introduced by the shift to modern work that traditional tools can’t address.

Key capabilities in Public Preview:

Shadow AI Detection helps you discover unsanctioned AI tools through Cloud Application Analytics, Defender for Cloud Apps risk scoring, and Microsoft’s Cloud App Catalog. This empowers security teams to monitor usage trends and apply Conditional Access policies to control access to AI apps or to block high-risk apps instantly.
Network File Filtering blocks uploads or downloads based on file type. It can also inspect file content and metadata in transit, integrating with Microsoft Purview to enforce Sensitive Information Types and Exact Data Match policies. This prevents uploading of regulated or confidential data to unsanctioned AI services.
Prompt Injection Protection inspects AI traffic inline and blocks malicious prompts in real time by extending Azure AI Prompt Shields to the network layer. This ensures consistent protection across all AI apps, agents, and LLMs without requiring you to rewrite your applications.

With these capabilities, you can give employees the freedom to experiment with GenAI while maintaining compliance and reducing risk.

Figure 1: Secure access and protect AI with a secure web and AI gateway.

Extend universal run-time protection to any AI application

Microsoft Entra Internet Access doesn’t just secure connectivity, it enables responsible, accelerated adoption of GenAI. Because Internet Access brings AI-aware protections directly into the network, they seamlessly extend to any AI app in use—no re-coding necessary.

Stop prompt injection before it reaches the model

Imagine an attacker crafting a manipulative prompt that overrides safeguards to extract sensitive data. Traditional tools like endpoint protection or app-level filters often fail to stop this kind of attack because they weren’t built to inspect AI-specific traffic or to enforce policies across diverse AI services. Since they operate at the device or application level, these tools leave openings when employees use multiple GenAI apps across browsers and clouds.

The secure web & AI gateway changes the game by extending Azure AI Prompt Shields to the network layer, building on proven Microsoft AI security. It intercepts and blocks malicious prompts before they ever reach the model, enforcing policies across every device, OS, and browser. Protection works across on-premises, multi-cloud, and hybrid environments, delivering uniform security—no SDKs, updates, or retrofitting required. Every app, including Microsoft 365 Copilot, is protected as-is.

Prevent sensitive data leakage to AI services

Employees who upload files to AI tools or websites risk data exfiltration, IP leakage, and compliance violations. Network File Filtering addresses this by blocking uploads or downloads based on file type—such as executable, spreadsheet, or PDF—and by inspecting files for sensitive information through integration with Microsoft Purview. Purview applies Sensitive Information Types and Exact Data Match policies to stop transfers of regulated or confidential data, preventing exposure.

Detect and control shadow AI

New application insights and analytics capabilities help identify GenAI tools observed in network traffic to address the risk of Shadow AI bypassing corporate policies. They work hand-in-hand with Microsoft Defender for Cloud Apps, which matches any app discovered against Microsoft’s Cloud App Catalog and applies a risk score based on compliance, security posture, and usage patterns. Security teams can apply Conditional Access policies to sanction or block apps instantly based on these risk scores, on usage trends, or even on geo-political considerations.

Secure AI agents and MCP servers

AI agents connecting to external MCP servers can open doors to data exfiltration. Secure Web and AI Gateway enforces strict boundaries at the network layer with URL filtering that allows approved agent connections and blocks unsanctioned MCP servers. Combining this capability with identity-centric controls from Microsoft Entra, organizations can apply fine-grained policies—such as requiring MFA for access to certain AI tools or enforcing geo-restrictions—across Windows, macOS, iOS, and Android. The result is uniform, identity-driven protection across every AI interaction, closing gaps that device-level controls simply can’t.

Fully integrated into Microsoft’s SASE solution, Secure Web and AI Gateway provides a seamless, unified experience for administrators.

Figure 2: Microsoft Entra Suite Ignite Session video.

Along with AI security advancements, we’re also strengthening the broader foundation of Microsoft Entra Internet Access with:

Threat intelligence filtering blocks known malicious sites using continuously updated threat intelligence.
Remote networks for Internet traffic extends Microsoft Entra Internet Access protections to branch offices and remote sites without requiring the Global Secure Access client.
Cloud firewall for remote networks applies centrally-managed, identity-driven firewall policies, adding advanced threat filtering at the network edge.

Beyond Secure Web and AI Gateway: Microsoft Entra Suite innovations that transform identity security

Identity is the most strategic control point for security and governance in a world of AI-driven, hybrid work. Microsoft Entra Suite brings automation, intelligence, and context-aware access to every identity, app, and environment. This helps organizations advance beyond static policy controls to dynamic, identity-driven security that adapts to risk, reduces operational overhead, and secures access everywhere.

Automate least privilege

New Microsoft Entra Identity Governance capabilities make least-privilege enforcement more automated, contextual, and adaptive across the identity lifecycle:

User-centric access reviews evaluate access across critical apps and resources to pinpoint excessive or outdated privileges for each individual user. This makes it easier to reduce privilege creep and improve remediation accuracy.
Identity and insider risk-based entitlement management automatically initiates an additional approval workflow to access request when identity risk or insider threat indicators are detected, mitigating threats before they escalate.
My Access enhancements, such as suggested access packages, dynamic approval, on-behalf of request, and the ability to delegate approvals, empower managers and delegates to review, approve, and act on access requests directly with built-in accountability. This shifts responsibility for governance from IT to business owners while ensuring decisions remain auditable and policy-driven.
Lifecycle workflows via custom security attributes automatically align access to job changes, compliance needs, and security requirements, triggering automated onboarding, offboarding, or job-change actions based on role, clearance, or custom security attributes.

These new least-privilege capabilities transform governance from an overly manual process into one that’s smarter and self-regulating. Least privilege enforcement becomes dynamic and identity-aware, continuously tightening access based on user behavior, business context, and risk.

Modernize access for all apps

New Microsoft Entra capabilities simplify and secure access to every application—SaaS, cloud-native, and on-premises—by extending Zero Trust principles beyond the network perimeter:

Intelligent local access routes access to on-premises apps and resources using smart, identity-based controls—without VPNs or manual configurations—providing a seamless user experience.
Passwordless remediation enables secure, self-service recovery for lost passkeys, so users can stay productive without compromising security.

These capabilities help organizations modernize access with frictionless a user experience, intelligent routing, and identity at the core—enabling secure, adaptive connectivity for every app, device, and location.

Ready to secure AI and modernize identity?

Watch the Ignite breakout session: Accelerate Zero Trust & Secure AI Access for live demos and customer stories
Watch the Microsoft Entra Mechanics video for a deep dive into AI-aware protections
Start your journey today: Entra Suite Trial

-Igor Sakhnov

Corporate Vice President, Deputy CISO, Identity

Learn more about Microsoft Entra

Surfing the AI Wave: Manage, govern, and protect AI agents with Microsoft Entra Agent ID

Alex_Simons — Tue, 31 Mar 2026 20:34:52 GMT

Last month, when I blogged about riding the AI wave, I reviewed the reality of AI Agent adoption, basic information about agents, and the challenge of managing them at scale. I could only hint about what we’d announce at Microsoft Ignite: a huge update for the Microsoft Entra Agent ID public preview.

I’d like to thank customers and partners who’ve been paddling out to the deep waters of agent visibility and security with us. Your feedback has been crucial in this journey, and it was super cool to feature a few of you in my Agent ID Ignite session. Thank you.

🎥 Watch the replay of Alex’s session at Microsoft Ignite to see Agent ID in action.

The challenge organizations are facing is crystal clear:

How do we harness the power of AI agents securely and at scale?

Every CISO I talk to shares similar concerns:

How will I get observability to the growing sprawl of AI agents?
How will I ensure agents only access what they need?
How will I track all the things agents are doing?
How can I protect my organization if an agent goes rogue or gets compromised?

These concerns must be addressed - not only so CISOs can sleep better at night, but also to help your organization create value with all the incredibly cool AI agents being built now and for the foreseeable future. And this is why we introduced Agent ID.

This blog kicks off a series that will dive deeper into the three solution areas that Agent ID unlocks: the ability to register and manage AI agents, govern agent identities and lifecycle, and protect agent access to resources.

Get to know Microsoft Entra Agent ID

Agent ID is the heartbeat of Microsoft Agent 365, the control plane for all your agents. No matter where they’re built—on Microsoft platforms, open-source frameworks, or third-party solutions—Agent 365 gives you a single, secure way to deploy, organize, and govern them. Think of it as the next evolution of the systems you already trust to run your enterprise, now extended to the agentic era.

Access controls for agents

As the number of AI agents in your environment skyrockets, access control isn’t just important—it’s mission-critical. By requiring every agent to have its own unique Agent ID, you can manage agents confidently and make sure they only touch the resources they truly need. And for IT, this means putting strong guardrails in place—clear policies for who can create, onboard, and manage agents—so you stay in control while enabling innovation.

We’ve designed Agent ID so you can manage AI agent identities using the same tools that you use to secure access for users. If you know how to use conditional access, identity protection, identity governance, and network controls in the Entra admin center, you have the skills to manage agents. Plus, you can use Entra agents to automate quite a few of these tasks now.

A comprehensive inventory of agents

In addition to the identity and network access foundations, we think there's one key challenge that's harder with agents than the rest, which is discovery. So we've added a whole new layer to Entra that we call Agent Registry. This brand-new capability is an extensible metadata repository that delivers a unified view of agents deployed in your organization.

Agent ID works with Microsoft agent-building platforms and a rapidly growing ecosystem of partners. And for folks building outside Microsoft platforms, we offer our agent identity platform for developers to make integration simple.

Exploring the benefits of Agent ID for your organization

IDC says there’ll be 1.3 billion AI agents in the next three years. All the CISOs I talk with say agents are already being deployed at some level in their organizations. To take on this wave and safeguard against risks, I hope you’ll join the Frontier program to pilot Agent ID and the rest of the Agent 365 early access capabilities.

Your Agent ID overview

The first step is getting visibility to how many agents are already deployed in your organization. In the Entra admin center, Agent ID is listed just below Users, Groups, and Devices in the left nav. Clicking it brings you to an overview of agents in your tenant, where you can monitor trends and drill down on the agent identities, blueprints, and collections that need your attention.

✅ Manage: Bring AI Agents Into Your Identity Framework

Managing AI agents starts with treating them like first-class citizens in your identity system. With Agent ID, you can:

Get visibility to agents built on Microsoft platforms like Copilot Studio, Microsoft Foundry, and Security Copilot, and our ecosystem of partners and agent developers in Agent Registry, an extensible data repository for agent information.
Assign a unique identity to an agent—just as you can for users, apps, and devices.
Manage agents at scale with agent identity blueprints, the templates that define permissions, roles, and governance policies for classes of agents. Approve a blueprint once, and every agent created from it inherits those settings. If something goes wrong, disabling the blueprint instantly shuts down all associated agents.
Manage agent identities across their lifecycle using tools you know in Entra Admin Center.

Agents created through Microsoft platforms can automatically get an Agent ID. It’s like stamping a VIN on each car that rolls off the factory floor. This means you’ll be able to apply many of the same controls you already trust for users and workloads, starting with identity governance.

> Learn how to view and manage agent identities in your Microsoft Entra tenant.

✅ Govern: Control Access and Automate Lifecycle Management

You can’t care for and feed AI agents with the individual attention you give a pet—they’re more like a school of fish. You’ll have thousands, maybe millions, operating in your environment, so manual oversight isn’t possible. Governance must be automated, scalable, and policy-driven.

Here are some of the features in Entra Agent ID Public Preview that can help:

Lifecycle Workflows automate sponsor updates and deactivation. Every agent needs a human sponsor, and workflows ensure that when a sponsor leaves or changes roles, you’re notified and can reassign responsibility.
Access Packages bundle permissions, roles, and resource access into a single approval process. This helps enforce least privilege at scale and ensures every assignment is deliberate, auditable, and time-bound.

> Learn more about governing agent identities.

✅ Protect: Apply Conditional Access and Risk-Based Policies

Identity security is where Microsoft Entra shines, and we’ve extended its capabilities to AI agents. With Agent ID, you can:

Use Conditional Access for agents, whether they’re actors or resources.
Leverage Identity Protection to flag high-risk agents based on behavior and risk signals. Combine this with Conditional Access to automatically block compromised agents.
Apply custom security attributes to tag agents by type or sensitivity, then enforce policies based on those tags. For example: Only HR-approved agents can access HR resources.

With these protections, you can enable innovation while keeping your organization secure.

> Learn more about Conditional Access capabilities for agents and risky agent reports for agents.

🚀 Get Started Today

All the capabilities discussed above are available in public preview. Turn on early access for Microsoft Agent 365 and start experimenting with Agent ID in the Entra admin center.

And if you’re a developer, now’s the time to get engaged. Get started with the Microsoft Entra Agent Identity Platform for Developers.

How to get started with Microsoft Entra Agent ID:

🎥 Watch the replay of the Agent ID session at Microsoft Ignite to see Agent ID in action.

📚 Learn more in our Agent ID documentation on Microsoft Learn.

🔍 See how many agents are in your tenant today: Agent ID in the Microsoft Entra admin center.

🚀 Try what’s next in AI—including Microsoft Agent 365—with the Frontier early access program.

🌊What’s Next?

Folks, this will be my final blog here.

After 34 years at Microsoft working on everything from Encarta to MSN to Dynamics CRM to Windows 7 to Entra I’ve made the decision to retire from Microsoft to start a 2^nd career as a college volleyball coach. The last 14 years leading the identity and access business have been an amazing ride and I want to thank all the customers, partners and my colleagues for making it a wonderful experience. It’s been a privilege to work with all of you!

This is just the beginning of shaping the future of secure AI adoption, and I’m grateful to have so many awesome teammates who’ll be continuing the journey with you. Upcoming blogs here will dive deeper into our Agent ID solutions themes—Manage, Govern, and Protect—with practical guidance, demos, and best practices.

Farewell, and keep up the great work.

Alex

Resources:

🎥 Watch the replay of Alex’s session at Microsoft Ignite to see Agent ID in action.

📚 Learn more in our Agent ID documentation on Microsoft Learn.

🚀 Get started with Microsoft Agent 365 early access.

Synced passkeys and high assurance account recovery

AnkurPatel — Tue, 16 Dec 2025 16:00:00 GMT

Almost half of Microsoft Entra ID users are now protected with Multi-Factor Authentication (MFA), per the latest Microsoft Digital Defense Report. Yet many organizations still face high costs because of training needs, usability challenges and productivity loss.  At Microsoft Ignite 2025, we introduced two new features in Entra ID to address those challenges for existing MFA deployments and to increase adoption of MFA across users and organizations: synced passkeys and account recovery.

Public preview of synced passkeys brings the security benefits of MFA with simpler usability, while avoiding the security risks of weaker MFA options like SMS. However, even the simplest MFA can fail when credentials are lost, making account recovery a critical part of the user experience. To improve usability in such cases, we are introducing public preview for account recovery with AI-powered biometric match against government issued IDs across 192 countries.

Refining the MFA experience for mass adoption: Over the past year, synced passkeys have become the default sign-in method for hundreds of millions of people to sign into their personal email, cloud storage, and countless other apps and services. In fact, Microsoft consumer users are 3x more successful when signing-in with passkeys than legacy authentication methods (95% vs 30%). Sign-ins are 14x faster compared to password plus code-based MFA. Best of all, synced passkeys are natively supported by all major operating systems.

We’ve built deep connections across our consumer and enterprise platforms, enabling cross-pollination of learnings and rapid delivery of usability enhancements. Every improvement now benefits Microsoft accounts, Entra ID, and External ID together, bringing a consistent, intuitive experience to both consumers and enterprises. This unified approach means enhancements reach users faster, and at scale. The public prev

iew of synced passkeys with these improvements brings MFA simplicity at scale for all enterprise users. And we’re just getting started. As these improvements reach general availability, we’re focused on making passkeys and high-assurance recovery the default for all enterprise customers—so usability isn’t an afterthought, it’s the foundation.

Let’s explore the end-user experience for both capabilities and how organizations can easily deploy them.

Simpler MFA experience with synced passkeys

Synced passkeys represent a newer, more user-centric approach to authentication that removes the password entirely, works across devices via services like iCloud Keychain and Google Password Manager. This method offers a seamless experience: users authenticate with biometrics or device PINs, without needing to remember or enter passwords or codes.

“It’s the future. Focus on passkeys. Now you have a truly fast username-less and passwordless authentication method protected against phishing.”
- Customer in leading global retail

Easy to deploy synced passkeys: Our enterprise customers want a better MFA experience with passkeys. Many customers worry about the enrollment process, usability problems, and higher helpdesk costs when rolling out new authentication methods.

Passkey profiles for granular admin control

Admins can now allow granular group-based configuration for passkey authentication. Instead of a single tenant-wide setting, admins can choose specific requirements such as attestation, passkey type (device-bound or synced) and the specific passkey from a specific provider that they want their users to use, and apply them to different user groups in the enterprise.

Convenient high assurance account recovery

Even the simplest MFA can fail when credentials are lost - making recovery a critical part of user experience. When users can’t access their normal sign-in info or are unable to access their passkeys, proving one’s identity becomes a real headache. Not only is the experience clunky (e.g. knowledge-based questions or round-trip codes) and frustrating, it’s ripe for impersonation attacks. As a result, analysts and major government agencies such as NIST recommend using government issued ID and biometric verification for high assurance recovery. However, there are challenges with verification at scale. Most enterprises are unable to implement such a solution because of custom business contracts and complicated technical implementation with ID verification (IDV) providers, and regulatory compliance.

Setting up account recovery is as easy as 1-2-3

Microsoft Entra account recovery in Microsoft Entra helps users regain access quickly and securely, leveraging government issued ID and biometric verification to deliver high assurance. Securing account recovery is simple in a few steps. Our new approach makes it secure, compliant, and integrated with a consumer-grade user experience, without custom business contracts or technical integrations. What used to take months can now be done in minutes.

Account recovery admin setup

As shown above, admins can simulate the account recovery process before activating use for production, as well as configure specific groups of users and the preferred IDV provider to enable a seamless flow.

Entra ID customers can choose amongst the leading IDV providers via Microsoft Security Store: Idemia, Lexis Nexis and Au10tix. These providers offer coverage across 192 countries and remote verification for most government issued ID documents, including driver’s licenses and passports. Entra Verified ID Face Check, powered by Azure AI services, adds a critical layer of trust by matching a user’s real-time selfie and the photo from their identity document. By only sharing the match results and not any sensitive identity data, Face Check improves user privacy while allowing organizations to be sure the person claiming an identity is really them.

Convenient recovery for all your users

Once enabled, this public preview capability enables a natively integrated end-to-end flow for users to easily and securely regain access to their accounts.

Account recovery user flow

The Entra sign in experience now includes a new option to 'Recover my account'. Once users initiate the flow, they will be guided through the steps to verify their identity by providing their driver’s license or other government issued documents with the IDV provider preferred by the organization. Users will do a quick face check to ensure the rightful owner is verifying their government issued ID with the IDV provider, by matching liveness with the photo from the ID document. Entra ID then matches information (such as, name, or address) returned in the Verified ID from the IDV provider with the information in the organization's directory and HR system. Once the verification is complete, user is offered to register a synced passkey to reduce further lockouts.

Inspark, a leading cybersecurity company shares, "Identity is the top attack vector and AI makes it easier to exploit. Verified ID enables convenient account recovery, reduces our recovery-related service desk costs by 72%, and protects against social engineering. No passwords. No weak authentication. Just secure, verifiable access."

Licensing requirements

Passkeys	Included for all Microsoft Entra ID customers
Account recovery	Included with Microsoft Entra ID P1 license
Face Check	Available as an add-on per verification or as part of Microsoft Entra Suite
Government ID check	Pay-per-verification via Microsoft Security Store

Resources

Enable passkeys for your organization - Microsoft Entra ID | Microsoft Learn

Enable high assurance account recovery – Microsoft ID | Microsoft Learn

Continuously improving usability for every authentication and recovery experience is foundational. Get started today and share your feedback with us. We love hearing from you!

Ankur

Ankur Patel | LinkedIn

Learn more about Microsoft Entra

What’s new in Microsoft Entra – November 2025

ShobhitSahay — Wed, 10 Dec 2025 16:00:00 GMT

November was an exciting month for Microsoft Entra customers, with news of significant enhancements to strengthen your security posture in the AI era. Our announcements included:

New capabilities for managing, governing, and protecting agents with the public preview of Microsoft Entra Agent ID, part of the new Agent 365 control plane for agents;
Security Copilot inclusion in Microsoft 365 E5 subscription, which ensures more admins can utilize Copilot in Entra and the four new Microsoft Entra agents;
The Microsoft Entra Suite public preview of Prompt Shield, enabling you to protect enterprise GenAI apps against prompt injection attacks; and
The public preview of synced passkeys and self-service account recovery for all authentication methods in Microsoft Entra, making it easier for end users to embrace phishing-resistant authentication.

For more details, check out Joy Chik’s blog post and watch the recordings of our breakout sessions from Microsoft Ignite.

This article shares security improvements and innovations across Microsoft Entra from October and November 2025, organized by product.

Microsoft Entra ID

New releases

Granular, Least-Privileged Permissions for UserAuthenticationMethod APIs

Change announcements

Security improvements

Jailbreak Detection in Authenticator App

[Action may be required]

What is changing?

Starting February 2026, we'll introduce Jailbreak/Root detection for Microsoft Entra credentials in the Authenticator app. This update boosts security by disabling Microsoft Entra credentials on jail-broken or rooted devices, wiping any existing credentials automatically. It applies to both iOS and Android, requires no admin setup, and does not affect personal or third-party accounts.

Action required

Notify end users about this upcoming change. Authenticator will become unusable for Microsoft Entra accounts on jail-broken or rooted devices. For more information, read About Microsoft Authenticator.

Block External Script Injection in Microsoft Entra ID Sign-in

[Action may be required]

What is changing?

In November 2025, Microsoft Entra ID rolled out a stricter Content Security Policy (CSP) for browser-based sign-ins on login.microsoftonline.com. This update blocks unauthorized scripts and only allows scripts from trusted Microsoft domains, enhancing protection against cross-site scripting (XSS) attacks.

Action required

Admins should ensure that no browser extensions or tools inject scripts into the sign-in experience. Any existing tools that do so must be replaced, and sign-in flows should be tested to identify and fix violations.

Update to Revoke Multifactor Authentication Sessions

[Action may be required]

What is changing?

Starting February 2026, we are replacing the current Revoke multifactor authentication sessions button with the Revoke sessions button in the Microsoft Entra portal. The legacy Revoke MFA sessions action only applies to per-user MFA enforcement, which has led to confusion. To simplify and ensure consistent behavior, the new Revoke sessions button will invalidate all user sessions, including MFA, regardless of whether MFA is enforced via Conditional Access or per-user policies.

Action required

Admins should update workflows and guidance to use Revoke sessions instead of Revoke MFA sessions. The Revoke MFA sessions option will be removed from the portal after this change.

Microsoft Entra ID Governance

New releases

Change announcements

Identity Modernization

Retirement of Iteration 2 (beta) Privileged Identity Management (PIM) API

[Action may be required]

What is changing?

Iteration 2 (beta) PIM API for Azure resources and Microsoft Entra roles is deprecated and will stop returning data on October 28, 2026.

Action required

Migrate to the Iteration 3 (GA) APIs:

Begin migration planning and testing as soon as possible.
Halt any new development using Iteration 2 APIs.
Review documentation for Iteration 3 APIs to ensure compatibility.

Learn more:

Microsoft Entra External ID

New releases

Global Secure Access

New releases

-Shobhit Sahay

Learn more about Microsoft Entra

ICYMI: Watch replays of Microsoft Entra sessions at Microsoft Ignite 2025

Kaitlin_Murphy — Wed, 26 Nov 2025 03:16:12 GMT

At Microsoft Ignite 2025, Microsoft Security took center stage with a clear message: secure access is foundational for the AI-driven future. Across keynotes, breakout sessions, and demos, we showcased innovations that help organizations confidently expand Zero Trust strategies to include AI agents, apps, and identities. We hope you were able to be there or tune in live; but if not, we’ve pulled this article together with all the best replay links for identity and network access professionals.

👀 ICYMI: Read the news about Microsoft Entra announcements at Ignite 2025.

To get started, watch this innovation session from Microsoft Security leaders Charlie Bell and Vasu Jakkalr—Security in the Agentic Era – the Core Primitive (45 minutes)—to see how Microsoft builds security into every layer for a world woven with AI and agents, and get actionable steps to secure AI innovation at scale.

Once you're ready to deep dive into what’s new with Microsoft Entra, here’s your playlist. Each of these 45-minute sessions are loaded with demos that you haven’t seen unless you were watching live.

Microsoft Entra: What's new in secure access on the AI frontier

Your identity and network access approach for AI doesn’t need a revolution—just an expansion. Learn how to strengthen your Zero Trust foundation, manage and govern the rising tide of agents, and enable AI to accelerate your success.

Microsoft Entra Suite: Accelerate Zero Trust and secure AI access

In the era of AI, empowering your workforce with secure access to AI and agents is essential. Microsoft Entra Suite protects every connection using identity-driven controls, adaptive policies, secure web and AI Gateway, so your organization can innovate without compromise.

Secure access for AI agents with Microsoft Entra

Learn to discover, manage, govern, and protect agent identities and access to resources—just as you do for human identities—with enterprise-grade secure access for agents from Microsoft Entra Agent ID.

Identity under siege: Modern ITDR from Microsoft

Your identities are under attack. Join experts from Microsoft Entra and Defender to learn how you can streamline collaboration across teams and better protect, detect, and respond to threats targeting your identity fabric.

Top essentials for an Integrated, AI-ready security foundation

To stay ahead, organizations need a secure, identity-based foundation for your digital landscape. Learn what Microsoft Entra and Intune bring across the Microsoft 365 stack to help you reach a Zero Trust security posture with more compliance and control in the era of AI. This session dives into top scenarios that bring to life what you need to maximize your Microsoft investment.

Security Copilot: Your agentic workforce for smarter, faster defense

Automate tasks, strengthen defense, and accelerate response with Security Copilot agents - built by Microsoft, partners, or tailored by you for the unique challenges of your environment. Check out the demo of the Conditional Access Optimization Agent in Microsoft Entra in this session!

As organizations adopt AI, identity becomes the access fabric for trust. Microsoft Entra is leading the way with innovations that secure every connection—human, app, or agent—without compromising agility.

Learn more about securing and governing AI agents

This year at Ignite, AI agents were the hottest topic. Managing, governing, and protecting agent identities is central to any organization’s strategy for adopting agents. Therefore, Microsoft Entra Agent ID is included in the newly announced Microsoft Agent 365, the control plane for agents, and works natively with Microsoft Foundry (formerly Azure AI Foundry). Learn more by watching these Microsoft Ignite sessions.

Innovation session: Introducing Microsoft Agent 365: the control plane for AI agents

Discover how to hire, onboard, and train AI-powered digital labor that acts with autonomy, adapts to evolving business needs, and operates securely across environments. This session explores how intuitive tools and built-in controls enable you to manage these agents like real team members—scaling productivity while maintaining oversight and trust.

Explore Microsoft Agent 365 security and governance capabilities

Confidently activate your AI agent estate with Microsoft Agent 365. Whether an assistive agent or fully autonomous digital worker, learn how Agent 365 provides comprehensive security and governance to help you manage AI access and agent sprawl, prevent data oversharing and leaks, defend against AI threats and vulnerabilities, and comply with AI regulations.

Watch now (45 minutes)

Secure agents in Microsoft Foundry with Microsoft Security

As organizations rapidly build AI and innovation accelerates, so do the risks. Deep dive to learn how to safeguard AI agents across their lifecycle by managing identity, data access, posture, and applying governance at scale.

Watch now (45 minutes)

Build secure AI agents: Microsoft’s stack, your innovation

Learn how Microsoft secures agentic AI systems across the lifecycle. Discover design strategies and real-world tool examples—from Microsoft Security and Microsoft Foundry—to build safe, resilient agents aligned with Secure Future Initiative principles.

Watch now (45 minutes)

Entra Agent ID and other enterprise superpowers in Microsoft Foundry

Hear how Commerzbank drives agentic AI at scale and discover how agents in Microsoft Foundry meet enterprise standards for identity, connectivity, extensibility, and lifecycle management. We’ll dive into Entra Agent ID, networking configuration, full agent lifecycle support, custom tool integration, and provisioning of tenant-level tool and agent catalogs. If you're deploying agents across your organization, this session is your blueprint for secure, scalable, and governable solutions.

Watch now (40 minutes)

Expand your capabilities with Microsoft Security partners

Last week we also announced the General Availability of powerful new partner integrations in Microsoft Entra that take identity security to the next level, including news from Cloudflare, Akamai, Arkose Labs, HUMAN security, Grit Software Systems, WhoIAM, Au10tix, IDEMIA, and TrueCredential (LexisNexis).

Here, we’re highlighting informative Ignite replays from our partners for Microsoft Entra customers.

Voices you can’t trust: Stop AI-powered impersonation attacks

Jeremy Nelson | Insight

AI deepfakes are enabling fraud now, not in the future. Jeremy Nelson shares real cases, including a $25M scam from a fake video call, showing how threat actors bypass identity checks. Learn how Verified ID secures support desk interactions and get practical steps to protect your organization from AI-driven impersonation attacks.

Watch now (45 minutes)

Closing the gaps of Microsoft Entra and Intune

Stefan Schoenleber | glueckkanja AG

Discover how RealmJoin and glueckkanja's NAC bundle SCEPman + RADIUSaaS close key gaps in Microsoft 365. RealmJoin streamlines app lifecycle management for Windows and macOS, detects outdated/user-installed software, supports advanced LAPS, and enables UHD teams to safely perform routine tasks. The glueckkanja NAC solution enables certificate-based network authentication (CBA) for Intune managed clients, replacing NPS and NDES with scalable, cloud-native services, and supports certificate issuance for clients and servers.

Watch now (13 minutes)

Microsoft Entra ID environments: Replacing GPP with ProfileUnity

Jason Smith | Liquidware

As organizations shift to Microsoft Entra ID–joined or hybrid environments, traditional Group Policy Preferences no longer apply. Tasks like drive mappings, printers, shortcuts, and registry settings often require complex scripting or limited Intune workarounds, creating gaps in consistency and user experience. Learn how to modernize user environment management and deliver scalable, policy-driven control across cloud workspaces.

Watch now (37 minutes)

Accelerate enterprise passkey deployment with HID and Microsoft Entra

Eric Williams | HID

Discover how HID is helping enterprises scale passkey adoption with Microsoft Entra ID—seamlessly and securely. In this demo, we showcase how HID’s FIDO credentials with converged access, combined with enterprise-grade passkey management and enhanced capabilities amplify your existing Azure and Microsoft Entra investments. Whether you're exploring what's next, seeking fast implementation wins, or learning from industry best practices, this session will show you how to deploy passkeys at scale.

Watch now (<3 minutes)

Thanks for your ongoing feedback and collaboration

It was incredible to meet so many of you in person, whether it was after one of our sessions, at the Microsoft Security party, or at our Expert Meetup for a 1:1 conversation. Our Microsoft Entra community really leaned in last week—not just to learn, but also to teach, by sharing your experience with early-in-career practitioners who were grateful to hear your suggestions. Thank you so much for looking out for each other in this rapidly changing world.

Highlights from our Microsoft Entra sessions at Microsoft Ignite 2025.

To our community in the United States, we wish you a Happy Thanksgiving. And for everyone around the world, we wish you a restful winter season with your loved ones.

Learn more about Microsoft Entra

Take the next step in exploring the products demonstrated at Microsoft Ignite.

Enhance protection of Microsoft Entra ID authentication by blocking external script injection

AnkurPatel — Tue, 25 Nov 2025 16:00:00 GMT

As part of Microsoft’s Secure Future Initiative, we’re making an important update to our Content Security Policy (CSP) that will enhance the security of the Microsoft Entra ID sign-in experience. This update strengthens security and adds an extra layer of protection by allowing only scripts from trusted Microsoft domains to run during authentication, blocking unauthorized or injected code from executing during the sign-in experience.

This is a proactive measure that further shields your users against current security risks, such as cross-site scripting (XSS), where attackers can insert malicious code into websites. As a result, you can be assured that your users receive stronger protection, and your organization remains ahead of new security challenges.

Megna Kokkalera, Product Manager II leading this effort, will walk us through this update.

When will you see this change?

Microsoft Entra ID will enforce CSP globally starting mid-to-late October 2026. Periodic communications will be sent prior to release.

How will this affect your organization?

We're adding a new Content Security Policy header to the Microsoft Entra sign-in experience to enhance security and harden against unauthorized script injection.

Here’s what we’re specifically changing on login.microsoftonline.com:

Only allow script downloads from Microsoft trusted CDN domains. See the CSP script src guide for examples and guidance.
Only allow inline script execution from Microsoft trusted source. See the CSP nonce guide for information on inline script execution.

Note that the updated Content Security Policy will only apply to browser-based sign-in experiences, only for URLs that start with login.microsoftonline.com. Microsoft Entra External ID will see no impact.

What do you need to do to prepare?

Microsoft recommends not using browser extensions or tools that inject code or script into the Microsoft Entra sign-in experience. If you follow this advice, your experience will remain unchanged, and no further action is needed.

If you use tools or browser extensions that inject code or script into the Microsoft Entra sign-in page, switch to alternative tools that don’t inject code. Code and script injection will no longer be supported, and these tools will stop working, though users can still sign in.

You can identify the exact impact in your tenant using the instructions below:

Go through a sign-in flow with the dev console open to identify any violations.
Information about the violation will be displayed in red. (If a specific team or person is causing the violation, it will only show up in their flows. Accordingly, it is recommended to thoroughly assess different sign-in scenarios within your organization.)
Here is an example of how the violation would show up in the console:

This update to our Content Security Policy adds an additional layer of protection by blocking unauthorized scripts, further helping safeguard your organization against evolving security threats. To ensure a smooth rollout, please test your sign-in flows thoroughly ahead of time. This will help you catch and address any issues early, so your users stay protected, and your sign-in experience remains seamless.

Megna Kokkalera

Product Manager II

Microsoft Identity, Authentication Experiences

LinkedIn: Megna Kokkalera | LinkedIn

Additional resources

Learn more about Microsoft Entra