Agentic Identity Standards: Microsoft Entra’s View

Introduction

AI agents are rapidly moving from pilot projects into real enterprise workflows, and identity systems now need to support them securely. In a new Microsoft Entra blog, Pamela Dingle explains how the standards landscape is shifting to accommodate agentic identities, with major implications for authentication, authorization, and governance.

What’s changing in agentic identity standards?

Microsoft says the biggest shift is conceptual: identity standards are no longer treating non-human identities as narrowly scoped actors with rigid boundaries. As AI agents gain reasoning capability and make decisions, the industry is rethinking how software identities establish trust and act across systems.

1. Bootstrapping trust for non-human identities

A core challenge is how AI agents, workloads, and service principals securely announce themselves and request access. Microsoft points to growing standards activity in this area, including:

• OAuth ClientID Metadata Document (CIMD)
• OAuth 2.0 Protected Resource Metadata (RFC 9728)
• IETF WIMSE work connecting SPIFFE and OAuth
• Broader automation for non-human onboarding across environments

This matters because manual federation-style onboarding does not scale well for large numbers of agents.

2. Delegation models are being reworked

Delegation is another major debate. Existing concepts such as token exchange, on-behalf-of (OBO), identity chaining, and token upscoping/downscoping are being revisited as agents begin acting with more autonomy.

Microsoft notes this area is still unsettled, so admins should expect continued standards discussions before best practices fully stabilize.

3. Shared secrets are becoming a bigger risk

The post also warns about growing reliance on API keys and other shared secrets in agent scenarios. Microsoft expects stronger focus on eliminating these patterns in favor of more secure, standards-based trust mechanisms.

Why this matters for Entra administrators

For IT and identity teams, this is an early signal that AI agent governance will increasingly depend on open identity standards. Entra admins should expect future capabilities and integrations to align more closely with industry efforts such as MCP, IETF, OpenID Foundation, FIDO Alliance, and AAIF.

In practice, this means administrators will need to think beyond traditional user and app identity models when planning access controls, trust relationships, and lifecycle management for AI-driven services.

Next steps

• Review current use of API keys and shared secrets in AI or automation projects
• Track standards communities influencing agentic identity, especially MCP and IETF
• Follow Microsoft Entra Agent ID updates for future implementation guidance
• Prepare for more dynamic onboarding and delegation models for non-human identities

Microsoft’s message is clear: agentic identity is becoming a foundational architectural layer, and standards will play a central role in making AI agents manageable and secure at enterprise scale.