Microsoft Entra Agent ID brings identity tools to AI, with key migration deadlines ahead

New identity tools and timelines explained

News

Reading time icon 2 min. read

Calendar icon Published on

by Rishaj Upadhyay 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Microsoft Entra ID

Microsoft is bringing identity management to AI with the launch of Entra Agent ID, a new system designed to give AI agents the same kind of authentication and access control that human users get.

The update allows organizations to manage how AI agents interact with internal data, systems, and people. Each agent gets its own ID, making it easier to enforce things like Conditional Access policies and least privilege access.

Expanding Identity Management to AI with Microsoft Entra Agent ID and Upcoming Changes

The company is also getting ready to roll out passkey profiles in Entra ID this November. Once live, admins will be able to fine-tune passkey policies by group. That means you’ll be able to allow or restrict specific FIDO2 key models or Microsoft Authenticator passkeys for different teams, which is useful for more advanced passwordless setups.

Alongside the new features, Microsoft is reminding IT admins about several important migration deadlines. Starting July 31, 2025, the User Risk and Sign-In Risk Policy pages will become read-only. Admins need to migrate to Conditional Access policies if they still want to manage risk-based controls after that.

Other key updates include:

  • Guest sign-in flows for B2B collaboration will now show the host tenant’s branding first, helping reduce confusion.
  • The automatic capture method for password-based SSO is going away. By August 30, 2025, all new SSO setups must use the Secure Sign-In Extension.
  • Azure AD Graph API will retire in September 2025, and Microsoft is pushing users to switch to Microsoft Graph.
  • Also in September, Authenticator for iOS will move backups to iCloud Keychain.
  • Access Review data will only be kept for 12 months going forward, unless you manually export and store it.
  • Finally, AzureAD PowerShell modules will begin retiring in mid-October, with test outages happening a month earlier. Microsoft wants everyone to use the Microsoft Graph PowerShell SDK or Entra PowerShell instead.

With Agent ID now in the picture, Microsoft is setting the foundation for tighter identity governance across human and non-human users alike. But it’s also making it clear that the transition to modern tools and frameworks is no longer optional.

More about the topics: microsoft entra

Rishaj Upadhyay

Rishaj Upadhyay Shield

News Editor

Rishaj is a tech writer who has been writing professionally for over four years, with a passion for Android, Windows, and all things tech. He initially joined Windows Report as a tech journalist and is now taking over as a news editor. He also writes for AndroidHeadlines. In the past, he has covered features, guides, and listicles for YTECHB and TechieTechTech. When he's not breaking the keyboard, you can find him cooking, or listening to music/podcasts.

User forum

0 messages