TL;DR: Microsoft’s Entra agent identity model separates AI agents from users and service principals, giving them dedicated lifecycle, governance, and authentication constructs while preserving auditability and policy control, according to Semperis. The governance shift is that identity programmes must stop treating agent behaviour as a user-like edge case and start modelling it as its own access class.
NHIMG editorial — based on content published by Semperis: understanding Microsoft Entra agent identities and the agent identity platform
By the numbers:
- NHIs outnumber human identities by 25x to 50x in modern enterprises.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
- Only 5.7% of organisations have full visibility into their service accounts.
Questions worth separating out
Q: What breaks when AI agents are governed like ordinary service principals?
A: The main failure is that ordinary service-principal governance assumes a stable workload with predictable lifecycle and entitlement patterns.
Q: Why do AI agent identities need lifecycle governance as well as authentication controls?
A: Because the risk is not only whether an agent can authenticate, but whether it can be created, delegated, monitored, and retired in a controlled way.
Q: What do IAM teams get wrong about agent users and human users?
A: They often assume that a user-shaped object means a human-style identity process.
Practitioner guidance
- Inventory agent identity dependencies Catalogue which agent identities rely on blueprints, user-shaped objects, token issuance paths, and inherited policies so that the true trust boundary is visible in one place.
- Review blueprint-level permissions first Check whether blueprint configuration can provision identities, hold credentials, or extend policy in ways that create broad inherited access across many agents.
- Separate technical and lifecycle ownership Assign different people for owner, sponsor, and manager responsibilities so that configuration control, business purpose, and day-to-day operation do not collapse into one role.
What's in the full article
Semperis's full guide covers the operational detail this post intentionally leaves for the source:
- Step-by-step explanation of the Agent ID object model and how each object maps to Entra ID primitives
- UI walkthrough of the original portal view for agent types and how Microsoft grouped them
- Graph beta implementation notes for building and managing agent identities in practice
- Role-by-role detail on owner, sponsor, and manager permissions for agent lifecycle operations
👉 Read Semperis's guide to Microsoft Entra agent identity objects and governance →
Agent identity in Entra ID: what it means for IAM teams?
Explore further
Agent identity is becoming a separate governance class, not a renamed service principal. The article is right to separate agent identities from users and traditional application objects because AI agents can carry their own lifecycle, policy inheritance, and audit requirements. That changes how identity programmes think about ownership, onboarding, and revocation. The implication is that agent governance needs its own control model rather than a recycled human-IAM pattern.
A few things that frame the scale:
- NHIs outnumber human identities by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows why identity inventories struggle once machine actors scale.
A question worth separating out:
Q: How should organisations govern AI agents that can inherit access from blueprints?
A: They should govern the blueprint as the source of inherited trust, then verify every downstream agent identity against that source before enabling production use. The key question is not only what each agent can do, but what the blueprint can propagate at scale. That is where policy mistakes become repeatable risk across the tenant.
👉 Read our full editorial: Microsoft's agent identity model changes AI agent governance