TL;DR: Registering an agent in Microsoft’s Agent Registry can create a management record without creating a Microsoft Entra Agent ID, according to Semperis. The core risk is assuming a registry entry implies an identity, when the actual control boundary sits at the Entra ID layer.
NHIMG editorial — based on content published by Semperis: Understanding and Preventing Entra ID Agent Identity Attacks, Practice Checkpoint 3
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- NHIs outnumber human identities by 25x to 50x in modern enterprises.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
Questions worth separating out
Q: How should teams govern agent registry records that do not yet have an identity object?
A: Treat them as incomplete identity states, not as harmless metadata.
Q: Why does separating discovery from identity matter for IAM teams?
A: Because security controls attach to the identity object, not to the descriptive record.
Q: What do security teams get wrong about agent registration in Microsoft environments?
A: They often assume that registration creates an identity and that visibility implies control.
Practitioner guidance
- Separate discovery from identity state Track agent registry entries and Entra Agent IDs as distinct lifecycle states.
- Review registry-write permissions as privileged access Treat AgentRegistration.ReadWrite.All as a high-impact control because it governs who can create, change, or enrich the records that the rest of the programme will rely on.
- Flag unlinked registrations for immediate follow-up Create an operational queue for registry records that do not map to an Entra Agent ID so ownership, onboarding status, and policy enforcement do not drift apart.
What's in the full article
Semperis's full guide covers the operational detail this post intentionally leaves for the source:
- Step-by-step agent registration flow using the Microsoft Graph endpoint and the minimum required properties.
- Screenshots showing how linked and unlinked agent records appear in the Microsoft 365 admin center.
- The exact permission requirement for registry creation and what it means for administrative access.
- The follow-on chapter path that connects registry state to how agents operate in Entra ID.
👉 Read Semperis's guide on Microsoft Agent Registry and Entra ID agent identity →
Agent registry and Entra ID: are teams treating discovery as identity?
Explore further
Registry visibility is not identity governance: A record in an agent registry documents an object, but it does not by itself establish the identity that security policy can control. That separation is useful only if practitioners treat the registry as discovery and Entra ID as the authoritative identity boundary. The implication is that governance reports based on registry counts can materially overstate actual control coverage.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing how slowly remediation can lag behind discovery events.
A question worth separating out:
Q: Who should own the lifecycle of a registered agent?
A: The team responsible for the identity object should own the lifecycle, because that is the layer where access, policy, and revocation are actually enforced. Registry administrators may maintain records, but they should not be the sole source of truth for identity governance.
👉 Read our full editorial: Agent registry visibility does not equal Entra ID identity creation