Microsoft has simply launched Microsoft Entra Agent ID to increase its identification and entry administration companies to AI brokers. With Agent ID, organizations can determine how AI brokers work together with information, methods, and customers. Every agent receives a singular identifier and a constant identification that can be utilized with totally different instruments and environments – Microsoft mentioned this helps with core identification features similar to authentication, authorization, and lifecycle administration.

Like human customers, Agent ID permits admins to create Conditional Entry insurance policies that implement least privilege entry and monitor the exercise of the brokers. Admins that use these instruments can make sure the safer deployment of AI.

Apart from Agent ID, Microsoft introduced that in November 2025, Microsoft Entra ID will assist passkey profiles in public preview. This may permit directors to have group-based management over passkey configurations.

After the replace is rolled out, Microsoft says you’ll have the ability to permit totally different FIDO2 safety key fashions or Microsoft Authenticator passkeys for particular consumer teams. Microsoft mentioned it’ll additionally begin accepting any WebAuthn-compliant safety key or passkey supplier when “Implement attestation” is disabled.

These modifications are a big enchancment for organizations desirous to implement extra nuanced passkey methods. It’s additionally nice for these trying to transfer extra in direction of passwordless authentication and scale back the danger of compromised passwords.

In its announcement, Microsoft additionally shared some crucial migrations and deprecations that directors have to act on proper now. On July 31, 2025, the Consumer Threat Coverage and Signal-In Threat Coverage pages in Entra ID Safety will turn out to be read-only, Microsoft says it’s essential to migrate to Conditional Entry to hold on managing them.

Beginning in July and rolling out by means of the remainder of the yr are modifications to visitor authentication for B2B Collaboration in Microsoft Entra ID. Visitor customers will now sign up on the host tenant’s branded display earlier than redirection again to the group the place they’ll full the sign-in course of. Microsoft says this modification helps stop consumer confusion throughout cross-tenant sign-in.

Lastly, between now and August 30, 2025, the “Robotically seize sign-in fields” for Password-Based mostly single sign-on (SSO) will probably be eliminated. The brand new methodology for brand spanking new configurations is guide seize with the MyApps Safe Signal-In Extension. Current apps will proceed to work simply advantageous.

A number of different dates got which are essential for individuals to pay attention to. In September 2025, Microsoft will retire Azure AD Graph API and is asking customers emigrate to Microsoft Graph urgently. Additionally in September, the Authenticator app on iOS will swap to iCloud/iCloud Keychain for backup, which removes the outdated in-app backup and private Microsoft account dependency. The ultimate change in September is that Microsoft Entra ID Entry Overview will solely retain overview historical past for the previous yr and older information received’t be retrievable – for longer retention, it’s essential to export and archive the information.

In mid-October, AzureAD PowerShell modules will start their retirement with outage assessments to be carried out in September. Microsoft urges customers emigrate to Microsoft Graph PowerShell SDK or Microsoft Entra PowerShell.