entra-agent-user
Create Agent Users in Microsoft Entra ID to enable AI agents to act as digital workers with user identity access.
- Provisions specialized user identities (
idtyp=usertokens) linked to agent identities, allowing agents to access user-only APIs like Exchange mailboxes, Teams, and org charts - Requires a parent agent identity created from an agent identity blueprint; supports 1:1 relationship with optional manager assignment and license provisioning
- Includes step-by-step HTTP and PowerShell examples for verification, creation, manager assignment, usage location setup, and license assignment
- Agent users cannot have passwords or interactive sign-in; they authenticate via their parent agent identity and cannot be assigned privileged admin roles
SKILL: Creating Agent Users in Microsoft Entra Agent ID
Overview
An agent user is a specialized user identity in Microsoft Entra ID that enables AI agents to act as digital workers. It allows agents to access APIs and services that strictly require user identities (e.g., Exchange mailboxes, Teams, org charts), while maintaining appropriate security boundaries.
Agent users receive tokens with idtyp=user, unlike regular agent identities which receive idtyp=app.
Prerequisites
- A Microsoft Entra tenant with Agent ID capabilities
- An agent identity (service principal of type
ServiceIdentity) created from an agent identity blueprint - One of the following permissions:
AgentIdUser.ReadWrite.IdentityParentedBy(least privileged)AgentIdUser.ReadWrite.AllUser.ReadWrite.All
- The caller must have at minimum the Agent ID Administrator role (in delegated scenarios)
More from github/awesome-copilot
git-commit
Execute git commit with conventional commit message analysis, intelligent staging, and message generation. Use when user asks to commit changes, create a git commit, or mentions "/commit". Supports: (1) Auto-detecting type and scope from changes, (2) Generating conventional commit messages from diff, (3) Interactive commit with optional type/scope/description overrides, (4) Intelligent file staging for logical grouping
30.2Kgh-cli
GitHub CLI (gh) comprehensive reference for repositories, issues, pull requests, Actions, projects, releases, gists, codespaces, organizations, extensions, and all GitHub operations from the command line.
21.2Kdocumentation-writer
Diátaxis Documentation Expert. An expert technical writer specializing in creating high-quality software documentation, guided by the principles and structure of the Diátaxis technical documentation authoring framework.
17.4Kprd
Generate high-quality Product Requirements Documents (PRDs) for software systems and AI-powered features. Includes executive summaries, user stories, technical specifications, and risk analysis.
17.4Kexcalidraw-diagram-generator
Generate Excalidraw diagrams from natural language descriptions. Use when asked to "create a diagram", "make a flowchart", "visualize a process", "draw a system architecture", "create a mind map", or "generate an Excalidraw file". Supports flowcharts, relationship diagrams, mind maps, and system architecture diagrams. Outputs .excalidraw JSON files that can be opened directly in Excalidraw.
16.4Krefactor
Surgical code refactoring to improve maintainability without changing behavior. Covers extracting functions, renaming variables, breaking down god functions, improving type safety, eliminating code smells, and applying design patterns. Less drastic than repo-rebuilder; use for gradual improvements.
16.1K