Migrate agent-candidate workloads to agent identities
Implementation Effort: High – Requires coordinated migration of workload identities to the agent identity framework, including re-registration in Agent Registry, permission reassignment, and validation of downstream service dependencies.
User Impact: Medium – Application teams must update authentication configurations, and dependent services may experience brief disruptions during identity transitions.
Overview
Workload identities that have been inventoried and triaged as agent candidates still operate outside the agent governance framework — they lack centralized registry visibility, agent-specific lifecycle policies, and the security controls that Microsoft Entra Agent ID provides. Until these identities are migrated, the organization maintains two parallel identity governance models: one for traditional workload identities and one for agents. This split undermines the organization's ability to apply consistent Zero Trust policies across all autonomous workloads and creates gaps in visibility and control.
Migration involves registering each agent-candidate workload in the Agent 365 Registry — either automatically through Microsoft product integrations (Copilot Studio, Agent 365, Azure AI Foundry) or through self-serve registration using the Microsoft Graph API for non-Microsoft platforms. Each migrated identity gains an agent instance record with operational metadata and an agent card manifest for discovery. The migration must also reassign permissions under the agent identity framework and validate that downstream dependencies continue to authenticate correctly after the transition.
This supports Verify explicitly by bringing all autonomous workloads under a single identity framework where each agent's permissions, data access, and operational endpoint can be continuously validated. It supports Use least privilege access by providing the opportunity to right-size permissions during migration rather than carrying forward legacy overprivileged configurations. It supports Assume breach by ensuring all agent identities are subject to the same lifecycle management, monitoring, and revocation capabilities. Without migration, the organization's highest-risk autonomous workloads remain invisible to API-driven agent governance tools, immune to agent-specific conditional access policies, and ungovernable at scale.