Agent ID Administrator scope overreach: Service Principal takeover in Entra ID
TL;DR The Microsoft Agent Identity Platform (Preview) gives AI agents their own identities in Entra ID (blueprints, agent identities, agent users) so you can govern and secure them like any other principal. To manage that new control plane, Microsoft introduced the Agent ID Administrator role. On paper, it’s scoped to agent-related objects only. We discovered that accounts with only the Agent ID Administrator role could take […]