Temporary Identities for Agents

An AI agent needs an identity to open files, call tools, or touch databases — and Microsoft is pushing identities that expire quickly instead of lasting for months. (learn.microsoft.com) Microsoft’s Azure and Entra teams now describe agent identities as specialized Microsoft Entra ID service principals for AI agents, with administrators assigning roles and policies the same way they do for apps and employees. The company says those identities let agents request tokens for downstream services without storing secrets in prompts, code, or connection strings. (learn.microsoft.com) The shift is toward short-lived access. In Microsoft’s own description of Entra Agent ID, an agent identity “doesn’t have credentials on its own”; a blueprint acquires tokens on the agent’s behalf after user or tenant-admin consent, which limits what the agent can hold onto over time. (learn.microsoft.com) Jorge Palma, a principal product manager at Microsoft, told The New Stack at KubeCon Europe 2026 in Amsterdam that temporary identities are a way to keep autonomous agents from retaining broad privileges after a task ends. The article framed time-to-live, or TTL, on credentials as a control-plane pattern that is spreading into agent operations. (thenewstack.io) The basic security idea is older than AI agents: give a workload the minimum access it needs, for the shortest possible time. Microsoft’s Foundry documentation ties agent identities to Azure role-based access control, or RBAC, so permissions can be scoped to a storage account, tool, or workflow instead of an entire environment. (learn.microsoft.com) Microsoft is also building surrounding controls for those non-human identities. In January 2026, the company introduced Conditional Access for agent identities in Microsoft Entra, extending Zero Trust policies to agents based on identity, risk, and context before access is granted. (techcommunity.microsoft.com) That policy layer now sits alongside detection tooling. Microsoft Entra ID Protection says it can flag “risky agents” and apply response policies for agents that use the Entra Agent ID platform, treating compromised or misbehaving agents more like compromised user accounts. (learn.microsoft.com) Microsoft’s broader product line shows the tension between persistent and temporary identity models. Microsoft Agent 365 documentation describes each agent as having its own persistent enterprise identity, while Entra Agent ID and Foundry emphasize token acquisition, scoped authorization, and governance controls around what that identity can actually do. (learn.microsoft.com) The practical effect is that an agent can still act, but its badge expires fast. For companies putting agents into cloud operations, coding workflows, and internal business systems, that turns identity from a one-time setup into a continuously renewed permission check. (thenewstack.io)