Invoke-EntraBetaAgentIdInteractive
Interactive cmdlet to create and configure an Agent ID.
Syntax
Default (Default)
Invoke-EntraBetaAgentIdInteractive
Description
The Invoke-EntraBetaAgentIdInteractive cmdlet demonstrates the full workflow of creating and configuring an Agent Identity Blueprint, including creating Agent Identities and Agent Users as needed.
This interactive cmdlet guides you through the complete Agent Identity setup process with prompts at key decision points:
- Blueprint creation with optional sponsors
- Client secret generation for API authentication
- Interactive agent scope configuration
- Inheritable permissions setup
- Service principal creation and permissions
- Admin consent flow (when applicable)
- Agent Identity and Agent User creation
The cmdlet maintains state between operations, automatically passing Blueprint IDs and other required values to subsequent operations. You can create multiple Agent Identities and Users in a single session.
Examples
Example 1: Start the interactive Agent Identity configuration workflow
Connect-Entra -Scopes 'Organization.Read.All', 'AgentIdentityBlueprint.Create', 'AgentIdentityBlueprintPrincipal.Create', 'AppRoleAssignment.ReadWrite.All', 'Application.ReadWrite.All', 'User.ReadWrite.All'
Invoke-EntraBetaAgentIdInteractive
This example starts the interactive Agent Identity configuration workflow. The cmdlet will prompt you for all required inputs and guide you through the complete setup process.
Inputs
None
Outputs
None
Notes
This cmdlet requires the following Microsoft Graph permissions:
- Organization.Read.All
- AgentIdentityBlueprint.Create
- AgentIdentityBlueprintPrincipal.Create
- AppRoleAssignment.ReadWrite.All
- Application.ReadWrite.All
- User.ReadWrite.All
The cmdlet will automatically connect to Microsoft Graph with these permissions if not already connected.