MS Ai Insider

Microsoft Entra June 2025 Update: Introducing Agent ID, Enhanced Passkey Controls, and Key Migration Deadlines

Posted by

ailona

Microsoft Entra’s June 2025 update introduces Agent ID for AI identity management, enhanced passkey controls, improved Authenticator app backup on iOS, and critical migrations from Azure AD Graph and PowerShell modules. These innovations boost security, usability, and identity modernization. Unique :

What’s New in Microsoft Entra – June 2025

Microsoft Entra just dropped a bunch of updates packed with AI identity controls, security boosts, and smoother user experiences. Let’s dive into the key highlights that tech pros need to know.

Introducing Microsoft Entra Agent ID: AI Gets Its Own Identity

Microsoft Entra Agent ID is a game-changer. It assigns unique IDs to AI agents, letting organizations govern how these bots access data and systems. This means AI agents now follow the same strict identity rules as humans, including authentication, authorization, and lifecycle management.

“By extending Entra’s identity protections to AI agents, organizations can apply Conditional Access policies, enforce least privilege access, and monitor agent activity—just as they would with human users.”

This update ensures AI deployments stay secure and transparent, giving admins full control over AI interactions.

Major Security and Authentication Updates

Passkey Profiles Get Smarter

Starting November 2025, passkey (FIDO2) authentication policies will support group-based controls. Admins can customize which security keys or Microsoft Authenticator passkeys specific user groups use. Plus, Entra will accept any WebAuthn-compliant security key when “Enforce attestation” is off, broadening hardware options.

Risk Policies Moving to Conditional Access

Microsoft is retiring User Risk and Sign-in Risk policies in Entra ID Protection. From July 31, 2025, these pages become read-only, and by October 1, 2026, they’ll be fully retired. Organizations must migrate these policies to Conditional Access to unlock enhanced features.

Improved Backup for Authenticator App on iOS

Starting September 2025, iOS users can back up all Authenticator app account names—including third-party accounts—via iCloud and iCloud Keychain. This replaces the older Microsoft personal account backup method, making device switches effortless.

“When users set up a new iOS device, their account names will automatically appear in the Authenticator app, simplifying restore without needing a Microsoft account.”

Android support will follow, but iOS users get a smoother, more secure backup experience right away.

Important Retirements and Migration Deadlines

Azure AD Graph API Is Phasing Out

Azure AD Graph API started retiring in September 2024, with full shutdown planned for early September 2025. If your apps still rely on it, migrate to Microsoft Graph immediately to avoid outages. Expect some temporary downtime during the transition.

AzureAD PowerShell Modules Retiring

The classic AzureAD and AzureAD-Preview PowerShell modules will stop working by mid-October 2025. Switch to Microsoft Graph PowerShell SDK or Microsoft Entra PowerShell to keep your scripts running smoothly.

Other Noteworthy Changes

  • B2B Guest Authentication: From July 2025, guest users will see their home organization’s branded sign-in page, reducing confusion during cross-tenant access.
  • Password-Based SSO: The “Automatically capture sign-in fields” feature will be retired by August 2025. Use manual capture with the MyApps Secure Sign-In Extension instead.

Why These Updates Matter

Microsoft Entra’s June 2025 updates focus on securing AI identities, modernizing authentication, and simplifying user management. For tech teams, staying ahead means migrating legacy tools and embracing new policies now.

Don’t wait—start planning your migrations and policy updates to leverage these innovations and keep your environment secure.

  • Agent ID assigns unique identities to AI agents, enabling secure access and monitoring like human users.
  • Passkey profiles in Entra ID will support group-based configurations and broader security key acceptance starting November 2025.
  • Authenticator app on iOS will support iCloud backup for all accounts, simplifying device setup without Microsoft account dependency.
  • Azure AD Graph API and AzureAD PowerShell modules are retiring; urgent migration to Microsoft Graph and Entra PowerShell is required.
  • B2B guest users will experience a new branded sign-in flow improving clarity and reducing confusion during cross-tenant authentication.

    • From the Microsoft Entra Blog articles


    Related Posts
    Unlock New Possibilities with Windows Server Devices in Intune!

      Windows Server Devices Now Recognized as a New OS in Intune Microsoft has announced that Windows Server devices are Read more

    Unlock the Power of the Platform: Your Guide to Power Platform at Microsoft Ignite 2022

    Microsoft Power Platform is leading the way in AI-generated low-code app development. With the help of AI, users can quickly Read more

    Unlock the Power of Microsoft Intune with the 2210 October Edition!

    Microsoft Intune is an enterprise mobility management platform that helps organizations manage mobile devices, applications, and data. The October edition Read more

    Unlock the Power of Intune 2.211: What’s New for November!

    Microsoft Intune has released its November edition, featuring new updates to help IT admins better manage their organization’s mobile devices. Read more

    , , , , , , , , , , , , , , ,

    ailona

    Follow Us

    [adinserter name=”Block 4″]

    Recent Posts

    Categories

    Tags

    365 and articles Azure blog build community copilot developer enhanced exploring features for how hub: insider latest microsoft microsoft’s new power preview Security stories: Teams the unlock Windows with your