Microsoft Events presents a session led by Yonit Glozshtein on the Oasis platform for discovering and governing AI agents’ non-human identities across Microsoft cloud services, emphasizing secure automation and lifecycle controls.

Power Agentic Access: Governing Non-Human Identities with Oasis

Speaker: Yonit Glozshtein
Event: Microsoft Ignite 2025 (Session ODSP1506)

Overview

Non-human identities—service principals, managed identities, and tokens—play a pivotal role in running AI agents on Microsoft cloud platforms. Without visibility and governance, these entities pose serious security risks like identity sprawl, unchecked privileges, and long-lived secrets.

Oasis Platform Capabilities

  • Discover Agents: Automatically scan and inventory every agent operating across Microsoft Entra, Azure, Microsoft 365, and GitHub environments.
  • Rightsize Roles: Analyze agent intent to grant purpose-based, short-lived access roles that reduce standing privilege.
  • Eliminate Long-Lived Secrets: Enforce rotation policies and time-to-live (TTL) for secrets, minimizing risk exposure.
  • Automate Lifecycle: Assign ownership, define access purpose, set expiration (TTL), and gather evidence for audit trails.
  • Centralized Control: Govern identities and access from a single pane of glass, providing developer agility with security best practices.

Session Chapters

  1. Centralized Control for Agent Discovery and Lifecycle Management – Introduction to Oasis platform and its value in consolidating identity governance.
  2. Risks of Uncontrolled Accounts and Identity Sprawl – Addressing the dangers inherent to unmanaged non-human identities.
  3. Securing AI Adoption at Scale – How Oasis facilitates secure, scalable AI agent deployment using analyzed intent and controlled access.
  4. Access Controls and Lifecycle Automation – Showcase of purpose-based, short-lived roles and example scenarios (e.g., access to FMA files).

Key Takeaways

  • Gain visibility into all agent identities across Microsoft cloud services.
  • Reduce risk by minimizing standing privileges and automating rotations and audits.
  • Maintain developer speed without compromising on governance and compliance.

For more sessions and resources, visit Microsoft Ignite.