Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-EntraAgentIdentityBlueprint
Creates a new Agent Identity Blueprint.
Syntax
Default (Default)
New-EntraAgentIdentityBlueprint
-DisplayName <String>
[-SponsorUserIds <String[]>]
[-SponsorGroupIds <String[]>]
[-OwnerUserIds <String[]>]
[<CommonParameters>]
Description
The New-EntraAgentIdentityBlueprint cmdlet creates a new Agent Identity Blueprint using the Microsoft Graph v1.0 API. An Agent Identity Blueprint serves as a template for creating agent identities with consistent configuration and permissions.
Examples
Example 1: Create a blueprint with sponsors and owners
Connect-Entra -Scopes 'AgentIdentityBlueprint.Create', 'AgentIdentityBlueprint.UpdateAuthProperties.All'
New-EntraAgentIdentityBlueprint -DisplayName "My Blueprint" -SponsorUserIds @("user1@contoso.com") -OwnerUserIds @("owner1@contoso.com")
12345678-1234-1234-1234-123456789012
This example creates an Agent Identity Blueprint with the specified display name, sponsors, and owners.
Example 2: Create a blueprint with user and group sponsors
Connect-Entra -Scopes 'AgentIdentityBlueprint.Create', 'AgentIdentityBlueprint.UpdateAuthProperties.All'
New-EntraAgentIdentityBlueprint -DisplayName "HR Blueprint" -SponsorUserIds @("hr-admin@contoso.com") -SponsorGroupIds @("aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb")
87654321-4321-4321-4321-210987654321
This example creates an Agent Identity Blueprint with both user and group sponsors.
Example 3: Create a blueprint with only user sponsors
Connect-Entra -Scopes 'AgentIdentityBlueprint.Create', 'AgentIdentityBlueprint.UpdateAuthProperties.All'
New-EntraAgentIdentityBlueprint -DisplayName "Finance Blueprint" -SponsorUserIds @("finance-admin@contoso.com", "finance-manager@contoso.com")
11112222-3333-4444-5555-666677778888
This example creates an Agent Identity Blueprint with multiple user sponsors.
Parameters
-DisplayName
The display name for the Agent Identity Blueprint.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-OwnerUserIds
Array of user IDs or UPNs to set as owners.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-SponsorGroupIds
Array of group IDs to set as sponsors.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-SponsorUserIds
Array of user IDs or UPNs to set as sponsors.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
Outputs
System.String
Returns the Agent Identity Blueprint ID.
Notes
At least one sponsor (user or group) must be specified. Owners are optional. If sponsors or owners are not provided as parameters, the cmdlet prompts interactively and suggests the current user as a default. The cmdlet validates all user and group IDs against the tenant before creating the blueprint. The blueprint ID is stored in a module-level variable for use by other related cmdlets.
This cmdlet uses the Microsoft Graph v1.0 API endpoint (/v1.0/applications/graph.agentIdentityBlueprint).
This cmdlet requires the following Microsoft Graph permissions:
- AgentIdentityBlueprint.Create
- AgentIdentityBlueprint.UpdateAuthProperties.All
Related Links
Feedback
Was this page helpful?