Microsoft Teams: Agent & bot support for Entra authentication in group chats

🚨 The Signal: Teams bots and agents in group chats can now request Entra ID authentication and permissions. This enables deeper integration but requires user consent, potentially increasing the attack surface if not managed.

The Impact

All users are affected by new consent prompts, increasing risk if unapproved applications gain access to sensitive data via Entra ID.

• End users: May encounter new consent prompts for bot access.
• Security teams: Must review and potentially update Entra ID application consent policies.
• Admins: Need to monitor application permissions granted to bots and agents.
• Organisations: Face increased risk of data exfiltration if malicious or over-privileged bots are consented.

The Action

1. Review Entra ID user consent settings for applications: Entra admin center > Identity > Applications > Enterprise applications > Consent and permissions > User consent settings.
2. Implement or refine custom application consent policies to restrict broad user consent: Entra admin center > Identity > Applications > Enterprise applications > Consent and permissions > Manage application consent policies.
3. Educate users on the risks of consenting to unknown or suspicious applications and bots.
4. Regularly audit granted permissions for enterprise applications, especially those used by bots and agents: Entra admin center > Identity > Applications > Enterprise applications > All applications > Permissions.

Domain: Agentic-AI · Impact: high · Workload: Teams · Essential Eight: Application Control, Restrict Administrative Privileges · ISM: ISM-0445, ISM-0843, ISM-1175, ISM-1380, ISM-1490, ISM-1507, ISM-1508, ISM-1509, ISM-1544, ISM-1582, ISM-1647, ISM-1648, ISM-1650, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1686, ISM-1688, ISM-1689, ISM-1870, ISM-1871, ISM-1883, ISM-1897, ISM-1898