## Microsoft Entra ID Overview

Microsoft Entra ID (formerly Azure Active Directory) is Microsoft's cloud-based identity and access management service. It serves as the central 
identity provider for Microsoft 365, Azure, and thousands of other SaaS applications.

Key Features:
* **Single Sign-On (SSO)** - Users authenticate once to access multiple applications
* **Multi-Factor Authentication (MFA)** - Enhanced security through additional verification methods
* **Conditional Access** - Policy-based access control based on user, device, location, and risk
* **Application Integration** - Supports modern authentication protocols like OAuth 2.0, OpenID Connect, and SAML

## Learning Objective
Microsoft Entra ID can be used as an identity provider on AgentCore Identity and used to authenticate users and have them authorize the agent to acccess protected resources on their behalf. 

## Authorization Code Flow
The OAuth 2.0 authorization code flow is the recommended approach for web applications to securely authenticate users and obtain access tokens. This 
flow involves:
1. Redirecting users to Entra ID for authentication
2. Receiving an authorization code after successful login
3. Exchanging the code for access and refresh tokens
4. Using tokens to access protected resources

This integration pattern allows AgentCore to leverage Entra ID's robust identity management capabilities while maintaining secure, standards-based authentication for your applications.

## Step 1: Setup Entra ID Tenant

An Entra ID tenant is a dedicated instance of Microsoft Entra ID that represents your organization. Think of it as your organization's isolated directory in Microsoft's cloud.

Key Characteristics:
* **Unique Identity** - Each tenant has a unique domain (e.g., yourcompany.onmicrosoft.com)
* **Isolated Boundary** - Users, groups, and applications in one tenant are separate from others
* **Administrative Control** - Tenant admins manage users, security policies, and application registrations
* **Multi-Domain Support** - Can include custom domains alongside the default .onmicrosoft.com domain

In Practice:
When you register an application with Entra ID for OAuth integration, you're registering it within a specific tenant. Users from that tenant can then authenticate against your application using their organizational credentials.

For AgentCore integration, you'll need:
* **Tenant ID** - Unique identifier for the Entra ID instance
* **Application Registration** - Your app registered within the tenant
* **Appropriate Permissions** - Configured access rights for your application

This tenant-based model ensures that authentication and authorization remain within your organization's security boundary.

Steps to create a tenant can be found at https://learn.microsoft.com/en-us/entra/fundamentals/create-new-tenant

## Step 2: Setup Application
1. Go to portal.azure.com and search for "Entra ID" in the serch bar at the top of the screen
<img src="images/1.entraid.jpg" width="75%">
2. Got to manage --> App Registrations
<img src="images/2.app.registration.png" width="75%">
3. Click "New Registration" and fill in the details. Make sure you select the multi tenant option
- Use "https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/callback" or "https://bedrock-agentcore.us-east-1.amazonaws.com/identities/oauth2/callback" as the redirect URL depending on which regiion you will have your agent running.
<img src="images/3.app.registration.form.png" width="75%">
4. Create a client secret. Copy the client secret and client ID for use in AgentCore.
<img src="images/3.gather.client.info.png" width="75%">
5. Create SCopes for OAuth. Go to Expose an API --> Add Scope. Copy and save full scope. 
<img src="images/4.expose.api.png" width="75%">

## Step 2 - Create a Bedrock AgentCore Identity Provider

In [1]:
import os

In [2]:
os.environ["client_id"] = "08c1e356-dddd-dddd-dddd-26f9339c0d17" # Replace with your client ID
os.environ["secret"] = "S6p8Q~VEOtGFOIXXXXXXXXXXXXXXXXXXXXsrw3aPA" # Replace with your secret
os.environ["scope"] = "api://08c1e356-dddd-dddd-dddd-26f9339c0d17/read" # Replace with your scope

In [3]:
from bedrock_agentcore.services.identity import IdentityClient

from boto3.session import Session
import boto3
boto_session = Session()
region = boto_session.region_name

#Configure API Key Provider
identity_client = IdentityClient(region=region)

In [5]:
ms_provider = identity_client.create_oauth2_credential_provider(
    req={
        "name": "ms_entra_oauth_provider",
        "credentialProviderVendor": "MicrosoftOauth2",
        "oauth2ProviderConfigInput": {
            "microsoftOauth2ProviderConfig": {
                "clientId": os.environ["client_id"],
                "clientSecret": os.environ["secret"]
            }
        }
    }
)    

## Step 3: Validate locally

In [6]:
from bedrock_agentcore.identity.auth import requires_access_token
@requires_access_token(
    provider_name="ms_entra_oauth_provider", # replace with your own credential provider name
    auth_flow="USER_FEDERATION",
    scopes = [os.environ["scope"]],
    on_auth_url= lambda x: print("\nPlease copy and paste this URL in your browser:\n" + x),
    force_authentication=True,
)
def need_access_token(*, access_token: str):
    #print(f'received acess token for async func: {access_token}')
    return access_token

##### `need_access_token(access_token="")` will present a URL that you use to authenticate into Entra ID and get an authorization token for application to use. Once you have authenticated and shared your consent, the authorization code will be available to you. 
<img src="images/7.authenticate.and.authorize.png" width="75%">


In [7]:
id_token = need_access_token(access_token="")

Found existing workload identity from /Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.agentcore.yaml: workload-35333b41
Found existing user id from /Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.agentcore.yaml: 204c8ff1

Please copy and paste this URL in your browser:
https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/authorize?request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3AZjQ0Y2I2ODQtNzc0YS00OGRiLWJmODctOTUzODYyMWI4NTc3


Polling for token for authorization url: https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/authorize?request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3AZjQ0Y2I2ODQtNzc0YS00OGRiLWJmODctOTUzODYyMWI4NTc3
Polling for token for authorization url: https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/authorize?request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3AZjQ0Y2I2ODQtNzc0YS00OGRiLWJmODctOTUzODYyMWI4NTc3
Polling for token for authorization url: https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/authorize?request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3AZjQ0Y2I2ODQtNzc0YS00OGRiLWJmODctOTUzODYyMWI4NTc3
Token is ready


##### You can decode the token and validate it locally. 

In [8]:
import jwt, json

# Decode the token (without verification for inspection purposes)
# For production, always verify the token's signature and claims
decoded_token = jwt.decode(id_token, options={"verify_signature": False})
print("\nDecoded Access Token (for inspection):")
#print(json.dumps(decoded_token, indent=4)) 


Decoded Access Token (for inspection):


Uncomment the last print statement above to see the decoded token from Entra ID.
<img src="images/6decoded-token.png" width="75%">

## Step 4 - Put it all together as an Agent on AgentCore Runtime.

In [18]:
import boto3
from bedrock_agentcore_starter_toolkit import Runtime
from boto3.session import Session
import uuid
boto_session = Session()
sts = boto3.client('sts')
region = boto_session.region_name

In [10]:
%%writefile strands_weather_entra_3lo.py
import os
import datetime  
import json
import asyncio
import traceback

from strands import Agent
from strands import tool
from bedrock_agentcore.runtime import BedrockAgentCoreApp
from bedrock_agentcore.identity.auth import requires_access_token

os.environ["STRANDS_OTEL_ENABLE_CONSOLE_EXPORT"] = "true"
os.environ["OTEL_PYTHON_EXCLUDED_URLS"] = "/ping,/invocations"

# Required OAuth2 scope for Google Calendar API
SCOPES = ['api://08c1e356-2aad-4702-9ba9-26f9339c0d17/read']

entra_access_token = None  # Global variable to store the access token

@tool(name="get_weather", description="Retrieves the weather for a given city")
def get_weather(city: str) -> str:
    global entra_access_token
    
    # Check if we already have a token
    if not entra_access_token:
        return json.dumps({"auth_required": True, "message": "Entra ID authentication is required. Please wait while we set up the authorization.", "events": []})

    return json.dumps({"weather": "weather is warm and Sunny"})  # Return events wrapped in an object
    
# Initialize the agent with tools
agent = Agent(tools=[get_weather])

# Initialize app and streaming queue
app = BedrockAgentCoreApp()

class StreamingQueue:
    def __init__(self):
        self.finished = False
        self.queue = asyncio.Queue()
        
    async def put(self, item):
 
        await self.queue.put(item)

    async def finish(self):
        self.finished = True
        await self.queue.put(None)

    async def stream(self):
        while True:
            item = await self.queue.get()
            if item is None and self.finished:
                break
            yield item

queue = StreamingQueue()

async def on_auth_url(url: str):
    print(f"Authorization url: {url}")
    await queue.put(f"Authorization url: {url}")


async def agent_task(user_message: str):
    try:
        await queue.put("Begin agent execution")
        
        # Call the agent first to see if it needs authentication
        response = agent(user_message)
        
        # Extract text content from the response structure
        response_text = ""
        if isinstance(response.message, dict):
            content = response.message.get('content', [])
            if isinstance(content, list):
                for item in content:
                    if isinstance(item, dict) and 'text' in item:
                        response_text += item['text']
        else:
            response_text = str(response.message)
        
        # Check if the response indicates authentication is required
        # Look for various keywords that indicate authentication issues
        auth_keywords = [
            "authentication", "authorize", "authorization", "auth", 
            "sign in", "login", "access", "permission", "credential",
            "need authentication", "requires authentication"
        ]
        needs_auth = any(keyword.lower() in response_text.lower() for keyword in auth_keywords)
       
        if needs_auth:
            await queue.put("Authentication required for wearther access. Starting authorization flow...")
            
            # Trigger the 3LO authentication flow
            try:
                global entra_access_token
                entra_access_token = await need_token_3LO_async(access_token=None)
                await queue.put("Authentication successful! Retrying weather request...")
                
                # Retry the agent call now that we have authentication
                response = agent(user_message)
            except Exception as auth_error:
                # print("Exception occurred:")
                # traceback.print_exc()
                print(f"auth_error:", auth_error)
                await queue.put(f"Authentication failed: {str(auth_error)}")
        
        await queue.put(response.message)
        await queue.put("End agent execution")
    except Exception as e:
        await queue.put(f"Error: {str(e)}")
    finally:
        await queue.finish()

@requires_access_token(
    provider_name="ms_entra_oauth_provider",
    scopes=SCOPES,
    auth_flow='USER_FEDERATION',
    on_auth_url=on_auth_url,
    force_authentication=True,
)
async def need_token_3LO_async(*, access_token: str):
    global entra_access_token
    entra_access_token = access_token  # Update the global access token
    print("Got access token....", access_token)
    return access_token

from fastapi.responses import StreamingResponse

@app.entrypoint
async def agent_invocation(payload):
    user_message = payload.get("prompt", "No prompt found in input, please guide customer to create a json payload with prompt key")
    
    # Create and start the agent task
    task = asyncio.create_task(agent_task(user_message))
    
    # Stream results as they come
    async for item in queue.stream():
        yield f"data: {json.dumps({'message': str(item)})}\n\n"
    
    # Ensure the task completes
    await task
    
if __name__ == "__main__":
    app.run()

Overwriting strands_weather_entra_3lo.py


In [11]:
import user_cognito_setup
spa_config = user_cognito_setup.create_spa_pool()

Using AWS Region: us-west-2

Created User Pool: DemoUserPool (ID: us-west-2_xsCqnjZAs)
Created App Client: DemoClient (ID: 5haup8328aio11t8di5l1pvvtg)

Creating testuser1...
Created user: testuser1
Successfully authenticated user: testuser1

Creating testuser2...
Created user: testuser2
Successfully authenticated user: testuser2


In [15]:
agentcore_runtime = Runtime()
discovery_url = f'https://cognito-idp.us-west-2.amazonaws.com/{spa_config["pool_id"]}/.well-known/openid-configuration' 
client_id = spa_config['client_id']

response = agentcore_runtime.configure(
    entrypoint="strands_weather_entra_3lo.py",
    #auto_create_execution_role=True,
    execution_role="BedrockAgentCoreRole",
    auto_create_ecr=True,
    requirements_file="requirements.txt",
    region=region,
    agent_name="strands_weather_entra_3lo",
    authorizer_configuration={
        "customJWTAuthorizer": {
            "discoveryUrl": discovery_url,
            "allowedClients": [client_id]
        }
    }
)
response

Entrypoint parsed: file=/Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/strands_weather_entra_3lo.py, bedrock_agentcore_name=strands_weather_entra_3lo
Configuring BedrockAgentCore agent: strands_weather_entra_3lo
Generated Dockerfile: /Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/Dockerfile
Generated .dockerignore: /Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.dockerignore
Setting 'strands_weather_entra_3lo' as default agent
Bedrock AgentCore configured: /Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.bedrock_agentcore.yaml


ConfigureResult(config_path=PosixPath('/Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.bedrock_agentcore.yaml'), dockerfile_path=PosixPath('/Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/Dockerfile'), dockerignore_path=PosixPath('/Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.dockerignore'), runtime='Docker', region='us-west-2', account_id='135808924095', execution_role='arn:aws:iam::135808924095:role/BedrockAgentCoreRole', ecr_repository=None, auto_create_ecr=True)

In [14]:
!rm "/Users/dhegde/Documents/Code/AgentCore/GITHUB/amazon-bedrock-agentcore-samples/04-LearningPath/.bedrock_agentcore.yaml"

In [16]:
launch_response = agentcore_runtime.launch(local_build=True)

🔧 Local build mode: building locally, deploying to cloud (NEW OPTION!)
   • Build container locally with Docker
   • Deploy to Bedrock AgentCore cloud runtime
   • Requires Docker/Finch/Podman to be installed
   • Use when you need custom build control
Launching Bedrock AgentCore agent 'strands_weather_entra_3lo' to cloud
Docker image built: bedrock_agentcore-strands_weather_entra_3lo:latest
Using execution role from config: arn:aws:iam::135808924095:role/BedrockAgentCoreRole
✅ Execution role validation passed: arn:aws:iam::135808924095:role/BedrockAgentCoreRole
Uploading to ECR...
Getting or creating ECR repository for agent: strands_weather_entra_3lo
✅ ECR repository available: 135808924095.dkr.ecr.us-west-2.amazonaws.com/bedrock-agentcore-strands_weather_entra_3lo


✅ Reusing existing ECR repository: 135808924095.dkr.ecr.us-west-2.amazonaws.com/bedrock-agentcore-strands_weather_entra_3lo


Authenticating with registry...
Registry authentication successful
Tagging image: bedrock_agentcore-strands_weather_entra_3lo:latest -> 135808924095.dkr.ecr.us-west-2.amazonaws.com/bedrock-agentcore-strands_weather_entra_3lo:latest
Pushing image to registry...


The push refers to repository [135808924095.dkr.ecr.us-west-2.amazonaws.com/bedrock-agentcore-strands_weather_entra_3lo]
95c19ae154e9: Waiting
27b1542b9257: Waiting
046e0ba021a5: Waiting
5badcf740c13: Waiting
94fa42b5194c: Waiting
f8d7a1f0426e: Waiting
b3407f3b5b5b: Waiting
b762d0751979: Waiting
99f4eea95216: Waiting
cb70f7f6e1b6: Waiting
6bb3da8623b3: Waiting
27b1542b9257: Waiting
046e0ba021a5: Waiting
5badcf740c13: Waiting
94fa42b5194c: Waiting
f8d7a1f0426e: Waiting
95c19ae154e9: Waiting
b762d0751979: Waiting
99f4eea95216: Waiting
cb70f7f6e1b6: Waiting
6bb3da8623b3: Waiting
b3407f3b5b5b: Waiting
cb70f7f6e1b6: Waiting
6bb3da8623b3: Layer already exists
b3407f3b5b5b: Layer already exists
b762d0751979: Layer already exists
99f4eea95216: Layer already exists
94fa42b5194c: Layer already exists
f8d7a1f0426e: Layer already exists
95c19ae154e9: Layer already exists
27b1542b9257: Layer already exists
046e0ba021a5: Layer already exists
5badcf740c13: Layer already exists
cb70f7f6e1b6: Pushed


Image pushed successfully
Image uploaded to ECR: 135808924095.dkr.ecr.us-west-2.amazonaws.com/bedrock-agentcore-strands_weather_entra_3lo
Deploying to Bedrock AgentCore...


latest: digest: sha256:256bb17f9f54d67ca4d1acd5a77305646c998e7e62d0f71941b05c150466cc1c size: 856


✅ Agent created/updated: arn:aws:bedrock-agentcore:us-west-2:135808924095:runtime/strands_weather_entra_3lo-zND9jXGdSi
Polling for endpoint to be ready...
Agent endpoint: arn:aws:bedrock-agentcore:us-west-2:135808924095:runtime/strands_weather_entra_3lo-zND9jXGdSi/runtime-endpoint/DEFAULT
Deployed to cloud: arn:aws:bedrock-agentcore:us-west-2:135808924095:runtime/strands_weather_entra_3lo-zND9jXGdSi


In [17]:
import boto3, json
sts = boto3.client('sts')
cognito_client = boto3.client('cognito-idp', region_name=region,)
cognito_bearer_token_1 = cognito_client.initiate_auth(
        ClientId=client_id,  
        AuthFlow="USER_PASSWORD_AUTH",
        AuthParameters={
            "USERNAME": spa_config['user1']['username'], 
            "PASSWORD": spa_config['user1']['password']
        }
    )["AuthenticationResult"]["AccessToken"]
cognito_bearer_token_2 = cognito_client.initiate_auth(
        ClientId=client_id,  
        AuthFlow="USER_PASSWORD_AUTH",
        AuthParameters={
            "USERNAME": spa_config['user2']['username'], 
            "PASSWORD": spa_config['user2']['password']
        }
    )["AuthenticationResult"]["AccessToken"]

In [21]:
session_id_1 = str(uuid.uuid1())
st = agentcore_runtime.invoke(
    payload={"prompt":"Weather in San Francisco?"}, 
    bearer_token=cognito_bearer_token_1, 
    session_id=session_id_1,
    user_id=spa_config['user1']['username']
)

Invoking BedrockAgentCore agent 'strands_weather_entra_3lo' via cloud endpoint
Both bearer token and user id are specified, ignoring user id


In [22]:
session_id_2 = str(uuid.uuid1())
st = agentcore_runtime.invoke(
    payload={"prompt":"Weather in San Francisco?"}, 
    bearer_token=cognito_bearer_token_2, 
    session_id=session_id_2,
    user_id=spa_config['user2']['username']
)

Invoking BedrockAgentCore agent 'strands_weather_entra_3lo' via cloud endpoint
Both bearer token and user id are specified, ignoring user id
