## Microsoft EntraID Overview

Microsoft EntraID (formerly Azure Active Directory) is Microsoft's cloud-based identity and access management service. It serves as the central 
identity provider for Microsoft 365, Azure, and thousands of other SaaS applications.

Key Features:
* **Single Sign-On (SSO)** - Users authenticate once to access multiple applications
* **Multi-Factor Authentication (MFA)** - Enhanced security through additional verification methods
* **Conditional Access** - Policy-based access control based on user, device, location, and risk
* **Application Integration** - Supports modern authentication protocols like OAuth 2.0, OpenID Connect, and SAML

## Learning Objective
Microsoft Entra ID can be used as an identity provider on AgentCore Identity and used to authenticate users and have them authorize the agent to acccess protected resources on their behalf. In this notebook we will explore the use of Entra ID for inbound authentication - Authenticate users before they can invoke an agent.

## Authorization Code Flow
The OAuth 2.0 authorization code flow is the recommended approach for web applications to securely authenticate users and obtain access tokens. This 
flow involves:
1. Redirecting users to EntraID for authentication
2. Receiving an authorization code after successful login
3. Exchanging the code for access and refresh tokens
4. Using tokens to access protected resources

This integration pattern allows AgentCore to leverage EntraID's robust identity management capabilities while maintaining secure, standards-based authentication for your applications.

## Learning Objective 1: Setup EntraID for use with AgentCore

### Step 1: Setup EntraID Tenant
An EntraID tenant is a dedicated instance of Microsoft EntraID that represents your organization. Think of it as your organization's isolated directory in Microsoft's cloud.

Key Characteristics:
* **Unique Identity** - Each tenant has a unique domain (e.g., yourcompany.onmicrosoft.com)
* **Isolated Boundary** - Users, groups, and applications in one tenant are separate from others
* **Administrative Control** - Tenant admins manage users, security policies, and application registrations
* **Multi-Domain Support** - Can include custom domains alongside the default .onmicrosoft.com domain

In Practice:
When you register an application with EntraID for OAuth integration, you're registering it within a specific tenant. Users from that tenant can then authenticate against your application using their organizational credentials.

For AgentCore integration, you'll need:
* **Tenant ID** - Unique identifier for the EntraID instance
* **Application Registration** - Your app registered within the tenant
* **Appropriate Permissions** - Configured access rights for your application

This tenant-based model ensures that authentication and authorization remain within your organization's security boundary.

Steps to create a tenant can be found at https://learn.microsoft.com/en-us/entra/fundamentals/create-new-tenant.

Note:
1. MS EntraID is not a AWS service. Please refer to Microsoft EntraID documentation for costs related to EntraID.
2. Screen prints used in the following steps may change. We encourage you to refer to Microsoft Entra ID documentation for latest guidance on setting up EntraID application.

### Step 2: Setup Application
1. Go to portal.azure.com and search for "EntraID" in the search bar at the top of the screen
<img src="images/entraid.jpg" width="75%">
2. Got to manage --> App Registrations
<img src="images/app.registration.png" width="75%">
3. Click "New Registration" and fill in the details. Make sure you select the multi tenant option
- Use "https://bedrock-agentcore.us-west-2.amazonaws.com/identities/oauth2/callback" or "https://bedrock-agentcore.us-east-1.amazonaws.com/identities/oauth2/callback" as the redirect URL depending on which regiion you will have your agent running.
<img src="images/app.registration.form.png" width="75%">
4. Create a client secret. Copy the client secret and client ID for use in AgentCore.
<img src="images/gather.client.info.png" width="75%">
5. Create SCopes for OAuth. Go to Expose an API --> Add Scope. Copy and save full scope. 
<img src="images/expose.api.png" width="75%">
6. Enable decice code flow.
<img src="images/device.code.flow.png" width="75%"/>

## Learning Objective 2 - Setup a simple agent with EntraID for inbound authentication

#### Prerequisites
1. Install required packages
2. Import packages
3. Get account ID to use throughout the notebook
4. Set AWS region to "us-west-2". You can use any region that supports Bedrock AgentCore. Refer https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/agentcore-regions.html

In [None]:
!pip3 install -r requirements.txt --q # in quite mode to reduce output to the console/notebook

In [None]:
import os
import uuid
import boto3
from boto3.session import Session
from bedrock_agentcore_starter_toolkit import Runtime

boto_session = Session()
sts = boto3.client('sts')
account_id = sts.get_caller_identity().get("Account")
region = boto_session.region_name

#### Setting environment variables for some key information we will need throughout this notebook. 
Please note that the audience will be same as the "Application ID URI" from Step 2.5 above.

In [None]:
#os.environ["client_id"] = "73XXXXXX-CCCC-VVVV-BBBB-NNNNNN1645b6" # Replace with your client ID
#os.environ["secret"] = "bft8Q~XXXXXXXXXXXXXXXXXXXXXXXXXXXXX_ccFb" # Replace with your secret
#os.environ["scope"] = "openid profile https://graph.microsoft.com/Notes.ReadWrite.All https://graph.microsoft.com/Notes.Create" # Replace with your scope
#os.environ["tenant_id"] = "bc244f8c-CCCC-VVVV-BBBB-aa7ab5df1f19"
#os.environ["audience"] = "https://graph.microsoft.com"

#### Agent Code
Keeping the agent simple since the key learning objective for this notebook is to learn inbound authentication using EntraID

In [None]:
%%writefile strands_wo_memory.py
import argparse, json
from strands import Agent, tool
from bedrock_agentcore.runtime import BedrockAgentCoreApp

app = BedrockAgentCoreApp()

agent = Agent()

@app.entrypoint
def strands_agent_bedrock(payload, context):
    print("Context object is ....", context)
    prompt = payload.get("prompt","hello")
    response = agent(prompt)
    return response

if __name__ == "__main__":
    app.run()

#### Configure your runtime with `authorizer_configuration` to enforce inbound authentication. 
You will use a `customJWTAuthorizer` for inbound authentication using EntraID. Note how the discovery_url is building using Tenant ID

In [None]:
agentcore_runtime = Runtime()
discovery_url = f"https://login.microsoftonline.com/{os.environ["tenant_id"]}/.well-known/openid-configuration"
response = agentcore_runtime.configure(
    entrypoint="strands_wo_memory.py",
    #execution_role="BedrockAgentCoreRole",
    auto_create_execution_role=True,
    auto_create_ecr=True,
    requirements_file="requirements.txt",
    region=region,
    agent_name="strands_wo_memory_entra_inbound",
    authorizer_configuration = {
        "customJWTAuthorizer": {
            "discoveryUrl": discovery_url,
            "allowedAudience": [os.environ["audience"]]
        }
    }
)
response

## Learning Objective 3 - Using MSAL to authenticate and get bearer token
#### Start authentication flow using device auth code
<img src="images/msal_code.png" width="75%">
<img src="images/msa_enter_code.png" width="75%">

#### Login using user ID and password. Or select a user if already logged in.
<img src="images/msal_select_user.png" width="75%">
<img src="images/msal_confirm.png" width="75%">
<img src="images/msal_done.png" width="75%">


#### Once done, you will get control back into your notebook and bearer token for the user will be available. Similar to the screenshot below. Follow the link and use the code that you get when you run the following cell. 
<img src="images/msal_bearer_token_received.png" width="75%">


In [None]:
import msal
import webbrowser

# Configuration details from your Entra ID app registration
CLIENT_ID = os.environ["client_id"]  # Replace with your Application (client) ID
TENANT_ID = os.environ["tenant_id"]  # Replace with your Directory (tenant) ID
AUTHORITY = f"https://login.microsoftonline.com/{TENANT_ID}"
REDIRECT_URI = f"https://bedrock-agentcore.{region}.amazonaws.com/identities/oauth2/callback" # Must match the Redirect URI in your app registration
SCOPES = [os.environ["scope"]] # Example scopes, adjust as needed

# Create a PublicClientApplication instance
app = msal.PublicClientApplication(
    client_id=os.environ["client_id"],
    authority=AUTHORITY,
)

# Attempt to acquire token silently from cache first
result = app.acquire_token_silent(SCOPES, account=None)

if not result:
    # If no token in cache, initiate interactive flow
    flow = app.initiate_device_flow(scopes=SCOPES)
    #flow = app.initiate_auth_code_flow(scopes=SCOPES)
    if "user_code" not in flow:
        raise ValueError("Failed to initiate device flow. No user_code found.")

    print(flow["message"])
    webbrowser.open(flow["verification_uri"]) # Open the verification URL in browser

    # Wait for user to complete authentication
    result = app.acquire_token_by_device_flow(flow)

if "access_token" in result:
    access_token = result["access_token"]
    print(f"Bearer Token Received: {access_token[:20]}...")
    # You can now use this access_token to call protected APIs
else:
    print(result.get("error"))
    print(result.get("error_description"))
    print(result.get("correlation_id"))

In [None]:
bearer_token_entra = result["access_token"]

## Learning Objective 3 - Deploy agent and invoke using bearer token received earlier

#### Deploy Runtime Agent
Local Docker needs to be running since local_build is enabled. As an alternate, you can have `local_build=False` to use CloudBuild.

In [None]:
#strands_wo_memory_launch_response = strands_wo_memory_runtime.launch(local_build=True)
strands_wo_memory_launch_response = agentcore_runtime.launch(local_build=True)

In [None]:
import urllib.parse, requests, json

# URL encode the agent ARN
escaped_agent_arn = urllib.parse.quote(strands_wo_memory_launch_response.agent_arn, safe='')

# Construct the URL
url = f"https://bedrock-agentcore.{region}.amazonaws.com/runtimes/{escaped_agent_arn}/invocations?qualifier=DEFAULT"
session_id = str(uuid.uuid1())
headers = {
    "Authorization": f"Bearer {bearer_token_entra}",
    "X-Amzn-Bedrock-AgentCore-Runtime-Session-Id": session_id,
    "X-Amzn-Trace-Id": "1234567890" 
}
http_response = requests.post(url, data=json.dumps(
                                {"prompt":"Hello! I am John Doe. I like brick oven pizza!", "user_id":"user1"}), 
                                headers=headers
                             )
http_response.text

#### Ealier interactions in this session are available through agents.messages. AgentCore memory is not used. Agent will not recollect earlier interaction if a new session ID is used.

In [None]:
http_response = requests.post(url, data=json.dumps(
                                {"prompt":"Who am I?", "user_id":"user1"}), 
                                headers=headers
                             )
http_response.text

#### As an alternate, you can use the AgentCore Runtime object to invoke the agent. Pass the bearer token and same session sesssion ID to continue with the earlier session.

In [None]:
invoke_response = agentcore_runtime.invoke(
    {"prompt":"Who am I?", "user_id":"user1"},
    bearer_token=bearer_token_entra,
    session_id=session_id
)
invoke_response

## Conclusion and Cleanup
In this notebook we learnt how to:
- Setup Entra ID API and Application to provide OAuth Authorization Code flow
- Create an AgentCore Runtime and Deployed and agent with inbound authentication using Entra ID
- Got a token and used it to access the protected Agent

#### Resource(s) created

In [None]:
strands_wo_memory_launch_response.agent_id

#### Delete AgentCore Runtime

In [None]:
agentcore_control_client = boto3.client("bedrock-agentcore-control", region_name=region)
agentcore_control_client.delete_agent_runtime(agentRuntimeId=strands_wo_memory_launch_response.agent_id)

In [None]:
import jwt, json

# Decode the token (without verification for inspection purposes)
# For production, always verify the token's signature and claims
decoded_token = jwt.decode(bearer_token_entra, options={"verify_signature": False})
print("\nDecoded Access Token (for inspection):")
token = json.dumps(decoded_token, indent=4)
print(token) 