Naftiko · Capability

Microsoft Agent 365 Identity Bridge

A capability bridging Microsoft Entra ID (Azure AD) into Microsoft Agent 365 so agents call Naftiko capabilities with the user's identity propagated.

Run with Naftiko NaftikoEntraAgent 365Identity

What You Can Do

GET
Get identity
/identity

MCP Tools

get-identity

read-only
list-app-roles

read-only

Capability Spec

microsoft-agent-365-identity-bridge.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  title: Microsoft Agent 365 Identity Bridge
  description: A capability bridging Microsoft Entra ID (Azure AD) into Microsoft Agent 365 so agents call Naftiko capabilities with the user's identity propagated.
  tags: [Naftiko, Entra, Agent 365, Identity]
  created: '2026-05-01'
  modified: '2026-05-04'
binds:
- namespace: entra-env
  keys: {ENTRA_TENANT: ENTRA_TENANT, ENTRA_TOKEN: ENTRA_TOKEN}
capability:
  consumes:
  - namespace: entra
    type: http
    baseUri: https://graph.microsoft.com
    authentication: {type: bearer, token: '{{ENTRA_TOKEN}}'}
    resources:
    - {name: me, path: /v1.0/me, operations: [{name: get-me, method: GET}]}
    - {name: app-roles, path: /v1.0/me/appRoleAssignments, operations: [{name: list-app-roles, method: GET}]}
  exposes:
  - type: rest
    address: 0.0.0.0
    port: 8080
    namespace: microsoft-agent-365-identity-bridge-rest
    description: REST surface for identity propagation.
    resources:
    - {name: identity, path: /identity, operations: [{method: GET, name: get-identity, call: entra.get-me}]}
  - type: mcp
    address: 0.0.0.0
    port: 3010
    namespace: microsoft-agent-365-identity-bridge-mcp
    description: MCP for Agent 365 identity.
    tools:
    - {name: get-identity, hints: {readOnly: true}, call: entra.get-me}
    - {name: list-app-roles, hints: {readOnly: true}, call: entra.list-app-roles}
  - type: skill
    address: 0.0.0.0
    port: 3011
    namespace: microsoft-agent-365-identity-bridge-skills
    description: Skill for Agent 365 identity.
    skills:
    - name: microsoft-agent-365-identity-bridge
      description: Agent 365 identity bridge.
      location: file:///opt/naftiko/skills/microsoft-agent-365-identity-bridge
      allowed-tools: get-identity,list-app-roles
      tools:
      - {name: get-identity, from: {sourceNamespace: microsoft-agent-365-identity-bridge-mcp, action: get-identity}}
      - {name: list-app-roles, from: {sourceNamespace: microsoft-agent-365-identity-bridge-mcp, action: list-app-roles}}