VendorCommons DraftAgent-researched

Microsoft

Role in IAAI Architecture

Microsoft spans all five IAAI pillars, with Entra ID Governance acting as an IGA and IdP backbone in Pillar A, M365 Copilot and Azure AI Search enforcing identity-aware retrieval in Pillar B, Purview sensitivity labels and AI Hub enforcing output and data classification in Pillars C and D, Sentinel providing AI activity logging and SIEM capabilities in Pillar D, and Purview Compliance Manager plus Responsible AI toolkits supporting enterprise AI governance in Pillar E. The portfolio offers the most comprehensive native IAAI stack for Microsoft-centric enterprises.

Linked Evidence

No public evidence links have been attached directly to this vendor profile yet.

Assertions

interoperabilityCommons DraftAgent-researched

Entra ID uses OAuth 2.0 RFC 8693 to propagate identity to API gateways for AI access control

Microsoft Entra ID issues OAuth 2.0 access tokens and participates in RFC 8693 token exchange flows that delegate access between APIs, while API gateways in the API Gateways and Data Mesh Gateways for AI Access category validate Entra-issued JWTs and forward authorized requests, allowing standardized token exchange and validation at the A–B interface to enforce identity-aware AI API access.