AgentCardManifest.ReadWrite.ManagedBy

Allows the app to read and write agent card manifests that name it as manager in your organization's Agent Registry without a signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the AgentCardManifest.ReadWrite.ManagedBy permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	77f6034c-52f5-4526-9fa1-d55a67e72cc4	-
DisplayText	Read and write managed-by agent card manifests in Agent Registry	-
Description	Allows the app to read and write agent card manifests that name it as manager in your organization's Agent Registry without a signed-in user.	-
AdminConsentRequired	-	-

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /agentRegistry/agentInstances/{agentInstanceId}/agentCardManifest `AgentInstance.ReadWrite.All and AgentCardManifest.ReadWrite.ManagedBy` ▪️ `AgentInstance.ReadWrite.ManagedBy and AgentCardManifest.ReadWrite.ManagedBy`
	PATCH /agentRegistry/agentCardManifests/{agentCardManifestId}

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: agentCapabilities

Property	Type	Description
extensions	agentExtension collection	A list of protocol extensions supported by the agent.
pushNotifications	Boolean	Indicates if the agent supports sending push notifications for asynchronous task updates.
stateTransitionHistory	Boolean	Indicates if the agent provides a history of state transitions for a task.
streaming	Boolean	Indicates if the agent supports Server-Sent Events (SSE) for streaming responses.

Graph reference: agentCardManifest

Property	Type	Description
capabilities	agentCapabilities	A declaration of optional capabilities supported by the agent.
createdBy	String	Object ID of the user or application that created the agent card manifest. Read-only.
createdDateTime	DateTimeOffset	When this agent card manifest was created.
defaultInputModes	String collection	Default set of supported input MIME types for all skills, which can be overridden on a per-skill basis.
defaultOutputModes	String collection	Default set of supported output MIME types for all skills, which can be overridden on a per-skill basis.
description	String	A human-readable description of the agent.
displayName	String	A human-readable display name of the agent.
documentationUrl	String	URL to agent's documentation.
iconUrl	String	URL to agent's icon image.
id	String	ID of the agent card manifest. Inherited from entity. Key.
lastModifiedDateTime	DateTimeOffset	When this agent card manifest was last modified.
managedBy	String	appId (referred to as Application (client) ID on the Microsoft Entra admin center) of the application managing this agent manifest.
originatingStore	String	Name of the store/system where agent originated. For example `Copilot Studio`.
ownerIds	String collection	List of object IDs for the owners of the agent card manifest.
protocolVersion	String	Protocol version supported by the agent.
provider	agentProvider	Information about the organization providing the agent.
security	securityRequirement collection	Security requirements - array of security scheme references.
securitySchemes	securitySchemes	Dictionary of security scheme definitions keyed by scheme name.
skills	agentSkill collection	Skills/capabilities that the agent can perform
supportsAuthenticatedExtendedCard	Boolean	Whether agent supports authenticated extended card retrieval
version	String	Version of the agent implementation

Graph reference: agentInstance

Property	Type	Description
additionalInterfaces	agentInterface collection	Additional interfaces/transports supported by the agent.
agentIdentityBlueprintId	String	Object ID of the agentIdentityBlueprint object.
agentIdentityId	String	Object ID of the agentIdentity object.
agentUserId	String	Object ID of the agentUser associated with the agent. Read-only.
createdBy	String	Object ID of the user or application that created the agent instance. Read-only.
createdDateTime	DateTimeOffset	Timestamp when agent instance was created. Read-only.
displayName	String	Display name for the agent instance.
id	String	Unique identifier for the agent instance. Key. Inherited from entity.
lastModifiedDateTime	DateTimeOffset	Timestamp of last modification.
managedBy	String	appId (referred to as Application (client) ID on the Microsoft Entra admin center) of the application managing this agent.
originatingStore	String	Name of the store/system where agent originated. For example `Copilot Studio`.
ownerIds	String collection	List of object IDs for the owners of the agent instance.
preferredTransport	String	Preferred transport protocol. The possible values are `JSONRPC`, `GRPC`, and `HTTP+JSON`.
signatures	agentCardSignature collection	Digital signatures for the agent instance.
sourceAgentId	String	Identifier of the agent in the original source system.
url	String	Endpoint URL for the agent instance.

Graph reference: agentProvider

Property	Type	Description
organization	String	The name of the agent provider's organization.
url	String	A URL for the agent provider's website or relevant documentation.

Graph reference: agentSkill

Property	Type	Description
description	String	A detailed description of the skill, intended to help clients or users understand its purpose and functionality.
displayName	String	A human-readable name for the skill.
examples	String collection	Example prompts or scenarios that this skill can handle. Provides a hint to the client on how to use the skill.
id	String	A unique identifier for the agent's skill.
inputModes	String collection	The set of supported input MIME types for this skill, overriding the agent's defaults.
outputModes	String collection	The set of supported output MIME types for this skill, overriding the agent's defaults.
security	securityRequirement collection	Security schemes necessary for the agent to leverage this skill.
tags	String collection	A set of keywords describing the skill's capabilities.

Table of Contents

AgentCardManifest.ReadWrite.ManagedBy

Graph Methods

Resources