Cross-Device Identity Verification via Entra Verified ID in a Multi-Agent System
TL;DR A multi-agent system (.NET 9 + Anthropic Claude) that embeds Entra Verified ID directly into the conversation. A QR code appears in chat, the user scans it with their wallet (Microsoft Authenticator), and the agent receives cryptographic proof of identity before it acts. Five layers of security enforcement — from probabilistic prompts to deterministic hooks — ensure identity verification cannot be skipped. The Problem: AI Agents Acting Without Proof AI agents are increasingly asked to perform sensitive operations — unlocking accounts, resetting credentials, approving transactions. But how does an agent know who it’s talking to? A username typed into chat is not identity. A “yes, that’s me” confirmation is not proof. ...