Agent 365 Now Requires Microsoft 365 E5 — Licensing Impact & What To Do
Effective June 1, 2026, Microsoft introduced a hard licence prerequisite for new Agent 365 purchases. If your organisation is on E3 or Business Premium and planning to expand Agent 365, you are now blocked until you upgrade. Here is what changed, why Microsoft did it, and the practical options in front of you.
1. What Changed on June 1, 2026
Microsoft quietly updated its commercial licensing terms and the Partner Center announcement board on June 1, 2026, adding a formal prerequisite statement to the Agent 365 product family: customers must hold active Microsoft 365 E5 licences to purchase new Agent 365 subscriptions. This applies to all commercial tenants globally — multi-national agreements, CSP, direct EA, and MPSA channels are all affected.
The exact scope of the change is important to understand:
- New purchases blocked: Any organisation that does not currently hold Agent 365 licences and wants to start using the platform must be on E5 first.
- Seat expansion blocked: Existing Agent 365 customers who want to add net-new seats to their tenant also face the E5 gate for the incremental licences.
- Existing customers grandfathered: If your organisation already had active Agent 365 licences as of May 31, 2026, those seats continue to work. Microsoft is not forcing an immediate upgrade. The grandfathering applies to the licence count you held at that date — you cannot add seats without E5.
- Renewals unaffected (for now): Renewing your existing Agent 365 seats at the same or lower quantity does not trigger the E5 gate. Growing headcount will.
The change was communicated via the Partner Center announcements page for June 2026 and aligns with a broader July 2026 pricing update that Microsoft previewed in Q1. Partners received advance notice through the CSP channel; direct EA customers received communication through their Microsoft Account Team.
2. What Is Microsoft Agent 365?
Agent 365 is Microsoft's enterprise AI agent platform, layered on top of Microsoft 365 Copilot. Where Copilot focuses on assistive AI that helps users write, summarise, and analyse, Agent 365 moves into agentic territory — agents that can autonomously plan, decide, and take actions across M365 services, line-of-business systems, and external APIs without requiring a human to approve each individual step.
The platform exposes four primary pre-built agent types, with extensibility for custom agents built via Copilot Studio:
| Agent Type | Primary Function | Connected Systems | E5 Relevance |
|---|---|---|---|
| Employee Self-Service | Handles HR and IT requests autonomously — leave requests, equipment orders, password resets, policy look-ups, onboarding tasks | SharePoint, ServiceNow, Workday, Azure AD / Entra ID | Requires Entra ID P2 for conditional access and identity governance during self-service flows |
| Sales Agent | CRM automation — updates opportunity records, drafts proposals, schedules follow-ups, summarises deal history, triggers next-best-action workflows | Dynamics 365 Sales, Salesforce, Teams, Exchange | Purview DLP policies prevent agent from leaking deal data across tenant boundaries |
| Finance Agent | ERP workflow automation — invoice processing, expense approvals, budget variance analysis, supplier reconciliation, period-close task management | Dynamics 365 Finance, SAP, Power BI, SharePoint | Insider Risk Management flags anomalous financial data access patterns by the agent |
| IT Operations Agent | Monitors device health, triages alerts, auto-remediates known issues, manages patch compliance, drafts incident reports | Intune, Defender for Endpoint, Azure Monitor, ServiceNow | Defender for Endpoint P2 provides the signal quality the agent needs for accurate triage and remediation actions |
Each of these agents operates with delegated identity — it acts as the user, or with a service account, against real systems. This is precisely why the security and compliance foundation matters so much: an agent that can modify CRM records, approve expenses, or reset passwords at scale is a significant attack surface if the identity and data governance stack underneath it is not enterprise-grade.
3. Why Microsoft Made This Change — The Security & Compliance Rationale
This is not Microsoft being arbitrary. The E5 prerequisite reflects a genuine architectural dependency between Agent 365's autonomous action model and the security controls that E5 provides. Let us be precise about what E5 brings that E3 does not, and why each component matters specifically for autonomous agents.
Entra ID P2 (Identity Governance + Privileged Identity Management): Agent 365 agents run with delegated or app-based identities. Without Entra ID P2, you have no Privileged Identity Management (PIM) — no just-in-time access for agent service accounts, no access reviews to periodically certify what the agent can reach, and no entitlement management to scope agent permissions by workflow type. An agent with permanent broad permissions is a credential-theft jackpot.
Defender for Endpoint P2: The IT Operations agent in particular makes remediation decisions based on device signal quality. Defender for Endpoint P1 (included in E3) provides basic next-gen antivirus and device health telemetry. P2 adds EDR (endpoint detection and response), threat hunting, and automated investigation and response (AIR) — the signal depth the agent needs to make accurate remediation calls rather than acting on incomplete data.
Microsoft Purview E5 Compliance (DLP, Information Protection, Insider Risk Management, eDiscovery Premium): Autonomous agents read and write data across your entire M365 estate. Without Purview's data loss prevention policies and sensitivity label enforcement at E5 depth, there is no reliable mechanism to prevent an agent from copying confidential data into a Teams channel, an external SharePoint site, or an email to the wrong recipient. Insider Risk Management provides the behavioural analytics layer that flags if an agent — or its underlying service account — starts behaving anomalously.
Microsoft Sentinel (via E5 Security add-on or standalone): While Sentinel itself is not strictly bundled in the base E5 SKU, the E5 Security add-on includes Sentinel entitlement. Agents generate audit events at high volume — Sentinel provides the SIEM layer to correlate those events, detect lateral movement, and alert on agent actions that fall outside expected operational patterns.
4. Who Is Affected & Impact Analysis
The change has the sharpest impact on three groups:
- Organisations in mid-rollout on E3: If your organisation started an Agent 365 pilot under E3 before June 1 and now wants to expand beyond the grandfathered seat count, you are blocked. The grandfathering only covers the exact seats active at cutover — any expansion requires E5 for the incremental users.
- Organisations that evaluated Agent 365 but had not purchased yet: If the purchase was pending budget approval or internal sign-off past June 1, you now face an E5 prerequisite for what was previously an E3-compatible purchase. This is particularly acute for organisations on Business Premium — the delta between Business Premium and E5 is very large both in feature set and in cost.
- Organisations using CSP with seat-level flexibility: CSP partners need to understand the new gate when advising clients on Agent 365 expansion. Adding a single net-new Agent 365 seat for a new hire will require E5 for that user.
Organisations that are already fully on E5 — typically larger enterprises with mature security programmes — are unaffected operationally. For them, this is a non-event.
5. E3 vs E5 Feature Comparison — What You Actually Get
This table focuses on the features relevant to Agent 365 governance. The full E5 feature list is broader — voice, audio conferencing, and advanced analytics are not covered here.
| Feature Area | M365 E3 | M365 E5 | Agent 365 Relevance |
|---|---|---|---|
| Entra ID (Azure AD) | P1 | P2 | PIM, access reviews, entitlement management for agent service accounts |
| Microsoft Defender for Endpoint | P1 | P2 | EDR, threat hunting, AIR required by IT Operations agent for accurate device triage |
| Defender for Identity | Add-on | Included | Detects lateral movement and identity-based attacks against agent service accounts |
| Defender for Cloud Apps (MCAS) | Add-on | Included | Shadow IT detection, session policy enforcement for agent OAuth app access |
| Purview Information Protection | P1 | P2 | Double Key Encryption, automatic labelling required to classify data agents touch |
| Purview Data Loss Prevention | Basic | Advanced | Adaptive protection and exact data match prevent agent data exfiltration across M365 |
| Purview Insider Risk Management | Not included | Included | Behavioural analytics to flag anomalous agent actions (unusual data access patterns) |
| Purview Communication Compliance | Not included | Included | Monitors agent-generated communications (emails, Teams messages) for policy violations |
| Microsoft Purview eDiscovery | Standard | Premium | Legal hold and advanced review required when agent actions are subject to litigation |
| Microsoft Intune Suite | Core Intune | Intune Suite add-on eligible | Advanced endpoint management for devices where agents are deployed |
| Microsoft Sentinel (SIEM) | Not included | Via E5 Security add-on | Centralised SIEM/SOAR for correlating high-volume agent audit events |
6. Cost & Licensing Options
The following list prices are USD per user per month. Your actual EA or CSP pricing will differ based on agreement terms, volume, and region. Check the Microsoft 365 enterprise plans comparison page for current pricing.
| Option | List Price (USD/user/mo) | Qualifies for Agent 365? | Notes |
|---|---|---|---|
| Microsoft 365 E3 | $36.00 | No (new purchases) | Grandfathered customers only; no new or expanded purchases |
| Microsoft 365 E5 | $57.00 | Yes — full qualification | Complete security + compliance + voice stack; the cleanest path |
| E3 + M365 E5 Security add-on | $36.00 + $12.00 = $48.00 | No — partial E5 does not qualify | Adds Defender suite and Sentinel entitlement but NOT Purview E5 Compliance |
| E3 + M365 E5 Compliance add-on | $36.00 + $12.00 = $48.00 | No — partial E5 does not qualify | Adds Purview E5 stack but NOT Defender P2 or Entra ID P2 |
| E3 + E5 Security + E5 Compliance | $36.00 + $12.00 + $12.00 = $60.00 | Unclear — verify with Microsoft | Functionally close to E5 but Microsoft's official position on whether this satisfies the gate has not been confirmed publicly; costs more than E5 outright |
7. PowerShell: Audit Your Current Licence State via Microsoft Graph
Before you can plan an upgrade path, you need a clear picture of who in your tenant holds Agent 365 licences and what base M365 SKU they are on. The following scripts use the Microsoft Graph PowerShell SDK to surface exactly that.
First, connect to Graph with the right scopes:
# Requires Microsoft.Graph module — install if needed:
# Install-Module Microsoft.Graph -Scope CurrentUser
Connect-MgGraph -Scopes "User.Read.All", "Directory.Read.All", "Organization.Read.All"
# Confirm connection context
Get-MgContext | Select-Object -Property Account, Scopes, TenantId
Next, retrieve all SKUs present in your tenant and identify the relevant SKU part numbers. Agent 365 typically appears as AGENT365_ENTERPRISE or similar — confirm the exact part number in your tenant:
# Retrieve all subscribed SKUs in the tenant
Get-MgSubscribedSku | Select-Object SkuPartNumber, SkuId, ConsumedUnits,
@{ Name = 'Enabled'; Expression = { $_.PrepaidUnits.Enabled } } |
Sort-Object SkuPartNumber |
Format-Table -AutoSize
# Filter for Agent 365 and E-series licences specifically
Get-MgSubscribedSku | Where-Object {
$_.SkuPartNumber -match 'AGENT|SPE_E5|SPE_E3|M365_E5|M365_E3'
} | Select-Object SkuPartNumber, SkuId, ConsumedUnits
Now the key report — identify users who hold Agent 365 licences but are not on M365 E5. These are the users blocked from receiving additional Agent 365 seat expansions and the primary population for your upgrade planning:
# Replace these SKU part numbers with the exact values from your tenant
$Agent365SkuPartNumber = 'AGENT365_ENTERPRISE' # confirm from Get-MgSubscribedSku output
$E5SkuPartNumbers = @('SPE_E5', 'M365_E5', 'ENTERPRISEPREMIUM') # include all E5 variants in tenant
# Get all SKU IDs for reference
$allSkus = Get-MgSubscribedSku
$agent365SkuId = ($allSkus | Where-Object SkuPartNumber -eq $Agent365SkuPartNumber).SkuId
$e5SkuIds = ($allSkus | Where-Object { $_.SkuPartNumber -in $E5SkuPartNumbers }).SkuId
# Retrieve all licensed users — paged for large tenants
$allUsers = Get-MgUser -All -Property Id, DisplayName, UserPrincipalName,
AssignedLicenses, AccountEnabled |
Where-Object AccountEnabled -eq $true
# Identify users with Agent 365 but without any E5 SKU
$affected = $allUsers | Where-Object {
$userSkuIds = $_.AssignedLicenses.SkuId
($agent365SkuId -in $userSkuIds) -and
($e5SkuIds | Where-Object { $_ -in $userSkuIds } | Measure-Object).Count -eq 0
}
Write-Host "Users with Agent 365 but NOT on E5: $($affected.Count)" -ForegroundColor Yellow
$affected | Select-Object DisplayName, UserPrincipalName |
Export-Csv -Path ".\Agent365-NoE5-$(Get-Date -Format 'yyyyMMdd').csv" -NoTypeInformation
Write-Host "Report exported to Agent365-NoE5-$(Get-Date -Format 'yyyyMMdd').csv"
Get-MgSubscribedSku first to confirm the part numbers in your specific tenant before substituting values in the compliance check script. Microsoft occasionally uses different part numbers for the same product across EA, CSP, and direct channels.
8. What Should Your Organisation Do NOW?
The decision path depends on two factors: whether you are a grandfathered existing customer, and whether you intend to grow your Agent 365 deployment. Use this decision framework:
9. Community Reaction — The "E5 Tax" Debate
The announcement generated predictable split reactions across the Microsoft admin community. In the Microsoft Tech Community, Reddit's r/sysadmin and r/Office365, and the MVP community channels, two camps emerged almost immediately.
The "E5 tax" camp — frustrated admins: The loudest reaction was from mid-market IT teams who had piloted Agent 365 under E3, built internal business cases around the E3-compatible cost model, and were now facing a significantly higher per-user cost for what they had been told was the direction of M365. The criticism is not really about whether E5 is a good product — most acknowledge it is — but about the timing, the lack of a transition pathway, and the fact that organisations mid-pilot have had the rules changed under them. Several admins pointed out that the Partner Center announcement, while technically in advance, did not reach frontline IT teams through any direct channel.
Jan Ketil Skanke (MVP, Modern Workplace) on licence planning:
"Every time we see a capability gated behind E5, I hear the same reaction — 'Microsoft is just milking us for more money.' But the honest conversation to have with your leadership is: what does it actually cost your organisation to deploy autonomous agents on an identity foundation that does not have PIM, access reviews, or behavioural analytics? The E5 delta is real, but so is the risk of not having those controls. The question is whether your organisation is ready for agentic AI at all — not just whether you can afford E5."
Rudy Ooms (MVP, Intune/Security) on governance implications:
"The thing that concerns me most is not the E5 gate — I think requiring Entra ID P2 and Purview compliance for autonomous agents is the right call architecturally. What concerns me is organisations that will find a workaround, or that will rush the E5 upgrade without actually configuring the E5 features that justify it. Getting E5 licences is not the same as having a working Conditional Access policy that governs agent service accounts, or having Insider Risk Management tuned for your environment. The licence is the beginning of the story, not the end."
The security community's view: Among security-focused practitioners, the reaction has been broadly supportive. The argument is simple: if you are deploying agents that can take autonomous actions — modifying CRM records, approving HR requests, resetting passwords — the identity and data governance stack underneath those agents needs to be enterprise-grade. E3 with P1 conditional access and basic DLP is not that. The security community has been making this architectural argument for years; the licensing gate formalises it.
10. Microsoft's Partner Update Channel & July 2026 Pricing Context
The E5 prerequisite announcement appeared in the Partner Center June 2026 announcements alongside a broader set of changes that take full effect on July 1, 2026. The July update includes pricing adjustments to several M365 add-on SKUs and a refresh of the Copilot licensing structure that has implications for how Agent 365 seats are bundled and priced in the next fiscal half.
Partners should note that the July 1 update also affects how Agent 365 is presented in the CSP price list — the catalogue entry now includes the E5 prerequisite flag, which prevents the ordering system from completing a purchase for a tenant that does not have active E5 licences. This is a hard technical gate in Partner Center, not just a licensing policy statement.
For direct EA customers, the gate is enforced at the subscription level in the Microsoft 365 admin centre — an admin attempting to add Agent 365 seats to a tenant without E5 will receive a blocking error in the licence assignment flow.
Official References
- Partner Center Announcements — June 2026
Official Microsoft Partner Center announcement covering the E5 prerequisite for Agent 365 new purchases and the July 2026 pricing update - Microsoft 365 Copilot App Deployment
Deployment guidance for Copilot and Agent 365, including prerequisite and licence requirements - Microsoft 365 Enterprise Plans Comparison
Official feature comparison and current list pricing for E3, E5, and add-on SKUs - Microsoft Purview Compliance Portal
Documentation for E5 compliance features including Insider Risk Management, DLP, eDiscovery Premium, and Communication Compliance