[Opinion] Microsoft Just Unified the Agent Stack, And Forgot the Personal Layer
Agent Framework 1.0 is a big deal for enterprises. But the problem I actually have isn’t an enterprise problem.
On April 3, 2026, Microsoft shipped something important. They took two of Microsoft’s most significant agent projects, AutoGen (the multi-agent orchestration project born at Microsoft Research) and Semantic Kernel (the model-agnostic SDK that many .NET shops had already adopted), and merged them into one thing.
Microsoft Agent Framework 1.0.
.NET and Python. Stable APIs. Long-term support. MCP is GA. Azure AI Foundry integration. Orchestration patterns: group chat, handoff, and graph-based workflows with checkpointing and time-travel debugging. Plus Magentic-One, manager-driven task ledgers. GA targeted Q1 2026; it slipped by a few days into April, which for enterprise releases is essentially on time.
But here’s the seam. Microsoft announced A2A support as part of the 1.0 unification: the industry-convergent two-protocol architecture (MCP + A2A) under one SDK. Except A2A isn’t actually GA in 1.0. It’s in beta (1.0.0b260402 as of release). The convergence is announced, not delivered.
That seam is the point. Even the center, the most resourced, most enterprise-aligned, most protocol-aware vendor in the stack, can’t fully unify the agent layer yet. And the part that’s still open, still incomplete, still not solved by the majors is exactly where the personal federation problem lives.
I’ve been running personal AI agents for two years. I’ve got OpenClaw on my laptop (a personal agent gateway), Hermes on a VPS (a hosted agent runtime), and OGP (our federation protocol) connecting them. I’ve got agents talking to agents across countries, frameworks, and cloud providers.
And Microsoft’s new framework solves exactly zero of the problems I actually face on a daily basis.
That doesn’t make it bad. It makes it a different thing, solving a different problem, for a different buyer. And understanding the difference is the key to understanding where the agent ecosystem is actually going.
What Agent Framework 1.0 Actually Does
Let’s be fair. Microsoft didn’t just slap two repos together and call it GA. The unification is real.
AutoGen was the multi-agent orchestration project born at Microsoft Research. Complex task graphs, agents that argue with each other until they converge on a solution. Powerful, but brittle. The kind of thing that demos beautifully and breaks the moment you change the prompt.
Semantic Kernel was the model-agnostic SDK that .NET shops standardized on. Planners, plugins, memory, connectors to Office 365 and Azure and all the other Microsoft things enterprises already pay for. Boring in the best way. It worked, it integrated, it had SLAs.
Agent Framework 1.0 keeps the orchestration patterns from AutoGen and the enterprise integration from Semantic Kernel. The result is a framework that can do things like:
Graph-based workflows: explicit multi-agent execution paths with streaming, checkpointing, and time-travel debugging. This is the flagship new addition; it’s not AutoGen duct-taped to Semantic Kernel, it’s a new orchestration layer that treats agent execution as a DAG.
Handoff patterns where one agent passes state to another with explicit context transfer
Group chat patterns where multiple agents collaborate on a shared thread
Magentic-One: manager-driven task ledgers with explicit tracking of subtask assignment and completion
MCP support (GA) and A2A support (beta,
1.0.0b260402as of release) so orchestrated agents can talk to external tools and other agentsProvider neutrality: one-line swaps across Azure OpenAI, Anthropic Claude, Google Gemini, Amazon Bedrock, and local Ollama. A hedge against model lock-in that undercuts the “Microsoft wants to own the whole stack” narrative slightly.
This is sophisticated stuff. If you’re a Fortune 500 company trying to automate procurement workflows or customer support triage, this is probably what you evaluate first.
The Center vs. The Edge
Here’s the mental model that took me too long to develop.
The agent ecosystem is splitting into two zones:
The Center: Enterprise platforms, unified frameworks, managed identity, pre-integrated tooling, SLAs, compliance, Azure Active Directory. This is where Microsoft lives. This is where Google lives with A2A. This is where Anthropic lives with MCP. The center wants to own the orchestration layer because that’s where the enterprise money is.
The Edge: Personal agents, small teams, heterogeneous deployments, mixed frameworks, no shared identity provider, no pre-existing trust infrastructure. This is where I live. This is where most individual developers and small teams live. This is the messy zone where your laptop agent needs to talk to your friend’s VPS agent and neither of you has an Azure subscription.
Microsoft Agent Framework 1.0 is a play for the Center. And it’s a good play. If you’re already in the Microsoft ecosystem, if you have Entra ID, if you use Azure, if your security team requires SOC 2 compliance, then a Microsoft-native agent framework is the obvious choice. It integrates. It has support. It has a roadmap.
But the Center’s assumptions break at the Edge. Let me walk through three of them.
Assumption 1: Shared Identity Infrastructure
Microsoft Agent Framework assumes you have an identity provider. Azure AD, Active Directory, some centralized system that can issue tokens, validate principals, and manage permissions.
At the Edge, there is no identity provider. There’s just me and Stan. I have an Ed25519 keypair. Stan has an Ed25519 keypair. We want our agents to talk to each other. We don’t have a shared Active Directory. We don’t want one. We’re not an enterprise. We’re two people with computers.
A2A, Google’s agent protocol which Microsoft now supports in beta, has a related gap. Agent Cards are signed metadata, which is good. But A2A doesn’t specify how the signing keys get trusted across domains. It assumes some out-of-band mechanism, like a shared CA, a manual key exchange, or a pre-existing trust relationship, will handle that. That’s fine inside a Google Cloud tenant. It’s irrelevant if you’re a developer in Denver trying to federate with a developer in Madrid and you don’t have a shared anything.
This is why OGP uses Ed25519 keypairs and bilateral handshakes instead of OAuth and identity providers. Not because Ed25519 is better cryptography (though it is nice). Because it works without infrastructure. Because two people can establish trust by scanning a QR code or exchanging a URL, not by provisioning accounts in a shared tenant.
Assumption 2: Single Administrative Domain
Even though Agent Framework 1.0 is MIT-licensed and runs locally with Ollama (not strictly requiring Azure or Kubernetes), its orchestration and trust model still assume a single administrative domain. The framework coordinates agents because it assumes one entity controls all of them. The graph-based workflows, the handoff patterns, the group chat. All of these assume a shared context, shared state, and shared governance under one umbrella.
At the Edge, my agents run on my laptop. Stan’s agent runs on his Mac Mini. Another friend’s agent runs on a $5 DigitalOcean droplet. None of these are managed environments. None of them have Kubernetes. None of them have Azure AD identity bindings.
OGP’s design, a lightweight daemon that runs alongside whatever gateway framework you’re using with its own port, its own config, and its own keypair, is explicitly designed for unmanaged environments. It doesn’t orchestrate your agents. It just gives them a walkie-talkie to talk to each other. The orchestration happens elsewhere, or not at all, depending on what you need.
Assumption 3: Centralized Trust Decisions
Microsoft Agent Framework, A2A, most enterprise agent stacks. They all assume trust decisions are made centrally. An admin configures which agents can talk to which other agents. Policies are set at the organization level. Role-based access control. Service meshes. Zero trust architecture.
At the Edge, trust decisions are personal. I decide whether I want to federate with Stan. Stan decides whether he wants to federate with me. There’s no admin. There’s no security team. There’s just two humans making individual decisions about whether their digital proxies should be allowed to talk to each other.
And this is the critical part: those decisions need to be revocable, auditable, and visible to the human who made them. Not buried in an Azure policy config that requires a ticket to change. Not implemented as RBAC roles that an admin assigned. Directly visible to the person whose agent is being accessed.
OGP’s bilateral handshake, where both humans approve the federation and both can see the peer list at any time, is designed for this. It’s not a security feature in the enterprise sense. It’s a user experience feature in the personal sense. It’s the difference between “my agent is connected to Stan’s agent because I said so” and “my agent is connected to some endpoint because my organization’s service mesh configuration permits it.”
What Microsoft Got Right
I don’t want this to read as an anti-Microsoft rant. They shipped something genuinely important.
MCP + A2A convergence under one SDK. This is the first time a major vendor has committed LTS to both the tool layer and the agent layer in a single SDK. That matters. MCP is GA in the integration; A2A is beta but on the first-class roadmap. It validates the multi-protocol architecture the industry is converging on. It gives enterprises a single vendor to call for support.
Research + production unification. AutoGen was brilliant but fragile. Semantic Kernel was stable but limited. Combining them means researchers can prototype with the orchestration patterns and then hand off to production teams that need the enterprise integration. This is how mature technology stacks work.
Long-term support. Microsoft committed to stable APIs and LTS. In the agent space, where frameworks change weekly and breaking changes are the norm, this is a genuine differentiator. If you’re building production systems, you need this promise.
Magentic-One. Manager-driven task ledgers with explicit tracking of subtask assignment and completion. This is a real contribution to multi-agent orchestration. It’s not just “agents talk to each other.” It’s “a manager agent coordinates work and maintains accountability.” That’s a step forward.
What Nobody’s Solving Yet
Here’s the gap in the current landscape. Microsoft owns the enterprise center. Google owns the agent-to-agent protocol. Anthropic owns the tool layer. OpenAI owns the model layer. And all of them are building inward: toward larger deployments, more managed infrastructure, more centralized control.
What none of them are building is the personal federation layer.
The problem I actually have, daily, is this: my personal agent on my laptop needs to coordinate with my work agent on a different machine, which needs to coordinate with my friend’s agent on a different cloud provider, which needs to coordinate with a client’s agent in yet another environment. None of these are in the same organization. None of them share an identity provider. None of them are managed by the same admin. But they all represent real humans who want their digital proxies to work together.
This is not an enterprise orchestration problem. It’s a cross-domain personal coordination problem.
And it’s not solved by:
A bigger orchestration framework (Microsoft)
A richer agent-to-agent protocol (Google A2A)
A more comprehensive tool standard (Anthropic MCP)
A more powerful model (OpenAI)
It’s solved by a minimal trust bootstrap layer that works without shared infrastructure. Which is exactly what OGP is.
Where OGP Fits Now
The Microsoft announcement doesn’t kill OGP. It clarifies OGP’s position.
Microsoft Agent Framework 1.0 is the right choice for:
Enterprises with Azure investments
Teams that need managed orchestration
Organizations with existing identity infrastructure
Scenarios where all agents are in the same trust domain
OGP is the right choice for:
Personal agents across multiple machines
Small teams without shared infrastructure
Cross-organization collaboration without IT involvement
Scenarios where trust is bilateral and human-visible
They’re not competitors. They don’t even overlap much in practice. A Microsoft Agent Framework deployment inside a company could use OGP to federate with external partners who aren’t in their Azure tenant. An OGP-enabled personal gateway could use MCP to connect to tools and A2A for internal enterprise delegation, with OGP handling the external federation.
The “three lanes” framework I wrote about earlier, MCP for tools, A2A for enterprise agent orchestration, OGP for cross-domain trust, still holds. Microsoft just made the A2A lane much wider and better paved. Which is good. More traffic on A2A means more people need on-ramps from the personal layer.
The Real Question
The question that matters isn’t “will Microsoft win the agent framework wars?” They will, in the enterprise segment they care about.
The question is: as the center gets more standardized, what happens to the edges?
Every technology cycle follows this pattern. The center consolidates first: standards, frameworks, major vendors. The edges stay messy longer: personal tools, small-team hacks, interoperability shims. Eventually the center’s gravity pulls the edges in. But sometimes the edges stay independent and become a different thing entirely.
Personal AI agents might be the second case. The requirements are genuinely different:
Personal agents need to work offline, on laptops, on spotty internet
Personal agents need to preserve privacy by default, not as a compliance checkbox
Personal agents need human-visible trust decisions, not admin-configured policies
Personal agents need to federate across organizational boundaries, not within them
If the personal layer stays distinct, then OGP’s role is to be the SMTP of personal AI, the protocol that connects independently operated agents across whatever boundaries exist. Not the orchestration layer. Not the tool layer. Just the trust and coordination layer.
The skeptical reader asks: isn’t this just like early email, where personal SMTP servers got eaten by Gmail and Outlook? Why won’t the center’s gravity eventually pull the edges in?
The answer is that these requirements are sticky. They’re not temporary friction that better enterprise tooling will solve. Offline operation, local-first privacy, human-visible trust decisions, and cross-organization federation without a shared admin are architectural constraints, not missing features. You can’t add them to a centralized platform without ceasing to be centralized. The center will always optimize for scale, manageability, and revenue per user. The edge optimizes for autonomy, privacy, and human agency. These are different products for different buyers. And as the center gets more standardized, the edges become more valuable, because they’re the only place where the constraints the center can’t handle still matter.
Microsoft can build this. Their Entra External ID and cross-tenant B2B collaboration business is already a multi-billion-dollar operation built on bilateral trust across organizations. They have the identity infrastructure, the federation expertise, and the engineering talent. They won’t build it for agents because the unit economics are wrong. The ARPU of personal agent federation is pocket change next to enterprise orchestration contracts. Google and Anthropic face the same calculus. The personal layer is too small for their business models. But it’s exactly the right size for an open protocol maintained by the people who use it.
Bottom Line
Microsoft Agent Framework 1.0 is a significant release. It validates the multi-protocol architecture (MCP + A2A) that the industry is converging on, and clarifies why a third lane, for personal federation across independent domains, is still missing. It gives enterprises a single vendor to call. It unifies research and production in a way that hasn’t been done before.
But it doesn’t change the problem I set out to solve with OGP. The problem of two humans, with two agents, on two machines, in two organizations, who want to collaborate without asking IT for permission.
That problem is still unsolved by the major players. And as the center gets more standardized, the edges get more important, because that’s where the real people live, doing real work, across real boundaries that don’t fit neatly into any vendor’s cloud.
Microsoft paved the highway. OGP is the off-ramp the highway doesn’t have.
David Proctor is VP of AI at Trilogy. He writes about agent infrastructure, protocol design, and what actually works when you’re not in an Azure tenant. OGP (Open Gateway Protocol) is an open standard for federated agent communication: github.com/dp-pcs/ogp