Add AgenticIdentity API surface

[heyitsaamir]

This PR adds AgenticIdentity as a new auth context across the Teams API surface.

Why:
Agent ID calls need a user-shaped Agent ID token instead of the normal bot token. The API methods now accept agentic_identity where needed, and the shared auth interceptor uses local request metadata to pick the right auth path.

Interesting bits:

• Adds optional agentic_identity to conversation create, activity operations, conversation members, reactions, teams, and meetings.
• Adds optional service_url overrides across the service-url based APIs touched here.
• Agentic identity is passed through httpx request extensions, not headers. So it stays inside the client pipeline and does not leak to Teams endpoints.
• The auth interceptor reads that extension and asks the auth provider for the right token.

Reviewer tips:
Start with the API method signatures, then the changed call sites in ConversationActivityClient, ConversationMemberClient, ReactionClient, TeamClient, and MeetingClient. The auth plumbing itself lives one PR down in #485.

Testing:

• Focused API unit tests for conversation, reaction, bot, user, team, and meeting clients.
• Full test suite passed locally.

Live smoke tested with Agent ID token:

• conversation activity create/update/reply/get_members
• conversation members get_all/get/get_paged
• reactions add/delete
• teams get_by_id/get_conversations
• conversations.create
• meetings get_by_id/get_participant

Known limitation:

• targeted activity create/update reached the service but returned 500. Leaving that as not proven until platform behavior is confirmed.

[heyitsaamir]

This change is part of the following stack:

• [FEATURE BRANCH]-DNP Start Agent 365 support branch #464
  • Add AgenticIdentity API surface #478 ◀
    • Remove ActivitySender send abstraction #479
      • Add app-level agentic send helpers #480

_{Change managed by git-spice.}

[Copilot]

Pull request overview

This PR introduces an AgenticIdentity model and threads it through the Teams API client layer to enable per-call “agentic” authentication, plus adds an apps-layer AppAuthProvider/TokenManager support to mint the appropriate tokens when an agentic identity is used.

Changes:

• Added AgenticIdentity model and surfaced it through API clients (default + per-call override) via a new AuthProvider hook.
• Updated TokenManager/credentials typing to support token providers that can optionally accept agentic_identity.
• Added/updated unit tests and the examples/agent365 sample to demonstrate API-level agentic calls.

Reviewed changes

Copilot reviewed 22 out of 22 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
packages/apps/tests/test_token_manager.py	Adds coverage for passing agentic_identity through token providers and for AppAuthProvider behavior.
packages/apps/src/microsoft_teams/apps/token_manager.py	Adds app-level token APIs and extends token-provider invocation to support agentic tokens.
packages/apps/src/microsoft_teams/apps/options.py	Broadens token option typing to allow agentic-aware token providers.
packages/apps/src/microsoft_teams/apps/auth_provider.py	Introduces AppAuthProvider to mint app vs agentic tokens using TokenManager.
packages/apps/src/microsoft_teams/apps/app.py	Wires AppAuthProvider into ApiClient and adds get_agentic_identity() helper.
packages/api/tests/unit/test_reaction_client.py	Updates reaction client tests for agentic token plumbing.
packages/api/tests/unit/test_conversation_client.py	Adds tests for service URL override and agentic identity usage in activity operations.
packages/api/tests/unit/test_api_client.py	Verifies ApiClient propagates auth defaults into lazily created sub-clients.
packages/api/src/microsoft_teams/api/models/agentic_identity.py	Adds the AgenticIdentity model.
packages/api/src/microsoft_teams/api/models/account.py	Adds Agent ID fields and a convenience agentic_identity property.
packages/api/src/microsoft_teams/api/models/init.py	Exports AgenticIdentity from the models package.
packages/api/src/microsoft_teams/api/clients/reaction/client.py	Adds agentic auth support (default + per-call) to reaction operations.
packages/api/src/microsoft_teams/api/clients/conversation/client.py	Adds agentic identity + service URL overrides to activity operation surfaces and plumbs auth defaults.
packages/api/src/microsoft_teams/api/clients/conversation/activity.py	Implements service URL override and agentic token injection for activity calls.
packages/api/src/microsoft_teams/api/clients/bot/token_client.py	Updates deprecated token client to tolerate token providers that accept agentic_identity.
packages/api/src/microsoft_teams/api/clients/base_client.py	Adds AuthProvider protocol and centralized agentic token factory logic.
packages/api/src/microsoft_teams/api/clients/api_client.py	Adds auth defaults to ApiClient and propagates them to sub-clients.
packages/api/src/microsoft_teams/api/clients/init.py	Exposes AuthProvider in the clients package exports.
packages/api/src/microsoft_teams/api/auth/credentials.py	Updates TokenCredentials.token typing to support agentic-aware token providers.
packages/api/src/microsoft_teams/api/auth/cloud_environment.py	Adds agentic_bot_scope to the cloud environment configuration.
examples/agent365/src/main.py	Updates the sample to send via API client using agentic_identity.
examples/agent365/README.md	Updates documentation to match the new sample flow and env var expectations.

[corinagum]

Can agentic identity not create conversations or list members? Looks like only sending/modifying activities is performable?

[Copilot]

Pull request overview

Copilot reviewed 34 out of 34 changed files in this pull request and generated 1 comment.

[heyitsaamir]

move this to the bottom.

[corinagum]

lgtm! Just one nit

[lilyydu]

Looks pretty clean to me!

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.