Configure imported AI agents

After you've imported AI agents, the next step is to complete the configuration and activate them in Okta. When you configure the AI agent, you can provide the following details:

  • Owners: The admins who are responsible for the AI agent's governance and lifecycle management. If you assigned default owners when you configured the provider app, those owners are already populated on the AI agent. You can modify this ownership and add more owners. Okta recommends that you assign at least two owners to an AI agent to ensure that it always has an owner.
  • Credentials: Okta uses a public key to verify that the AI agent is authorized to access your resources and to validate the digital signatures of its requests.
  • User-sign on: When an AI agent is linked to an app, it can only access resources or perform actions on behalf of a user who is currently signed in to that app.

Before you begin

  • You have the super admin role.
  • You've imported AI agents into Okta. See Import AI agents from an app.
  • If you want to link an AI agent to an OIDC app, integrate that app in your org. See Add existing app integrations.
  • You have a public JSON Web Key (JWK) for authentication with Okta. If you don't have one already, you can generate one when you register the AI agent.

Start this task

  1. In the Admin Console, go to DirectoryAI Agents.

  2. Select an imported AI agent.
  3. Assign owners to the AI agent:
    1. Go to the Owners tab and click Add owners.
    2. Assign one or more owners to the AI agent.
      • Assign individual owners: Select up to five users.
      • Assign a group owner: Select a group that has at least two members.
    3. Click Save.
  4. Link an app to the AI agent:
    1. Go to the User Sign-on tab.
    2. Click Link an application.
    3. Select an app from the Application list and click Link. If you link the AI agent to an app, the AI agent can only act on a user's behalf if the user is signed in to the app.

Activate an AI agent

  1. On the AI agent page, select ActionsActivate.
  2. Click Confirm.
  3. To deactivate the agent, select ActionsDeactivate.

Add credentials

To secure AI agents from Homegrown: Agent builder platforms that were built with custom code, configure a public key.

  1. Go to the Credentials tab.
  2. Click Add public key. The Add public key dialog opens.
  3. Enter your public key, or click Generate new key. Okta creates a public key that's associated with a private key that you can view in JSON or PEM.
  4. Click Copy to clipboard and store the private key safely.
  5. Click Done.

After you've configured and activated your Homegrown: Fully custom or Homegrown: Agent builder platform AI agents that were built with custom code, connect them to resources through a resource connection. See Connect AI agents to resources.

For more details on securing Amazon Bedrock AgentCore AI agents, see Secure an Imported Amazon Bedrock AgentCore Agent.