Register an AI agent

Early Access release

Registering an AI agent formalizes it as a workload principal in the Universal Directory (UD) and gives it a unique record alongside human identities. This process requires defining the agent's profile and assigning a human owner for governance and accountability. Once registered, managed connections can be configured to ensure least privilege access to external resources.

To complete the registration process, follow these steps:

Before you begin

  • You have the super admin role.
  • If you want to link the AI agent to an OIDC app, you've already integrated that app in your org. If you haven't, follow the steps in Add existing app integrations.
  • You have a public JSON Web Key (JWK) for authentication with Okta. If you don't have one already, you can generate one after registering the agent.

Register an AI agent

Register an AI agent in your org, and then assign one or more owners.

  1. In the Admin Console, go to DirectoryAI Agents.

  2. Click Register AI agent.
  3. Enter a Name and Description.
  4. Optional. Select an app from the Linked application list. If you link the AI agent to an app, the AI agent can only act on a user's behalf if the user is signed in to the app.
  5. Click Register. The Owners tab opens.
  6. Assign one or more owners to the AI agent. Owners are responsible for the AI agent's governance and lifecycle management.
    • Assign individual owners: Select up to five users.
    • Assign a group owner: Select a group. You can only select one group and it must contain at least one user.
  7. Click Save.

Add a public key

After registering the AI agent, you must add a public key. This key is required for the agent to authenticate with Okta.

  1. On the AI agent page, go to the Credentials tab.
  2. Click Add public key. The Add public key dialog opens.
  3. Enter your public key, or click Generate new key. Okta creates a public key that's associated with a private key that you can view in JSON or PEM.
  4. Click Copy to clipboard and store the private key safely.
  5. Click Done.

Activate an AI agent

After you register an AI agent, it has a STAGED status. To activate the agent, you must add at least one owner and one credential. See Activate or deactivate an AI agent.

Related topics

Secure an AI agent

Manage an AI agent

AI Agent Registrations (API)