The System Log shows that the Okta Agent Registration application is assigned to admins in the org. No application with this name is visible in Applications. This System Log query will show events related to the application:
target.displayName eq "Okta Agent Registration"
- Active Directory (AD) Agent
- Okta Agent Registration Application
Beginning with version 3.18.0, the AD Agent uses OAuth 2.0 for authorization and OAuth 2.0 Demonstrating Proof-of-Possession (DPoP) to securely communicate with Okta. Agents are now registered through the OAuth 2.0 device authorization flow and operate independently of the account used to register them.
As part of this change, a new application is created to register agents that support OAuth 2.0. Access to register agents is based on admin roles, so the application is not made visible within the org.
This is expected behavior to support the improved agent connection and communication methods beginning with version 3.18.0 of the AD Agent. As this change is made within the org, all admins with permission to register agents (Super Admins by default and any existing custom role with this permission granted) will be individually assigned to the new "Okta Agent Registration" application, and the application will then be assigned to admin groups with that permission.
Going forward, new admins in roles with the necessary permissions will be assigned to the application during the admin role assignment.
