Restricted agents only process authentication requests from users who are members of user groups that have permission to use the agent. Other users cannot use the restricted agent to authenticate.
In the Security Console, click Identity > User Groups > Manage Existing.
Use the search fields to find the user group with which you want to work.
Click the user group, and then click Accessible Agents.