diff --git a/components/org.wso2.carbon.identity.oauth/pom.xml b/components/org.wso2.carbon.identity.oauth/pom.xml
index 354b1704f4..c31ebc8b88 100644
--- a/components/org.wso2.carbon.identity.oauth/pom.xml
+++ b/components/org.wso2.carbon.identity.oauth/pom.xml
@@ -261,6 +261,10 @@
             <groupId>org.wso2.carbon.identity.organization.management</groupId>
             <artifactId>org.wso2.carbon.identity.organization.management.organization.user.sharing</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.organization.management</groupId>
+            <artifactId>org.wso2.carbon.identity.organization.management.organization.agent.sharing</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.wso2.carbon.identity.organization.management</groupId>
             <artifactId>org.wso2.carbon.identity.organization.resource.hierarchy.traverse.service</artifactId>
@@ -467,6 +471,7 @@
                             org.wso2.carbon.identity.organization.management.role.management.service.models; version="${carbon.identity.organization.management.version.range}",
                             org.wso2.carbon.identity.organization.management.organization.user.sharing.util;version="${carbon.identity.organization.management.version.range}",
                             org.wso2.carbon.identity.organization.management.organization.user.sharing.models;version="${carbon.identity.organization.management.version.range}",
+                            org.wso2.carbon.identity.organization.management.organization.agent.sharing.util;version="${carbon.identity.organization.management.version.range}",
                             org.wso2.carbon.identity.organization.resource.hierarchy.traverse.service;
                             version="${carbon.identity.organization.management.version.range}",
                             org.wso2.carbon.identity.organization.resource.hierarchy.traverse.service.exception;
@@ -641,4 +646,3 @@
     </build>
 
 </project>
-
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java
index a358fb938d..70de1a4414 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/AuthzUtil.java
@@ -30,11 +30,13 @@
 import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
 import org.wso2.carbon.identity.application.common.model.ClaimMapping;
 import org.wso2.carbon.identity.application.common.model.Scope;
+import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
 import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
 import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
+import org.wso2.carbon.identity.organization.management.organization.agent.sharing.util.OrganizationSharedAgentUtil;
 import org.wso2.carbon.identity.organization.management.organization.user.sharing.util.OrganizationSharedUserUtil;
 import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
 import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
@@ -205,6 +207,22 @@ public static String getUserIdOfAssociatedUser(AuthenticatedUser authenticatedUs
         } else {
             associatedUserId = getUserId(authenticatedUser);
         }
+        // For agents, perform the agent-specific org association lookup instead of the user sharing lookup.
+        if (IdentityUtil.isAgentIdentityEnabled()) {
+            String agentStoreName = IdentityUtil.getAgentIdentityUserstoreName();
+            if (StringUtils.isNotEmpty(agentStoreName) &&
+                    agentStoreName.equalsIgnoreCase(authenticatedUser.getUserStoreDomain())) {
+                try {
+                    Optional<String> sharedAgentId = OrganizationSharedAgentUtil
+                            .getAgentIdOfAssociatedAgentByOrgId(associatedUserId,
+                                    authenticatedUser.getAccessingOrganization());
+                    return sharedAgentId.orElseThrow(() ->
+                            new IdentityOAuth2ClientException("Agent is not allowed to access the organization"));
+                } catch (OrganizationManagementException e) {
+                    throw new IdentityOAuth2Exception("Error while resolving shared agent ID", e);
+                }
+            }
+        }
         try {
             Optional<String> optionalOrganizationUserId = OrganizationSharedUserUtil
                     .getUserIdOfAssociatedUserByOrgId(associatedUserId, authenticatedUser.getAccessingOrganization());
diff --git a/pom.xml b/pom.xml
index b90d4b4074..a5558f703c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -267,6 +267,11 @@
                 <artifactId>org.wso2.carbon.identity.organization.management.organization.user.sharing</artifactId>
                 <version>${carbon.identity.organization.management.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.identity.organization.management</groupId>
+                <artifactId>org.wso2.carbon.identity.organization.management.organization.agent.sharing</artifactId>
+                <version>${carbon.identity.organization.management.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.wso2.carbon.identity.organization.management</groupId>
                 <artifactId>org.wso2.carbon.identity.organization.resource.hierarchy.traverse.service</artifactId>
@@ -993,7 +998,7 @@
         </carbon.identity.framework.imp.pkg.version.range>
         <identity.oauth.xacml.version.range>[2.0.0, 3.0.0)</identity.oauth.xacml.version.range>
 
-        <carbon.identity.organization.management.version>2.4.4
+        <carbon.identity.organization.management.version>2.4.18
         </carbon.identity.organization.management.version>
         <carbon.identity.organization.management.version.range>[1.1.14, 3.0.0)
         </carbon.identity.organization.management.version.range>