diff --git a/arkindex/ponos/api.py b/arkindex/ponos/api.py
index 505eba95685bc5aa663ac5a4263a6ab53f715994..d112bccde8ba1b44081d828a3a5418f505f3769a 100644
--- a/arkindex/ponos/api.py
+++ b/arkindex/ponos/api.py
@@ -167,8 +167,9 @@ class AgentsState(ListAPIView):
     """
     List all agents on the system with their health state.
 
-    Requires authentication with a verified e-mail address.
+    Requires authentication with a verified e-mail address. Cannot be used with Ponos agent or task authentication.
     """
+    authentication_classes = (TokenAuthentication, SessionAuthentication)
     permission_classes = (IsVerified, )
     serializer_class = AgentStateSerializer
 
diff --git a/arkindex/ponos/tests/test_api.py b/arkindex/ponos/tests/test_api.py
index 8316dc0889376b9d013944bd7315e8e1f4f93e6b..0a277624b8f62d70a387f395e2e42af527cf2b27 100644
--- a/arkindex/ponos/tests/test_api.py
+++ b/arkindex/ponos/tests/test_api.py
@@ -1859,7 +1859,36 @@ class TestAPI(FixtureAPITestCase):
             },
         )
 
-    def test_list_agents_state(self):
+    def test_list_agents_requires_login(self):
+        with self.assertNumQueries(0):
+            response = self.client.get(reverse("api:agents-state"))
+            self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_list_agents_agent_forbidden(self):
+        with self.assertNumQueries(0):
+            response = self.client.get(
+                reverse("api:agents-state"),
+                HTTP_AUTHORIZATION=f'Bearer {self.agent.token.access_token}',
+            )
+            self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_list_agents_task_forbidden(self):
+        with self.assertNumQueries(0):
+            response = self.client.get(
+                reverse("api:agents-state"),
+                HTTP_AUTHORIZATION=f'Ponos {self.task1.token}',
+            )
+            self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+    def test_list_agents_requires_verified(self):
+        self.user.verified_email = False
+        self.user.save()
+        self.client.force_login(self.user)
+        with self.assertNumQueries(2):
+            response = self.client.get(reverse("api:agents-state"))
+            self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+
+    def test_list_agents(self):
         """
         Lists agents from all farms with their status
         """
diff --git a/arkindex/project/tests/test_ponos_view.py b/arkindex/project/tests/test_ponos_view.py
index 120d6150d8bb36a33767043178c4e420d8c06027..d30e5393f1edc12a5d4de6180984569d65b24da8 100644
--- a/arkindex/project/tests/test_ponos_view.py
+++ b/arkindex/project/tests/test_ponos_view.py
@@ -38,28 +38,6 @@ class TestPonosView(FixtureAPITestCase):
             last_ping='1999-09-09',
         )
 
-    def test_list_agents_requires_login(self):
-        """
-        Only authenticated users should have the ability to list agents
-        """
-        response = self.client.get(reverse('api:agents-state'))
-        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
-
-    def test_list_agents_requires_verified(self):
-        """
-        Only verified users should have the ability to list agents
-        """
-        self.user.verified_email = False
-        self.user.save()
-        self.client.force_login(self.user)
-        response = self.client.get(reverse('api:agents-state'))
-        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
-
-    def test_list_agents(self):
-        self.client.force_login(self.user)
-        response = self.client.get(reverse('api:agents-state'))
-        self.assertEqual(response.status_code, status.HTTP_200_OK)
-
     def test_retrieve_agent_requires_login(self):
         """
         Only authenticated users should have the ability to retrieve details of an agent