It differs for each type of agent Proxy or DEM. I would suggest you simply add the user for the agent to the VCAC Administrator role in the UI and that should cover both cases, that way, they only really have application level security to the API for talking to the services. Keep in mind this is authorization only, they still need to be able to authenticate with windows security over IIS so the account identity is valid and need to have access to the ports for the repository (for the DEM) and vmps soap endpoint (for the legacy Proxy).
There might be a lower minimum level for specific use cases, but in general both agents require full access to the application API.