SalesforceHow Agentforce Runs Secure AI Agents at 11 Million Calls Per Day
Read Full ArticleSummary
The article provides an in-depth look at how Salesforce's Agentforce platform manages over 11 million daily agent calls while ensuring security and reliability. It highlights the architectural design of a layered access-control plane that enforces identity, authorization, and request integrity across a multi-tenant environment. The article emphasizes the importance of blast-radius containment and the separation of responsibilities within the access layer to mitigate risks associated with unauthorized access and service degradation. Additionally, it discusses the necessity of observability in managing transient states during agent interactions, ensuring that the platform can evolve rapidly without compromising security.
Key Learnings
- 1The access-control plane is designed to enforce strict authentication and authorization, ensuring that only valid requests reach backend services.
- 2Separation of responsibilities across platform boundaries reduces operational risk and avoids duplication of security controls.
- 3Blast-radius containment is critical in a multi-tenant environment to prevent issues from affecting multiple customers.
- 4Session-based tracking is implemented to enhance observability and reliability analysis of agent interactions.
- 5Continuous automated monitoring is essential for maintaining performance and availability at high request volumes.
Who Should Read This
Senior Software Engineers specializing in security architecture and scalability in multi-tenant environments.
Test Your Knowledge
What are the trade-offs of implementing a layered access-control plane in a multi-tenant architecture?
How does the separation of responsibilities across platform boundaries enhance security and reduce operational risk?
In what scenarios might the blast-radius containment strategy fail, and how can those risks be mitigated?
Why is session-based tracking important for debugging and reliability analysis in high-throughput systems?
How does the architecture of Agentforce facilitate rapid evolution while maintaining consistent security and reliability?
Topics
More articles about Microservices
Explore Microservices engineering →You can't stream the energy: A developer's guide to Google Cloud Next '26 in Vegas
The article serves as a guide for developers attending Google Cloud Next '26 in Las Vegas, highlighting the importance of in-person collaboration and the value of hands-on learning. It outlines key...
Hyperforce Migration at Scale: How Deterministic Automation Replaced Manual Spreadsheets Across 95,000 Organizations
The article outlines the development of the Migration Intake and Processing Service (MIPS) at Salesforce, which automates the migration of over 95,000 organizations to Hyperforce. It highlights the...
Safeguarding Dynamic Configuration Changes at Scale
The article outlines Airbnb's dynamic configuration platform, Sitar, which enables safe and reliable runtime behavior changes without service interruptions. It emphasizes the importance of a coherent...
My Journey to Airbnb — Anna Sulkina
Anna Sulkina's journey to Airbnb highlights her extensive experience in engineering, particularly in application and cloud infrastructure. She transitioned from hardware diagnostics to software...
The Container paradox: Why the Inference Cloud Demands a “Decoupled” Database
The article explores the challenges of managing databases within Kubernetes clusters, particularly in the context of the Inference Cloud, where AI-driven applications require efficient data access...
More from Salesforce Engineering
View Salesforce engineering blogs →Engineering Platform Trust: Cutting Customer Case Volume 20x with Petabyte-Scale Health Signals
The article details the development of a Technical Health Score system at Salesforce, aimed at quantifying platform trust through analytics pipelines that handle petabytes of telemetry data. By...
How Data 360 Optimized Kubernetes Scheduling Architecture, Delivering 13% Cost Savings
The article discusses how the Data 360 Compute Fabric team at Salesforce optimized Kubernetes scheduling to enhance resource efficiency and reduce costs. By evolving the default kube-scheduler...
Delivering Accurate, Low-Latency Voice-to-Form AI in Real-World Field Conditions
The article explores the development of a hybrid architecture for a voice-to-form AI system used in field service applications. It highlights the integration of on-device speech-to-text capabilities...
Hyperforce Migration at Scale: How Deterministic Automation Replaced Manual Spreadsheets Across 95,000 Organizations
The article outlines the development of the Migration Intake and Processing Service (MIPS) at Salesforce, which automates the migration of over 95,000 organizations to Hyperforce. It highlights the...
Building an AI-Accelerated Compliance Automation Platform for 24x Faster Audits
The article outlines the development of FastTrack, a compliance automation platform by Salesforce, which significantly reduces audit execution time through AI-assisted development and API-based...