How Agentforce Runs Secure AI Agents at 11 Million Calls Per Day
Summary
Agentforce handles over 11 million secure AI agent calls daily by implementing a robust, layered access-control system that enforces authentication, authorization, and request integrity at scale. The platform carefully separates responsibilities between the core Salesforce platform and the distributed compute layer to maintain consistent security and reduce operational risks while enabling new agent capabilities. To ensure multi-tenant reliability, per-org rate limits and resource isolation minimize blast radius effects, preventing failures from cascading across tenants. Observability challenges are addressed through session-based tracking and synthetic monitoring, providing continuous visibility without adding latency. This approach offers Salesforce teams a scalable, secure model for building multi-tenant AI environments that protect sensitive data and maintain high reliability.
Takeaways
- Design layered access control separating authentication, authorization, and request integrity.
- Anchor authorization decisions in core platform as the source of truth.
- Enforce per-org rate limits to contain multi-tenant blast radius risks.
- Use session-based tracking for ephemeral interaction observability without latency.
- Continuously monitor service health using synthetic tests and telemetry dashboards.
In our Engineering Energizers Q&A series, we highlight the engineering minds driving innovation across Salesforce. Today we meet Sahil Sobti, Lead Software Engineer on the Developer Access team, who builds and operates the access layer safeguarding Agentforce , directly managing over 11 million daily agent calls across production environments. Explore how the team defined clear protection boundaries as Agentforce expanded, designed a layered access-control plane enforcing identity, authorization, and request integrity at scale, and contained multi-tenant blast radius to prevent failures or misuse from cascading across the platform. What is your team’s mission as it relates to building and operating the Developer Access layer that safeguards Agentforce? Our mission empowers builders to integrate seamlessly with the Agentforce platform, ensuring every agent interaction remains secure, reliable, and enterprise-ready.