Transcript
for AI Agents. This Chalk Talk is going to be focused about multi agents talking to each other in a completely autonomous scenarios. Especially in autonomous agents, the most important part here is that how do you understand the intent of these agents talking to each other, as well as continuously enforce your policies at runtime. Let us take a look at it. It all starts with your first primary agent. Let us say the name of that agent is an orchestrator agent. And the job of this agent is to figure out intelligent revenue projections. This agent is registered in Saviant and it also has an identity of its own. For argument's sake, let us say it is ORCAG001. Now as this agent has been tasked, the goal and the objective of this agent is to figure out what are the intelligent revenue projections, this agent is going to talk or spawn three other agents whose job is to help this agent. So this is the spawning process. Let us say the first agent in this case is a data analyzer agent, the second agent in this case is an outreach and the third agent in this case is a forecast agent. Now the important part here is as these agents are being spawned by the orchestrator agent, the orchestrator agent is responsible to give or create agent identities or non-human identities for all these. So let us say in this case it is DAAG001, ORAG001 and FAAG001. It also figures out that what is the intent of this agent. Here in this case, the intent is to read report. In this case, the intent is to email drafts and send these emails. In this case, in the intent is to read and write opportunity data. And each of these agents have an identity and we now know the intent of these agents. At this point of time, what these agents are going to do is as they are getting processed and they are understanding what they have to do. The next step here is to pass all this data to Savian's access gateway. Now the most important part in the access gateway as you would have seen in my previous Chalk Talks are the first one is to go to the MCP interface and look at the list of operations these agents are allowed to do. So for example, if this agent wants to query the reports, is that even allowed? If this agent wants to send an email, is that even allowed? And in this case, the outcome could be it is allowed only if a human approves sending that email. Similarly, there will be a bunch of tool calls and the policy enforcement of this will be done through. There will be certain transactions which will be not allowed. So for example, if the agent wants to delete a record, absolutely not or it could be a policy which says anytime when you are deleting more than five records at a time, it should never be allowed. So all of that happens in the first stage of Savian's access gateway, which is it looks into all the tools available, applies the policies and let the agent know what is allowed versus what is not allowed. So on. Number two is it goes to your policy engine. In the policy engine, the first thing what it does is it does an intent analysis and maps to the tool calls which are being shown and written and given back to the agents. So for example, if an agent is saying that I want to read the reports, is the read report or querying report tool call matching with the original intent? At this point of time, it is a very important concept for you all to understand that the gateway enforces that the original intent versus the actual tool calls are always in sync. If the actual tool call goes more than what the original intent was, it gets blocked then and there itself. A very important fundamental step to understand. The second step here is also to understand that at this point of time, based on the tool calls, each of these agents need to have an application account or a service account to be created just in time. This is a single most very important step which you all need to understand. See in case of interactive agents, an agent need not have a service account in the target application because it is using the credentials of a human counterpart. In case of autonomous agents, each of these agents would require a just in time service account to be created on the application, a very very important concept to understand and that is what is happening at runtime, which means a data analyzer agent will now have its own scoped service account in Salesforce so that it can perform that transaction. The next one and we call it as just in time service app account or just in time NHI provisioning. And the last and the most important part here is logging the lineage, which means orchestrator agent calling three agents, this creating a NHI service account and this in turn performing a API call on Salesforce and then mapping back to the actions. This entire thing has to be audited for compliance and audit reasons. So once all of these steps are being done in the access gateway, the final thing happens on your Salesforce application. In this case, agent number 1 is going to be your DA AG 001 and you had read operations, you had outreach agent 001, you had write and send operations and then of course the last one which is forecast agent where you had write operations and by the way in write and send you also had a human in the loop approval needed. So these are the right agent operation calls which are being done. So at any point of time what you would notice is that the autonomous operation starts from the parent agent spawning up the sub agents responsible for creating their own identities. But the access gateway is the layer which ensures that whatever your intent started with the parent agent, it gets translated into the child agents or sub agents. But more importantly you create a just-in-time scoped credentials for each and every agent here in the target application. It gets completely audited and logged for your compliance reasons and traceability reasons. So at this point of time the gateway ensures that all your corporate policies, security policies are being enforced at runtime for every transaction which is happening in your agentic workflows. All right with that being said friends this was the last Chalk Talk in the series of Identity Security for AI agents. Thank you all for your feedback, your time, your support. We really appreciate it. If there are any other topics or any other scenarios you want us to cover in the future, please send them our way. Till then stay tuned. Thank you once again. Thank you very much for your time.
