Agentforce + External API: The Security Layer Nobody Warns You About

The Salesforce ecosystem has been buzzing about Agentforce for a while now. But there is a difference between knowing it exists and actually building with it. Having recently worked on an implementation that pushed Agentforce beyond out-of-the-box capabilities, I want to share something practical. The Real Work Starts When External Data Is Involved In a recent Health Cloud implementation, we needed Agentforce to respond with data that lived outside Salesforce entirely. The requirement was straightforward on paper: expose an external API endpoint, let Agentforce hit it, get the data back, and respond to the user with it in context. Simple enough until you think about security. AppLink Opening an API endpoint that an AI agent can call freely is a risk most clients will not accept, and rightfully so. Anyone with the URL could potentially hit it. So we used AppLink with its service mesh to lock it down which meant the endpoint would only respond to requests originating from that specific S