GuardEntry × Salesforce AgentForce

Named Credentials store your API key securely and keep it out of flows.

1. 1. In Salesforce, go to Setup → search Named Credentials → click New
2. 2. Fill in:

3. Under Custom Headers, click Add and set:

4. Click Save

External Services turns the GuardEntry OpenAPI spec into callable AgentForce actions automatically.

1. 1. Go to Setup → search External Services → click New External Service
2. 2. Fill in:

3. Click Save & Next

4. Salesforce parses the spec and shows available operations. Confirm evaluateAgentAction is listed, then click Next → Finish

Download and import the pre-built Agent Action so you don't have to configure it manually.

1. 1. In Salesforce, go to Setup → Custom Metadata Types → find Agent Actions → Manage Records → Import
2. 2. Upload GuardEntry_EvaluateBeforeActing.xml and click Deploy

Or create it manually:

1. 1. Go to Setup → Agent Actions → New
2. 2. Set Action Type to External Service
3. 3. Select GuardEntry → evaluateAgentAction
4. 4. Name it GuardEntry: Evaluate Before Acting
5. 5. Map inputs: subjectContent → planned action text, subjectType → hardcode tool_argument

1. 1. Open AgentForce Builder and select your agent
2. 2. In the Actions panel, click Add Action
3. 3. Search for GuardEntry: Evaluate Before Acting and select it
4. 4. Drag it to the first position in the action list (it must run before any other action)
5. 5. Configure the On Block behavior:
   • • If decision = block → add a Decision element that stops the flow and returns the reasoning to the user
   • • If decision = allow → continue to the next action
6. 6. Click Save → Activate