How a Fortune 100 Company Enabled Secure Agent Communication

Challenge

A Fortune 100 insurance provider sought to automate and scale its claims processing pipeline using AI agents. While early experiments with LLM-powered assistants showed promise, they ran into issues with:

• Fragmented system access across legacy APIs, data warehouses, and third-party services

• Security concerns around prompt injection, memory sharing, and agent impersonation

• Lack of traceability, which limited adoption in regulated departments like underwriting and compliance

They needed a secure, scalable foundation to orchestrate intelligent agent-to-agent (A2A) workflows—without rewriting their enterprise API stack.

Solution

Traditional APIs exchange structured data—often stateless and based on rigid schemas (like REST or GraphQL). But AI-driven systems require more:

The enterprise deployed a modern AI-native API architecture using:

MuleSoft Flex Gateway

• Used as an LLM-aware API gateway

• Enforced prompt sanitization, token metering, and policy enforcement

• Routed AI agent traffic with low-latency, edge-level control

Salesforce Data Cloud

• Unified customer and claims data into a real-time graph

• Served as a trusted source of truth for agent interactions

• Empowered context-aware personalization across LLM prompts

Model Context Protocol (MCP)

• Standardized agent context handoff

• Preserved session memory and scope between underwriting agent, claims agent, and fraud detection agent

• Ensured zero-trust identity propagation and auditable decision-making

Workflow: Agent-to-Agent Claims Processing

Customer Copilot → Claims Intake Agent → Eligibility Agent → Risk Scoring Agent → Scheduling Agent

Each agent:

• Received scoped data via MCP context object

• Invoked APIs securely through Flex Gateway

• Logged decisions and context snapshots in Data Cloud for traceability

Outcomes

• Time Saved: 3,300+ hours/month saved through automation

• Security: 100% prompt-level policy enforcement & context isolation

• Compliance: Fully auditable agent logs with session context tracking

• Experience: Faster claim resolution with real-time coordination

Key Success Factors

• Using MCP as a shared trust fabric between agents

• Applying runtime policies through Flex Gateway, not code rewrites

• Centralizing customer and agent memory using Data Cloud as context anchor

• Proactive redaction and masking of sensitive data via Trust Layer

Scalable Beyond Claims

This architecture is now being adapted for:

• Prior authorization workflows

• AI-based billing queries

• Customer onboarding agents

• HR and payroll process automation

Related Topics

• What is MCP and How It Works

• Agent-to-Agent API Patterns

• Building AI Trust with Flex Gateway