Why production deployment is different
Production environments require different controls than dev or staging. AI agents in production interact with real customers, real data, and real systems. A failed workflow in production can create customer-facing errors, data corruption, or compliance violations.
Production deployment is not just about making the agent work. It requires approval gates, scoped permissions, audit trails, failure handling, and rollback procedures. Deploy with these controls from day one.
Deployment steps
Follow these steps to deploy AI agents in production with proper governance and control.
1. Set approval gates before first deployment
Configure approval rules before the agent executes any action. Set approval-first mode for all write actions (create, update, delete). Route approvals to department leads, not the technical owner. The department lead understands the business context and can approve actions quickly.
Keep high-risk actions under approval permanently. High-risk actions include deletes, refunds, external communication, and financial transactions. Even after automating low-risk workflows, keep approval gates on high-risk actions.
2. Scope permissions to minimum required access
Start with read-only access. Add write permissions workflow by workflow. Never grant admin, owner, or delete permissions unless absolutely required. If delete permissions are required, gate all delete actions with human approval.
Use OAuth scopes to limit what the agent can access. For example, a Salesforce lead routing agent only needs read access to leads and write access to lead owner field. It does not need access to opportunities, accounts, or admin settings.
3. Establish audit trail before first execution
Turn on audit logging before deploying the agent. Log every action the agent proposes, every approval decision, every execution result, and every failure. Store logs for at least 90 days.
Make the audit trail visible to department leads and the technical owner. They should be able to review what the agent did, when it did it, and who approved it without asking for access.
4. Deploy in approval-first mode for two weeks
Run the agent in approval-first mode for at least two weeks. Review the approval rate, accuracy, and failure rate daily. Do not automate until the approval rate is 95%+ for one week.
After two weeks, automate low-risk workflows and keep approval gates on high-risk actions. Review the audit trail daily instead of reviewing every action manually.
5. Configure failure handling and rollback
Set up failure notifications, circuit breakers, and rollback procedures before deploying. If the agent fails three times in a row, disable it automatically and alert the owner. Keep a manual fallback process ready.
Document the rollback procedure. If the agent causes an issue, the department lead should be able to disable it immediately and fall back to the manual process without waiting for the technical owner.
6. Test in production with one bounded workflow
Deploy one bounded workflow first. A bounded workflow has clear start and end conditions, operates on a small subset of data, and does not trigger cascading actions. For example, route leads created in the last 24 hours, not all leads.
Monitor the first workflow for one week before deploying the second. Prove stability and value before expanding.
Common pitfalls and solutions
| Pitfall | Solution |
|---|---|
| Deploying without approval gates | Always deploy in approval-first mode. Add automation after proving stability. |
| Granting too many permissions | Start with read-only, add write permissions workflow by workflow. |
| No audit trail | Turn on logging before first execution. Make logs visible to department leads. |
| Deploying multiple workflows at once | Deploy one workflow at a time. Prove stability for one week before adding the next. |
| No rollback procedure | Document rollback steps. Department lead should be able to disable agent immediately. |
| Automating high-risk actions | Keep approval gates on deletes, refunds, external communication, and financial transactions. |
Best practices
- Deploy one workflow at a time. Prove stability and value before expanding. After the first three workflows are stable, you can deploy adjacent workflows in parallel.
- Route approvals to department leads. The technical owner should not review every action. Department leads approve actions in their domain.
- Monitor the approval rate daily. If the approval rate drops below 90%, investigate immediately. The agent may be proposing incorrect actions.
- Keep high-risk actions under approval permanently. Automate low-risk workflows, but keep approval gates on deletes, refunds, external communication, and financial transactions.
- Document the rollback procedure. The department lead should be able to disable the agent and fall back to the manual process without waiting for the technical owner.
Frequently asked questions
Should AI agents run with approval gates in production?
Yes, initially. Deploy with approval-first mode for two weeks. After approval rate hits 95%+, automate low-risk workflows and keep approval gates for high-risk actions (deletes, refunds, external communication).
How do we handle agent failures in production?
Set up failure notifications, circuit breakers, and rollback procedures. If an agent fails three times in a row, disable it automatically and alert the owner. Keep a manual fallback process ready.
Can we deploy multiple agents at once?
Deploy one workflow at a time. Prove stability for one week before adding the next. After the first three workflows are stable, you can deploy adjacent workflows in parallel.
What permissions should production agents have?
Minimum required permissions only. Start with read-only access, add write access workflow by workflow. Never grant admin or delete permissions unless absolutely required and always gate those actions with human approval.