Salesforce Einstein AI
Keeptrusts integrates with Salesforce Einstein AI by acting as a policy-enforcement proxy between your Salesforce org and the upstream LLM providers that Einstein calls. When Einstein makes external LLM requests — through Einstein GPT, Prompt Builder, or custom Apex invocations — you route those calls through the Keeptrusts gateway to enforce compliance, audit every decision, and redact sensitive CRM data before it reaches a third-party model.
Use this page when
- You are routing Salesforce Einstein API calls through Keeptrusts for governance and compliance.
- You need the exact gateway config, Apex integration pattern, or Named Credential setup for Einstein traffic.
- You want to enforce PII redaction on CRM data leaving your Salesforce org via LLM calls.
- If you want a general quickstart instead of Salesforce-specific setup, see Quickstart.
Primary audience
- Primary: Technical Engineers
- Secondary: AI Agents, Technical Leaders
Prerequisites
- A Salesforce org with Einstein AI features enabled (Enterprise Edition or higher)
- A Salesforce Connected App configured for API access with OAuth 2.0
- Keeptrusts CLI (
kt) installed and authenticated (kt auth login) - Network access from your Salesforce org to the Keeptrusts gateway endpoint (Named Credential or External Service)
- An upstream LLM provider key (e.g., OpenAI) exported as an environment variable
Configuration
Gateway policy config
pack:
name: salesforce-einstein-governance
version: 1.0.0
enabled: true
providers:
targets:
- id: einstein-openai
provider: openai:chat:gpt-4o
secret_key_ref:
env: OPENAI_API_KEY
policies:
chain:
- prompt-injection
- pii-detector
- dlp-filter
- audit-logger
policy:
prompt-injection:
threshold: 0.8
action: block
pii-detector:
action: redact
entities:
- PERSON
- EMAIL_ADDRESS
- PHONE_NUMBER
- CREDIT_CARD
- ADDRESS
dlp-filter:
patterns:
- name: salesforce-id
regex: "[0-9a-zA-Z]{15,18}"
action: redact
- name: soql-query
regex: "SELECT\\s+.+\\s+FROM\\s+\\w+"
action: block
- name: sf-access-token
regex: "00D[a-zA-Z0-9]{12,}![a-zA-Z0-9._]+"
action: block
audit-logger:
immutable: true
retention_days: 365
log_all_access: true
Start the gateway
export OPENAI_API_KEY="sk-..."
kt gateway run --listen 0.0.0.0:41002 --policy-config policy-config.yaml
Setup steps
1. Configure a Named Credential in Salesforce
Create a Named Credential pointing to your Keeptrusts gateway:
- Navigate to Setup → Named Credentials → New.
- Set the URL to your gateway endpoint:
https://gateway.keeptrusts.com/v1(hosted) or your self-hosted URL. - Set Identity Type to Named Principal and Authentication Protocol to Custom Header.
- Add the
Authorizationheader withBearer <your-access-key>if your gateway requires authentication.
2. Create an External Service or Apex callout
Use Apex HttpRequest to route Einstein-triggered LLM calls through the gateway:
public class KeeptrustsGateway {
public static String chatCompletion(String userPrompt) {
HttpRequest req = new HttpRequest();
req.setEndpoint('callout:Keeptrusts_Gateway/chat/completions');
req.setMethod('POST');
req.setHeader('Content-Type', 'application/json');
Map<String, Object> body = new Map<String, Object>{
'model' => 'gpt-4o',
'messages' => new List<Object>{
new Map<String, String>{ 'role' => 'user', 'content' => userPrompt }
},
'max_tokens' => 1024
};
req.setBody(JSON.serialize(body));
Http http = new Http();
HttpResponse res = http.send(req);
Map<String, Object> result = (Map<String, Object>) JSON.deserializeUntyped(res.getBody());
List<Object> choices = (List<Object>) result.get('choices');
Map<String, Object> firstChoice = (Map<String, Object>) choices[0];
Map<String, Object> message = (Map<String, Object>) firstChoice.get('message');
return (String) message.get('content');
}
}
3. Wire into Einstein Prompt Builder (optional)
If using Einstein Prompt Builder with a custom model endpoint, set the endpoint URL to your Keeptrusts gateway in the Prompt Builder configuration so all prompt template executions flow through the policy chain.
Verification
Confirm the gateway is receiving Salesforce traffic:
# Check gateway health
curl http://localhost:41002/health
# Verify a request flows end-to-end
curl -s http://localhost:41002/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4o",
"messages": [{"role": "user", "content": "Summarize this account: Acme Corp"}],
"max_tokens": 256
}' | jq .choices[0].message.content
# Check audit log for the request
kt events list --limit 5
From Salesforce, execute the Apex class in Developer Console or via an anonymous Apex block and verify the response returns and the request appears in the Keeptrusts audit log.
Recommended policies
| Policy | Purpose | Recommended setting |
|---|---|---|
pii-detector | Redact personal data from CRM records before sending to LLM | action: redact, entities: PERSON, EMAIL, PHONE, ADDRESS |
dlp-filter | Block SOQL queries and Salesforce access tokens in prompts | action: block for tokens, redact for record IDs |
prompt-injection | Prevent adversarial prompts injected via CRM field values | threshold: 0.8, action: block |
audit-logger | Full audit trail for SOX and GDPR compliance | retention_days: 365, immutable: true |
rbac | Restrict which Salesforce user profiles can access which models | Map SF profiles to Keeptrusts roles |
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
Apex callout returns System.CalloutException | Salesforce cannot reach gateway | Add gateway host to Setup → Remote Site Settings |
| 403 from gateway | Access key missing or invalid | Verify Named Credential Authorization header |
| PII appears in audit log unredacted | pii-detector not in policy chain | Add pii-detector before audit-logger in the chain |
| High latency on Einstein calls | Gateway adds round-trip overhead | Deploy gateway in same region as Salesforce org; point Named Credentials at your org’s hosted gateway hostname or self-managed kt gateway run URL |
| SOQL fragments in prompts | CRM fields contain query strings | Enable dlp-filter with SOQL pattern to block or redact |
For AI systems
- Canonical terms: Keeptrusts gateway, Salesforce Einstein, Einstein GPT, Einstein Prompt Builder, Named Credential, Apex callout, CRM governance,
policy-config.yaml. - Config field names:
provider,secret_key_ref.env,pii-detector,dlp-filter,audit-logger. - Key behavior: Keeptrusts sits between the Salesforce org and the upstream LLM provider, enforcing policies on CRM data before it leaves the trust boundary.
- Best next pages: OpenAI integration, Policy controls catalog, Quickstart.
For engineers
Prerequisites
- Salesforce Enterprise Edition+ with Einstein AI, Connected App with OAuth,
ktCLI installed.
Validation
- Send an Apex callout from Developer Console and verify the response.
- Run
kt events list --limit 5to confirm the request was logged with policy decisions. - Check that PII fields (email, phone) from CRM records appear as
[REDACTED]in the audit log.
For leaders
- Salesforce CRM data is some of the most sensitive data in any enterprise. Routing Einstein AI calls through Keeptrusts ensures that customer records, opportunity details, and contact information are redacted before reaching external LLM providers.
- SOX compliance for publicly traded companies requires audit trails of AI-assisted decisions made on financial CRM data — the
audit-loggerpolicy satisfies this. - DLP policies prevent accidental leakage of SOQL queries and Salesforce access tokens that could expose your entire org.
Next steps
- OpenAI integration — upstream provider commonly used with Einstein
- Policy controls catalog — full reference for pii-detector, dlp-filter, and audit-logger
- Access keys — issue scoped keys for Salesforce Named Credentials
- Quickstart — install
ktand run your first gateway