ActionPlane

AI internal controls for systems of record

Stop AI agents from writing the wrong thing to Salesforce, ServiceNow, and HubSpot.

Every proposed write gets a field-level preview, a policy decision, an audit record, and a rollback plan — before it hits production.

See the demo How it works

What the operator sees

A governed agent action before execution

Approval required

StageName

Proposal → Closed Won

Amount

$50,000 → $75,000

CloseDate

2026-09-30 → 2026-12-15

NextStep

Send updated quote → Kick off implementation

Why it stopped

The +50% Amount jump tripped the revenue-impact rule and required Sales Lead approval. Pre-image, post-image, audit, and a rollback plan attached to the same run before any live write could happen.

17 connectors

Live HTTP adapters

CRM, support, ERP, and finance — same governed-run model end to end.

552 tests

Zero failures

423 unit + 68 integration + 61 component — all runnable on dotnet test.

0 mutations

Auto-retried

POST, PATCH, PUT, and DELETE never auto-retry. Repeated failures trip the kill switch instead of duplicating writes.

1 run object

Pre-image to rollback

Preview, policy, approval, execution, audit, and recovery all attached to the same durable run.

Reviewable run Every agent action becomes a durable run with preview, policy, approval, execution, audit, and rollback — replayable end to end.

Selective escalation Approval matrices route only risky writes to a human. Low-risk actions auto-execute under policy without a review step.

Operational proof Audit, artifacts, Console traces, and Reliability Lab replays all reference the same run — no scattered logs.

Where it fits

12 sandbox-ready connectors. 5 staged ERP and finance lanes. 6 expansion seams.

Salesforce, Dynamics 365 Sales, HubSpot, Zoho, Oracle Fusion Sales, SAP Sales Cloud, Salesforce Service Cloud, ServiceNow, Jira Service Management, Zendesk, Freshdesk, and Intercom share the same policy, approval, execution, and recovery semantics. NetSuite, Dynamics 365 Finance, Workday Financials, SAP S/4HANA, and Oracle Fusion ERP reuse the same governed-run model.

Connector matrix Pricing

Try it

Run a governed write against a Salesforce-shaped sample.

The deterministic sandbox walks you through preview, policy, approval, execution, and rollback on a Salesforce-shaped Opportunity update. Email signup; no Salesforce credentials needed.

See the demo Connect your sandbox

30-day proof

The integration test is the proof.

One end-to-end test exercises the full path: API-key agent → /v1/action-requests → policy decision → human approval → connector adapter execution → audit lineage → rollback. Runs on dotnet test.

[Fact]
public async Task ExternalAgentApprovalExecutionAuditRollbackAndReplay_ShouldWorkEndToEnd()
{
    // External agent posts to /v1/action-requests with an API key
    submitResponse.StatusCode.Should().Be(HttpStatusCode.Accepted);

    // Policy decision routes the action to a human approval matrix
    submitted.RequiresApproval.Should().BeTrue();
    submitted.PreviewAvailable.Should().BeTrue();
    submitted.RollbackPlanAvailable.Should().BeTrue();

    // Operator approves through the same service the console uses
    approveResponse.StatusCode.Should().Be(HttpStatusCode.OK);

    // Registered connector adapter executes the action
    completedRun.ResultJson.Should().Contain("connector-execution");

    // Audit lineage and rollback stay attached to the same run
    auditEvents.Should().NotBeEmpty();
}

View the test Read the doc API quickstart

Pricing

$0 → $4,999/mo. Marketplace-only. No contact-sales tier.

Free Developer with 500 governed runs/month. Starter $99, Team $499, Business $1,999, Scale $4,999, all on Azure Marketplace with published per-run overage. AWS Marketplace listing is planned. The price is the price — no negotiation, no private offers, no tier above Scale.

See pricing tiers Marketplace