The era of agentic AI has arrived, and enterprises are finding out that they can do more with artificial intelligence than just chatbots. For example, what used to take sales representatives 30 to 40 minutes in generating a quote for a client can now be done in three to four minutes.
Bhaskar Roy, Chief of AI Products & Solutions at Workato, shared how agentic AI is unlocking new capabilities for enterprises, particularly for sales teams.
How is Workato helping sales reps generate quotes faster?
The entire knowledge base, as we call it, can be in various CPQ (configure, price, quote) systems, or in various quotes that were generated — all of that is used to train the AI model. We connect the AI to the CPQ, CRM, and various finance systems, because that’s where the approvals happen. We provide all of that input to the AI agent, and we also start providing guidance, such as for enterprise codes like XYZ — this is the knowledge base to look at. For that kind of quote, you provide guidance so the AI agents learn from it. Once that happens, the quote creation becomes conversational.
One particular customer of ours is using Microsoft Teams. The sales rep initiates the quote process directly in Teams, specifying the customer and terms. The AI agent responds by referencing existing data in the CRM — including opportunities, customer profiles, and contacts — and begins guiding the rep through the process. It verifies the quote’s intent, checks for similar past quotes, and, if applicable, recommends adding implementation services to ensure the customer can go live. This guidance is based on historical patterns. The agent supports the sales rep step by step, and once everything is in place and confirmed, it sends the completed quote to the deal desk for approval.
There are two sides where this creates an advantage. One is on the sales rep’s side, because quotes are improving and take less time to create. On the deal desk side, they were previously receiving poor-quality quotes and would have to ask the sales rep to revise them. That’s no longer the case. Errors are caught early in the process, which makes the deal desks more efficient. The overall quote approval process improves.
Can sales reps access knowledge trained on team data? Wouldn’t it be going beyond my remit?
I don’t see that as a concern, because when we pull the knowledge base into the agent, we also pull the associated metadata, which includes access control lists. These define what I have permission to do — X, Y, Z, and so on — and are tied to various IDs. The access control list is part of the knowledge base, so when the agent responds or takes action, it already knows whether the person has access to that information.
From an operational perspective, with the volume of deals being done, there are patterns that apply across the board. When we crawl the knowledge base, we don’t just upload everything into a vectorised RAG. We use LLMs to identify patterns, determine what’s generic, and store that in a separate vector database. Access-controlled or accumulated knowledge is stored separately. This allows us to distinguish what should be permission-based and what should be general, and that distinction is made during the crawling process itself. So when the agent responds to a sales rep, it already knows where to look.
Most enterprise AI is surface-level. Can it penetrate core systems such as ERP?
That’s a big part of what we’re doing with our customers. A Gartner report that came out some time ago — called the “AI agency gap” — highlighted that most efforts are still happening at the edges. The typical use case is content generation, like email.
With agentic AI, the transformation of business operations becomes very critical. That’s where we’re seeing quite a bit of success within our customer base, as they adopt it and look at their core business processes, which vary from function to function. We’re seeing four areas of adoption among our customers.
- The first is IT, often starting with the help desk — an easier use case in some ways. An agent runs in the background to fulfil the request when someone needs access to software, for example.
- The second is HR.
- The third is sales, where agents help with everything from lead management to accelerating close rates.
- The fourth is customer support, a core process that people are automating.
Automation is the biggest use case for AI. How can customers really use AI and agents to drive all that automation? There are customers in different industries where the core processes are very different. For example, you have a construction company who’s using Workato, and when they’re going through various changes in their designs — what’s the business impact if you break this wall, or convert this room, or make some other set of modifications? AI is analysing those, and it’s also able to take action by identifying the impact, explaining why a change should or shouldn’t be made, and managing that entire construction lifecycle until the project goes live.
We’re seeing strong use cases for agentic AI, and its core strength is the ability to take action. That’s been Workato’s focus — executing actions across systems. Orchestrating those workflows has been our bread and butter for the past 10 years.
Our agentic AI layer is deeply built into the platform itself. This is what we call Workato One, where it’s not just about standard orchestration, but also about having agents do all the orchestration. If you think about it, our agents are wired into various apps and systems — whether it’s SAP, Oracle, or others — so they can pull information or take action directly within those environments. Our agents are built around that. That’s a core proposition we bring to customers. We tell them: don’t just think of chatbots and knowledge deflection. That’s one part, and it’s extremely valuable because you’re providing answers right away. But the core business value comes once you’re able to orchestrate and take multi-step actions.
How do you ensure AI doesn’t fail more often than rules-based systems?
The core part of a rules-based system involves what we call recipes — executable workflows. AI, by contrast, is probabilistic. It will make mistakes and run into challenges. But when it comes time to take action, that’s handled through what we call skills, which are simplified recipes. So, when you’re performing an action on a system, those steps are always deterministic.
On the front end, agents receive instruction through guidance — from knowledge bases, articles, or prompts — to help them decide how to orchestrate a multi-step action. But when it comes to execution, those actions are deterministic, which is the balance that our customers like. Enterprises already have established processes. They no longer need to code those processes entirely into recipes. Instead, they build action-oriented skills.
The second part is permissions. For example, if I’m an Account Executive asking AI to update opportunities or accounts in Salesforce, it should only be able to make changes to the objects I’m authorised to access. I shouldn’t be able to update another person’s Salesforce accounts.
We have a patented technology called agent authentication. It allows customers to specify when an action should be taken. First, the system co-authenticates the user against the relevant platform. Once authenticated, it checks permissions before proceeding. This adds a governance or safeguard layer whenever the agent interacts with enterprise systems.
On the front end, we also apply guardrails. The agent is assigned certain capabilities — or what we call skills — such as A, B, C, and D, and customers can configure these. That way, the agent can’t go off track, because it’s limited to a set of clearly defined actions. These skills are executed on the back end as deterministic recipes, so the AI agent stays within clearly defined bounds. These constraints help reduce hallucinations. And if the agent does attempt something outside its permissions, it can recognise that and say, “You don’t have the permission to do that.”
That’s how we’re approaching this, and it’s something our customers are gravitating towards. They prefer having clear guardrails around what the AI can and cannot do, rather than leaving things to chance by connecting every system and allowing the AI to make unchecked changes. That’s too big of a risk at this stage.
