Cloudflare gives agents identities

An artificial intelligence agent is software that can act on its own, and Cloudflare now wants each one to have its own network identity. On April 14, 2026, the company launched Cloudflare Mesh, a private networking system built to decide exactly which internal tools, databases, and services each agent can reach. (cloudflare.com) Cloudflare said Mesh ties together agents, employees, and systems running across laptops, office hardware, and multiple clouds into one private network fabric. The company said teams can apply access rules to an agent the same way they would to a human employee or a server process. (blog.cloudflare.com) The practical problem is simple: many agents need live access to private data to do useful work, but companies do not want a coding bot or support bot roaming freely through production systems. Cloudflare said Mesh works with Workers Virtual Private Cloud so developers can give agents scoped access to private application programming interfaces and databases without setting up manual tunnels. (blog.cloudflare.com) Cloudflare positioned the launch as part of a broader “Agent Cloud” push announced on April 13, 2026, with tools for building, deploying, and scaling autonomous agents on its network. That package includes developer infrastructure, security controls, and runtime services meant to move agents from laptop demos into production workloads. (cloudflare.com) The company has spent the past month filling in the pieces around that pitch. On March 24, Cloudflare introduced Dynamic Workers for sandboxing artificial-intelligence-generated code, and on April 14 it said Sandboxes were generally available with persistent environments, credential injection, and snapshots for agent sessions. (blog.cloudflare.com 1) (blog.cloudflare.com 2) Cloudflare is also adding more identity controls around non-human actors. In a separate April 14 post, it announced scannable application programming interface tokens, more OAuth visibility, and general availability for resource-scoped permissions, all aimed at tightening what agents and automation can do inside an organization. (blog.cloudflare.com) The timing reflects a shift in the market from chatbots that answer questions to agents that take actions inside company systems. In its April 12 “Agents Week” kickoff, Cloudflare argued that both the public internet and traditional cloud setups were built before autonomous software workers became a mainstream enterprise target. (blog.cloudflare.com) Cloudflare is not pitching Mesh as a model feature that depends on the behavior of a single large language model. Its press release said policy and segmentation sit in the network layer, so access rules can be enforced outside the model loop even when agents run across Amazon Web Services, Google Cloud, or on-premises systems. (cloudflare.com) OpenAI was one of the launch partners highlighted this week. In an April 13 post, OpenAI said Cloudflare was bringing OpenAI models and Codex into Agent Cloud so enterprises could build and run agents for real-world tasks with more security controls around deployment. (openai.com) Cloudflare’s bet is that companies will trust agents only if they can treat them less like a shared chatbot and more like named workers with badges, keys, and locked doors. Mesh is the company’s attempt to make that identity layer part of the network itself. (cloudflare.com)