Expose botId as a design-time property, so admins can wire up the agent without touching code (a <property name="botId" type="String"> entry in the bundle’s .js-meta.xml targetConfig). botId can be obtained from the URL in Agentforce Builder.

Apex updates

API version 67.0 reinforces Apex security with safer defaults, and adds some long-requested ergonomics along the way. 

Database operations run in user mode by default

SOQL, SOSL, DML, and Database (see docs) methods now default to user mode instead of system mode, so ever operation enforces the running user’s object permissions, field-level security (FLS), and sharing rules. The platform no longer assumes that the surface in front of it has already filtered the data; elevated access is now something you opt into explicitly.

with sharing is the new default, and WITH SECURITY_ENFORCED is retired

Two changes reinforce the same idea. A class compiled at 67.0 with no sharing keyword now defaults to with sharing (previously without sharing), so bypassing sharing is now a deliberate without sharing declaration. And the old WITH SECURITY_ENFORCED clause no longer compiles.

Here’s the exact error from a 67.0 org:

WITH USER_MODE isn’t just a rename. It handles polymorphic fields (Owner, Task.whatId), checks the WHERE clause and not just the SELECT list, and reports every FLS violation instead of only the first, which you can read off the QueryException.

Multiline strings and String.template()

Triple single-quotes (''') give you real multiline string literals — no more + '\n' + chains for JSON payloads, email bodies, or SOQL. And String.template() (see docs) does named interpolation with ${variableName} placeholders, replacing the index-juggling of String.format().

Below is example Apex code showing multiline string and templating in action.

Two things to keep in mind when running this:

• The newline right after the opening ''' is trimmed, so the literal above starts with {, not a blank line.
• String.template() renders a Datetime in GMT using yyyy-MM-dd HH:mm:ss, not the user’s local time in the way that String.valueOf() does. Format it yourself if you need a specific zone.

Integration tests for Agentforce and Data 360 (Developer Preview)

Integration tests for Agentforce and Data 360 are currently in Developer Preview and are supported in scratch orgs only. Standard unit tests mock every callout and roll back data, which prevents asserting on real Agentforce or Data 360 interactions. The new @IntegrationTest annotation overcomes these limitations by allowing live callouts and enabling data commits mid-transaction using IntegrationTest.commitTestOnly(), with cleanup handled in a @TearDown method. To enable this, add ‘ApexIntegrationTests‘ to the features array in your scratch org definition file. These tests run asynchronously, one at a time, via the Tooling API’s runTestsAsynchronous resource.

Elastic limits, trigger system mode, and other Apex changes

• Elastic limits for async jobs (Beta): Enqueue Queueable and @future jobs up to twice your licensed daily limit instead of hitting a hard wall; overflow is throttled, not rejected. Track it with the new DailyAsyncApexElasticExecutions and DailyAsyncApexProcessed entries in System.OrgLimits.getMap().
• Apex triggers always run in system mode: Triggers now uniformly bypass sharing/FLS and can’t declare sharing or access modes. Push security-sensitive logic into a handler class where you control the access mode.
• Block anonymous Apex from managed packages: Managed package session IDs can no longer authenticate anonymous Apex. Enforced Summer ’27 — package authors should move to a shared global interface plus Type.forName().
• No-arg constructors required for invocable-action parameter classes: Any custom Apex type used as an invocable action input must expose a visible no-argument constructor (public, or global for packaged classes). This applies to Apex at API version 67.0 and beyond.

Agentforce monthly updates

Agentforce enables you to customize pre-built agents, or create and deploy enterprise-ready agents, that work across Salesforce apps, Slack, and third-party platforms. We’re adding some important developer features in the upcoming monthly releases.

Agentforce Builder and Agent Script are Generally Available (GA)

Agent Script — a scripting language for AI agents that gives builders precise control by blending deterministic rules with agentic reasoning — and the new Agentforce Builder are now generally available.

• The new builder is the default: Starting the week of July 13, 2026, the New Agent button no longer opens the legacy builder in Setup. New agents are created only in the new Agentforce Builder.
• One-click upgrade: Upgrading a legacy agent converts all subagents, actions, system messages, data, and connections to Agent Script, then optionally optimizes it for reliability.
• Models are configurable in script: Pin the model for an agent directly in Agent Script rather than relying only on the org-wide model option.

Agent Script is now open source

Salesforce open-sourced the Agent Script toolchain under an Apache 2.0 license: parser, linter, compiler, Language Server Protocol (LSP), and editor integrations.

This lets developers build custom tools. We’re excited to see the community (shout out to Jason Lantz) building new tools with the open-source Agent Script.

Skills for Agentforce development

The sf-skills GitHub repo covered above under “Agent Skills for Coding Agents” also includes skills that teach AI coding assistants to build, test and observe Agentforce.

Agentforce Data Library Connect API (Beta)

Agentforce Data Libraries (ADL) ground an agent in your trusted content. They index Knowledge articles or uploaded files into a vector search index and expose a retriever for retrieval-augmented generation (RAG). Creating one used to be a manual step in Setup; the new ADL Connect API (Beta) makes the whole lifecycle scriptable and ready for continuous integration/continuous delivery (CI/CD). It’s the data half of Headless 360 — grounding itself becomes an API.

All endpoints sit under the base resource: /services/data/v67.0/einstein/data-libraries

There are five steps to provisioning a file-based library and grounding an agent on it:

Step 1: Create the library

A single POST — note sourceType — is nested under groundingSource (SFDRIVE for files, or KNOWLEDGE / RETRIEVER). The response returns the libraryId that every later step needs.

Step 2: Wait for upload readiness

Poll GET …/{libraryId}/upload-readiness until it reports ready. Data 360 is provisioning the objects that hold your file metadata behind the scenes.

Step 3: Upload the file

Request a pre-signed S3 URL from POST …/{libraryId}/file-upload-urls, then PUT the file straight to that URL (forward the returned headers verbatim, or S3 rejects it with a 403).

Step 4: Index it

Trigger POST …/{libraryId}/indexing to chunk, embed, and build the retriever. Then poll GET …/{libraryId} and treat the library as ready when retrieverId goes non-null — not when the top-level status flips, which lags the retriever by 10–30 minutes.

Step 5: Ground the agent

Wire the finished library into a .agent file’s knowledge: block, then invoke AnswerQuestionsWithKnowledge from a subagent. The rag_feature_config_id is "ARFPC_" + the libraryId — not the raw ID.

Agentforce Mobile SDK

The Agentforce Mobile SDK (Software Development Kit) embeds your agents in native iOS, Android, and React Native apps, as a pre-built chat UI or headless, where you own the UI. Three things landed for Summer ’26:

React Native: One codebase, both platforms

One TypeScript codebase ships the agent to both iOS and Android. You work through a single object, AgentforceService, and the whole integration is three calls: configure → (optional) add context → launch. First decide which kind of agent you’re embedding, for example:

• Service Agent: Customer-facing and anonymous (no login). Best for support in a public app.
• Employee Agent: Internal and authenticated. The SDK gets OAuth tokens from the Salesforce Mobile SDK.

To integrate the Agentforce Mobile SDK into your React native mobile applications, follow these three steps. These steps are essential to establish a secure, authorized connection between your application and your chosen agent.

Step 1: Configure the agent

First, tell the SDK which agent to connect to. The fields differ slightly by type, so here’s each one:

Step 2: Add session context (optional)

Pass typed variables that the agent can use to personalize its replies, for example, the identity of the user.

Step 3: Launch

Open the SDK’s pre-built native chat screen.

Embed the Agentforce as a native iOS chat screen

The SDK gives you a ready-made chat screen to drop into your iOS app. You write a small bit of code that supplies the logged-in user’s access token, then point it at your published agent’s Bot Id (the 18-character ID you get when you publish). The SDK returns a complete native chat view that you present like any other screen. The screenshot below is our Order Support Agent answering live inside that app.

Make agent replies rich, on every surface, with Custom Lightning Types

Notice the reply in the above screenshot is a clean card — an order number, a green Shipped badge, dates, and a total — not a raw list of field names and values. That’s Custom Lightning Types. When an agent action returns structured data, a custom Lightning type lets you attach a purpose-built UI to that data, so the agent shows a designed component instead of plain text. 

Note that Custom Lightning Types is a cross-surface feature, not mobile specifically. You define it once against the action’s output, and it renders idiomatically on every surface where the agent runs — a Lightning web component on desktop and web, and the matching native UI in a mobile app.

Multi-Agent Orchestration (Beta)

Real workflows rarely fit a standalone agent. With Multi-Agent Orchestration, an orchestrator agent connects to other specialized agents in your org and presents one unified point of contact, so users handle cross-domain tasks without juggling separate sessions.

In Agentforce Builder, open a draft agent as your orchestrator, then from the Explorer panel click + → Connect Agent as Subagent (Beta) and give each connected subagent a description that governs its behavior. With Agent Router, you add each subagent under Actions Available for Reasoning and reference it with @.

Observability: Custom Scorers (Beta)

Refined Agent Analytics unifies Service Agent and Employee Agent analytics into one view with 40+ metrics. On top of that, Custom Scorers (Beta) lets you grade sessions against your own key performance indicators (KPIs) — Sentiment, Tone of Voice, Product Interest, Escalation Trigger, Politeness — alongside Salesforce’s standard quality metrics.

For developers, the workflow matters most: build scorers with Next Gen Testing in Agentforce Studio or deploy them via the Metadata API (using aiAgentScorerDefinitions), so they live in source control, then activate them from the Scorer Hub to run on live sessions. Custom Scorers require the Agentforce Scorer Beta permission set.

Data 360 monthly updates

Like Agentforce, Data 360 features are released as often as monthly, so check the monthly section of the release notes often. Here are the developer-relevant highlights currently slated for the Summer ’26 timeframe.

Query Data 360 more precisely

Use the new SET OPTIONS clause (see docs) in SOQL queries to specify Data 360 dataspaces and control how NULL and empty string values are handled. When querying Data 360 data lake objects, add the clause at the end of your SOQL query to get more precise results.

The clause goes at the very end. Dataspace is required for DLO queries — omit it and the query returns zero records. honorEmptyStrings = true makes Data 360 treat NULL and '' as distinct values; the default, false, collapses them the way Salesforce Platform objects do.

Extend Data 360 with custom code using Code Extension

Code Extension is a Data 360 feature that allows you to deploy custom Python scripts and functions that run on isolated containers on the platform. Currently, code extensions support deploying functions for complex batch data transformations, such as string manipulation, custom computations, or data cleansing, and deploying scripts that implement custom chunking logic on search index creation. In the future, Code Extension will support other Data 360 capabilities and programming languages.

You write and debug Python scripts locally using the project scaffold provided by the Data Custom Code Python SDK and the Salesforce CLI Code Extension plugin, validating them with the Salesforce CLI against a sandbox. Then, you deploy them to the sandbox and run them. There you can monitor them through the new code extensions log DLO. While developers author the code, users with the Data Cloud Architect permission set run and monitor it. We strongly recommend using the new code extension skill in afv-library to automate building, debugging, and deploying, and the new Data 360 MCP Server to run and monitor them.

Watch a demo of how to work with code extensions.

Deploy code extension components using data kits

Use a DevOps data kit to move code extensions or the data transforms built from them, from sandbox to production. When you add such a data transform to your data kit, its associated code extension is automatically included. This enables headless DevOps workflows; your CI/CD pipeline can promote Data 360 logic the same way it promotes Apex and LWC metadata.

Agentforce 360 Platform development tool updates

The Summer ’26 pro-code toolchain picked up a few notable upgrades:

• Agenforce Vibes 2.0 (Developer Preview): The first public pre-release of Agentforce Vibes 2.0 is here. This agentic development environment does far more than generate code. It reasons through complex tasks, builds structured implementation plans, and asks clarifying questions before acting. You stay in control through approvals, permissions, and native VS Code diff reviews. This release gives you a redesigned multi-tab chat experience and Plan Mode for breaking down complex work. You also get deeper Model Context Protocol (MCP) integration, built-in Skills and Rules, live Lightning Web Component previews, and the latest Claude and GPT models in one unified picker.
• Web Console (Beta): This is a full IDE that runs inside your org, right in the browser. Write, debug, and deploy Apex, LWC, and other metadata without leaving Salesforce. You can edit and save classes, run anonymous Apex, and set trace flags and debug log levels in one place. It differs from the Agentforce Vibes (AFV) IDE in three ways: it’s available on every org, it loads faster, and it runs entirely in the browser. The trade-off is that it supports only Salesforce-provided extensions, not custom ones. Reach for it for quick, in-org edits, and use the AFV IDE when you need a richer, extensible environment. Enable it in Setup under Development → Web Console (Beta).
• Live Preview VS Code Extension: This is the renamed Local Dev. See a single Lightning web component update in real time as you edit it, either in the browser or inside VS Code and the Agentforce Web IDE, using the Live Preview extension.
• Metadata Visualizer vs Code Extension: This extension turns raw metadata files into interactive diagrams, so you can see structure and relationships at a glance instead of reading XML. It updates in real time as you edit, and plugs into Agentforce Vibes to visualize AI-generated metadata. This extension is actively developed and currently supports visualizers for objects, permission sets and flexipages (Beta). Additional metadata visualizers are scheduled for delivery.

Conclusion

Summer ’26 is the release that makes Salesforce truly headless. Every major capability — data, automation, grounding, and agents — is now reachable from a CLI, an API, your IDE, or an autonomous AI agent, with security enforced by default. For you, that means less glue code, safer defaults, and quicker feedback as you code — whether you build with Apex, LWC, or Agent Script.

The best way to get ready is to spin up a sandbox, scratch org or a developer edition org and try these features before they reach production. Have questions, or want to share what you’re building? Join the conversation in the Salesforce Developers Trailblazer Community, or connect with us on the Salesforce Developers channels.

More Summer ’26 learning resources

• Read the official release notes
• Join the Salesforce Developers Trailblazer Community group to connect with the global developer community
• Join the Release Readiness Trailblazers Community group to get early access to release information and discuss changes with other developers

About the author

Mohith Shrivastava is a Principal Developer Advocate at Salesforce with 15 years of experience building enterprise-scale products on the Agentforce 360 Platform. Mohith is currently among the lead contributors on Salesforce Stack Exchange, a developer forum where Salesforce Developers can ask questions and share knowledge. You can follow him on LinkedIn.