The shift to agent-first commerce
Agent-first commerce marks a fundamental change in how shopping journeys are designed. Instead of navigating a series of clicks, users delegate decisions to intelligent agents that can discover, compare, negotiate, purchase, and support on their behalf. This blog explains how such capability requires more than an intelligent model. It requires a platform built on clear architectural boundaries, precise data access, strong identity, transparent policies, and a runtime environment that remains observable and safe at all times.
What an agent needs to operate effectively
The blog outlines how an agent functions as a goal-driven system that plans, reasons, and executes tasks across multiple steps. To operate safely in commerce, it must access catalogue data, pricing logic, inventory status, basket operations, checkout flows, order APIs, payment services, and loyalty programmes. It also depends on verified identity, explicit consent, and user preferences. Every interaction must pass through a policy layer that defines what is permitted and under which conditions.
Reference architecture at a glance
The blog presents a clear architectural model built on layered responsibilities. Each layer is designed for simplicity, testability, and long-term scalability.
1) Interaction layers
This section explains how Web, App, Messaging, Voice, and API channels form the unified entry point for users. It describes how conversational interfaces use memory controls, visible consent, and preference management while supporting both personal and workplace profiles.
2) Agent orchestration
The blog details how the orchestration layer coordinates tasks through a planner, a permissions-based tool registry, a session context manager, long term preference storage, safety filters, and an evaluation harness.
3) Commerce capabilities
It outlines the essential services that support agents. These include product catalogue, pricing and promotions, basket and checkout, payments and refunds, loyalty engines, orders and returns, and content and reviews.
4) Integration and data
This part shows how the platform connects through an event bus, webhooks, an API gateway, and a service mesh. It explains why vector search, a feature store, and strict data contracts with PII isolation are central to safe and accurate agent behaviour.
5) Trust and compliance
The blog highlights how identity and access control, passkeys, spend policies, approvals, and real time observability protect the system. It explains how the platform ensures compliance with GDPR, PCI DSS, and PSD2 SCA in the UK and EU.
6) Platform and operations
It describe how Kubernetes, secrets management, key management, canary deployments, metrics, logs, and dashboards maintain reliability and operational clarity.
The agent orchestrator
This section explains how the orchestrator functions as the operational brain. It decomposes goals into steps, selects tools, enforces latency and cost budgets, retries intelligently, and produces a complete decision trail. It also supports deterministic paths for sensitive actions such as checkout.
Tool adapters
The blog explores how adapters create uniform contracts for each system. They declare inputs, outputs, and permissions, ensuring every action flows through the relevant policy. Idempotency keys prevent accidental double calls, and comprehensive logging provides auditability.
Context and memory
It explains the separation between session context and long term memory. It highlights how memory must remain user controlled and consent based. For B2B scenarios, it describes segmentation into public, team, and private scopes.
Policy and safety
This part shows how rules define what agents can do, for whom, and within which limits. It provides examples such as order caps, category restrictions, merchant allowlists, and refund approvals. It stresses the importance of centralised rule management and real time evaluation.
Evaluation and sandboxing
The blog outlines how agents should be tested through golden paths, adversarial scenarios, and shadow mode comparisons. It emphasises tracking task success, latency, and safety violations, supported by detailed historical records.
Integration patterns with existing stacks
It explains how legacy and modern commerce platforms can support agents without major rewrites. It covers API gateways, event buses, webhooks, data contracts, and blended search methods across semantic and keyword retrieval.
Data for personalisation
This section shows how events, consented attributes, and user signals become features that guide agent decisions. It highlights the need for simple, transparent explanations for every personalised recommendation.
Security in the hot path
The blog describes why security must sit at the core of the architecture. It discusses passkeys, step-up checks, short-lived scopes, spend limits, real time risk scoring, and tamper evident logs. It also explains how PSD2 SCA and regulatory exemptions should be applied.
Build versus buy
It recommends buying commodity capabilities like payments, fraud screening, and observability, while building proprietary components such as policy logic, retrieval strategies, negotiation flows, and brand-specific service experiences.
Non-functional requirements
It stresses the importance of fast agent steps, safe caching, cost visibility, smaller support models, fallbacks, and multi-currency readiness across markets.
KPIs and governance
The blog highlights the metrics that matter. Task success. Conversion uplift. AOV. Margin protection. Customer effort. Approval deflection. Risk false positives. It recommends weekly reviews and iterative policy refinement.
Delivery roadmap
It concludes with a clear implementation path: discovery, MVP for shortlist and compare, controlled purchase pilots, category expansion, negotiation features, and ongoing optimisation through outcome-based training. It emphasises the need for a reliable rollback strategy at every stage.
