PUBLISHED on 13 April 2026, Cloudflare’s post describes dynamic, identity-aware, and secure Sandbox authentication via outbound Workers. It explains that Sandboxes can route egress through programmatic proxies to connect to services, add observability, and inject credentials safely, improving authentication for agents.
The piece emphasises zero-trust, simplicity, flexibility, observability, performance, transparency, and dynamism as ideal traits for the auth mechanism, and argues outbound Workers meet these criteria. A quick example shows how outboundByHost can inject a secret token into requests to a domain such as “github[.]com” without exposing the token to the sandboxed agent. The article also covers TLS support with MITM proxying, where a per-sandbox ephemeral CA is created and trusted, enabling secure content inspection.
It notes that outbound traffic is proxied by a Cloudflare-isolated process on the same machine as the sandbox VM, with local development mirroring production via wrangler dev and a sidecar called proxy-everything. According to Cloudflare, these capabilities aim to simplify integration with other Cloudflare services while strengthening access controls for AI-enabled sandboxes.