Salesforce Platform MCP Server
Create a powerful Model Context Protocol (MCP) server for Salesforce in minutes with our AI Gateway. This guide walks you through setting up seamless Salesforce integration with enterprise-grade security and instant OAuth authentication.
About Salesforce Platform API
Salesforce is the world's #1 CRM platform, serving over 150,000 companies globally. The Salesforce Platform API provides comprehensive access to your Salesforce org:
- Object Management: Create, read, update, and delete any standard or custom object
- SOQL Queries: Execute Salesforce Object Query Language for complex data retrieval
- Bulk Operations: Process large volumes of records efficiently
- Metadata API: Manage customizations and deployments programmatically
- Composite Resources: Combine multiple operations in a single request
- Event Streaming: Subscribe to real-time data changes
- Analytics API: Access reports, dashboards, and Einstein Analytics
- Workflow & Process: Trigger flows, approval processes, and automation
Key Features
- REST API: RESTful interface with JSON/XML support
- API Versions: Multiple API versions for backward compatibility
- Governor Limits: Daily API request limits based on edition
- Bulk API 2.0: Process millions of records asynchronously
- Composite API: Execute multiple operations in one call
- Multi-tenant: Secure isolation between organizations
- Event-Driven: Platform events and Change Data Capture
- OAuth 2.0: Industry-standard authentication
What You Can Do with Salesforce MCP Server
The MCP server transforms Salesforce's API into a natural language interface, enabling AI agents to:
Data Management & Analytics
-
Smart Data Operations
- "Find all opportunities closing this quarter worth over $100k"
- "Update all contacts from Acme Corp with the new email domain"
- "Create a new lead from the business card I just uploaded"
- "Show me accounts that haven't been contacted in 90 days"
-
Complex Queries
- "List accounts with open cases older than 30 days"
- "Find opportunities with products but no signed contracts"
- "Show contacts who attended events but aren't in any campaigns"
-
Bulk Operations
- "Import these 10,000 contacts from the CSV file"
- "Update territory assignments for all accounts in California"
- "Archive all closed opportunities from last fiscal year"
Sales Operations
-
Pipeline Management
- "Move all stalled opportunities to needs analysis stage"
- "Create follow-up tasks for opportunities closing next month"
- "Clone the successful opportunity structure for new deals"
-
Lead Processing
- "Score and route incoming leads based on company size"
- "Convert qualified leads with matching email domains"
- "Merge duplicate leads from the trade show list"
-
Territory & Assignment
- "Reassign accounts based on new territory model"
- "Balance opportunities across sales team members"
- "Create account teams for enterprise deals"
Reporting & Intelligence
-
Business Insights
- "Generate pipeline forecast for next quarter"
- "Analyze win/loss reasons by product category"
- "Compare team performance against quotas"
-
Data Quality
- "Find and merge duplicate records across all objects"
- "Identify incomplete records missing key fields"
- "Standardize phone numbers and addresses"
-
Executive Dashboards
- "Create a dashboard showing key metrics by region"
- "Export weekly sales activity report"
- "Track customer satisfaction scores by account"
Process Automation
-
Workflow Enhancement
- "Trigger approval process for all discounts over 20%"
- "Auto-create renewal opportunities 90 days before close"
- "Send alerts for accounts with declining engagement"
-
Integration Workflows
- "Sync new Salesforce contacts to marketing automation"
- "Create service tickets from case escalations"
- "Update ERP when opportunities close"
System Administration
-
User Management
- "Create user accounts for new sales team members"
- "Update profile permissions for marketing team"
- "Audit user login history for security review"
-
Customization
- "Add custom fields to track customer preferences"
- "Create validation rules for data quality"
- "Deploy new page layouts for service team"
Prerequisites
- Access to Cequence AI Gateway
- Salesforce organization (Developer, Sandbox, or Production)
- System Administrator profile or API-enabled user
- Connected App creation permissions
- OAuth 2.0 setup capability
Step 1: Create Salesforce Connected App
Before setting up the MCP server, you need to create a Connected App in Salesforce.
1.1 Access Salesforce Setup
- Log in to your Salesforce org
- Navigate to Setup (gear icon)
- In Quick Find, search for "App Manager"
- Click App Manager
1.2 Create Connected App
-
Click New Connected App
-
Fill in Basic Information:
- Connected App Name: "AI Gateway MCP Integration"
- API Name: Auto-populated
- Contact Email: Your admin email
-
Enable OAuth Settings:
- Check Enable OAuth Settings
- Callback URL:
https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback
-
Select OAuth Scopes (see Available Scopes section)
-
Configure additional settings:
- Require Secret for Web Server Flow: Check this
- Require Secret for Refresh Token Flow: Check this
- Enable Client Credentials Flow: Optional
-
Click Save
1.3 Get OAuth Credentials
- After saving, click Manage Consumer Details
- Verify your identity if prompted
- Note down:
- Consumer Key (Client ID)
- Consumer Secret (Client Secret)
1.4 Configure OAuth Policies
-
Click Manage on your Connected App
-
Click Edit Policies
-
Set OAuth policies:
- Permitted Users: All users may self-authorize
- IP Relaxation: Relax IP restrictions (if needed)
- Refresh Token Policy: Refresh token is valid until revoked
-
Click Save
Step 2: Access AI Gateway Apps
- Log in to your Cequence AI Gateway dashboard
- Navigate to Apps in the left sidebar
- You'll see the list of available third-party applications
Step 3: Find and Select Salesforce API
- In the Apps section, browse through the Third-party category
- Look for Salesforce Platform or use the search function
- Click on the Salesforce API card to view details
The Salesforce API card shows:
- Number of available endpoints
- Integration capabilities
- Quick description of functionality
Step 4: Create MCP Server
- Click the Create MCP Server button on the Salesforce API card
- You'll be redirected to the MCP Server creation wizard
Step 5: Configure API Endpoints
In the App Configuration step:
- Base URL will be configured as:
https://{instance}.salesforce.com - Select API endpoints to expose to your MCP server based on your needs
- Click Next to proceed
Step 6: MCP Server Basic Setup
Configure your MCP server details:
-
MCP Server Name: Enter a descriptive name
- Example: "Salesforce CRM Automation"
- This name will identify your server in the dashboard
-
Description (Optional): Add details about the server's purpose
- Example: "Automated CRM operations for sales and service teams"
-
Production Mode: Toggle based on your needs
- ON for production environments
- OFF for development/testing
-
Click Next to continue
Step 7: Configure Authentication
This is where you'll use your Salesforce Connected App credentials:
-
Authentication Type: Select OAuth 2.0
-
Fill in the OAuth configuration:
- Authorization URL:
For sandboxes:
https://login.salesforce.com/services/oauth2/authorizehttps://test.salesforce.com/services/oauth2/authorize - Token URL:
https://login.salesforce.com/services/oauth2/token - Client ID: Paste Consumer Key from Connected App
- Client Secret: Paste Consumer Secret from Connected App
- Redirect URI:
https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback
- Authorization URL:
-
Scopes: Select from the available Salesforce scopes (see next section)
Available Salesforce OAuth Scopes
Configure the appropriate scopes based on your application needs:
Core Access
-
api- Access and manage Salesforce data
- Execute SOQL and SOSL queries
- Access REST API resources
- Required for most operations
-
refresh_token- Obtain refresh token for long-lived access
- Essential for automation scenarios
- Allows token renewal without re-authentication
Extended Capabilities
-
full- Full access including exclusive app features
- Includes all standard permissions
- Access to all data and functionality
- Use with caution in production
-
id- Access identity URLs
- Retrieve user profile information
- Verify user identity
Specialized Access
-
custom_permissions- Access custom permissions in the org
- Required for custom security models
- Manage app-specific permissions
-
chatter_api- Access Chatter REST API
- Post to feeds, create groups
- Manage collaboration features
-
visualforce- Access Visualforce pages
- Required for custom UI integration
- Manage page-level operations
-
web- Access to application via web browser
- Required for web-based flows
- Includes basic app access
Recommended Scope Combinations
For Data Integration:
api
refresh_token
For Full CRM Automation:
api
refresh_token
full
id
For Custom Applications:
api
refresh_token
custom_permissions
visualforce
Step 8: Configure Security
Set up API protection features:
-
API Protection: Toggle ON to enable
- Protects against bot attacks, DDoS, and threats
- Monitors for suspicious activity
- Rate limiting and anomaly detection
-
Protection Features (when enabled):
- Auto-scaling protection
- Managed infrastructure
- Built-in monitoring
- Zero maintenance required
-
Click Next to continue
Step 9: Choose Deployment Method
Select your deployment preference:
Option A: Deploy to Cequence Cloud (Recommended)
- Fully managed deployment
- Automatic scaling and monitoring
- Built-in high availability
- Features included:
- Auto-scaling
- Managed infrastructure
- Built-in monitoring
- Zero maintenance
Option B: Deploy with Helm Chart
- Self-managed Kubernetes deployment
- Full control over infrastructure
- Requires:
- Kubernetes cluster
- Helm 3.x installed
- Container registry access
Click Next after selecting your deployment method.
Step 10: Review and Deploy
Review your MCP server configuration:
- MCP Server Name: Your chosen name
- Base URL:
https://{instance}.salesforce.com - Selected Endpoints: Number of endpoints selected
- Authentication: OAuth 2.0 (Configured)
- API Protection: Enabled/Disabled
- Deployment: Cequence Cloud or Helm
Click Create & Deploy to finalize the setup.
Step 11: Post-Deployment Setup
After successful deployment:
-
Note the MCP Server URL provided
-
Test the OAuth flow:
- Click "Test Connection"
- You'll be redirected to Salesforce login
- Log in and authorize the app
- Confirm successful connection
-
Configure AI Agents:
- The MCP server is now available for AI agent connections
- Use the provided server URL in your AI agent configuration
Using Your Salesforce MCP Server
With Claude Desktop
-
Open Claude Desktop settings
-
Add your MCP server:
{
"servers": {
"salesforce": {
"url": "your-mcp-server-url",
"auth": {
"type": "oauth2",
"client_id": "your-consumer-key"
}
}
}
} -
Start using natural language commands:
- "Show me all opportunities closing this month"
- "Create a task to follow up with Acme Corp next week"
- "Update the stage for all stalled opportunities"
- "Find duplicate contacts and suggest merges"
- "Generate a report of accounts by industry"
API Integration Example
// Initialize MCP client
const mcpClient = new MCPClient({
serverUrl: 'your-mcp-server-url',
auth: {
type: 'oauth2',
token: 'user-access-token'
}
});
// Query opportunities
const opportunities = await mcpClient.salesforce.query({
q: "SELECT Id, Name, Amount, CloseDate FROM Opportunity WHERE StageName = 'Negotiation' AND CloseDate = THIS_QUARTER"
});
// Create a contact
const contact = await mcpClient.salesforce.sobjects.Contact.create({
FirstName: 'John',
LastName: 'Doe',
Email: 'john.doe@example.com',
AccountId: '001xx000003DHPh'
});
// Update multiple records
await mcpClient.salesforce.composite.sobjects({
allOrNone: true,
records: [
{
attributes: { type: 'Account' },
id: '001xx000003DHPh',
NumberOfEmployees: 500
},
{
attributes: { type: 'Contact' },
id: '003xx000003DHPh',
Title: 'VP of Sales'
}
]
});
// Execute anonymous Apex
await mcpClient.salesforce.tooling.executeAnonymous({
body: "List<Account> accounts = [SELECT Id FROM Account WHERE CreatedDate = TODAY]; System.debug(accounts.size());"
});
Common Use Cases
Sales Operations
- Pipeline management and forecasting
- Lead scoring and routing
- Opportunity automation
- Territory management
- Quote generation
Service Excellence
- Case routing and escalation
- SLA monitoring
- Knowledge base management
- Customer satisfaction tracking
- Service analytics
Marketing Automation
- Campaign management
- Lead nurturing
- Email marketing integration
- Event management
- ROI tracking
Data Management
- Data quality improvement
- Duplicate management
- Mass updates
- Data migration
- Backup and archival
Security Best Practices
-
OAuth Security:
- Use Connected App IP restrictions
- Implement session timeout policies
- Regular token rotation
- Monitor OAuth usage
-
API Limits:
- Monitor daily API request limits
- Implement efficient querying
- Use bulk API for large operations
- Cache frequently accessed data
-
Data Security:
- Respect field-level security
- Honor sharing rules
- Implement row-level security
- Audit data access
-
Profile Management:
- Use minimum required permissions
- Regular permission audits
- Separate integration user
- Monitor user activity
Troubleshooting
Common Issues
-
Invalid Session ID
- Token expired - implement refresh logic
- Session timeout - re-authenticate
- IP restrictions - check Connected App settings
-
API Limit Exceeded
- Check org limits in System Overview
- Implement request batching
- Use Bulk API for large operations
- Consider purchasing additional API calls
-
Insufficient Privileges
- Verify user profile permissions
- Check field-level security
- Ensure object access
- Validate sharing rules
-
SOQL Errors
- Check field API names
- Verify object relationships
- Respect SOQL limits
- Use proper date literals
Getting Help
- Documentation: AI Gateway Docs
- Support: support@cequence.ai
- Community: AI Gateway Forum
- Salesforce Developer Docs: developer.salesforce.com
- API Reference: Salesforce REST API
Copyright © 2025 Cequence Security.