Complete Guide to Building a Salesforce API Integration

Apr 4, 202425 minute read


Salesforce is a cloud-based customer relationship management (CRM) platform that helps businesses manage and analyze customer interactions and data throughout the customer lifecycle, with the goal of improving customer relationships, increasing sales, and driving growth. As of January 2021, Salesforce reported having over 150,000 customers worldwide.

What can you do with the Salesforce API?

The Salesforce API allows interaction with various data models, enabling users to perform complex queries, retrieve specific data sets, and share data between Salesforce and external systems. Here's a breakdown of what is possible for each data model:

  • Standard Objects: These are pre-built objects provided by Salesforce, such as Accounts, Contacts, Leads, Opportunities, and Cases. They serve as the building blocks for all custom objects and include fields that describe the objects' attributes. Users can interact with these objects to create, read, update, and delete records, enabling the management of business relationships and sales processes.

  • Custom Objects: Salesforce allows users to create their own custom objects to fit specific business needs. These objects can have the same properties as standard objects, including validation rules, history tracking, and triggers. Custom objects enable the creation of complex relationships between objects, automate data management and retrieval strategies, and prevent duplicate entries or track hierarchical structures within records.

  • Fields: Fields are the individual data elements stored within an object. Users can interact with fields to store specific pieces of information associated with the object, such as a customer's name, phone number, email, and address. This interaction includes creating, updating, and deleting field values.

  • Records: Records are instances of an object, representing specific occurrences or instances of the entity. Users can interact with records to create new instances of an object, update existing records, or delete records that are no longer needed. This interaction is crucial for managing the lifecycle of data within Salesforce.

  • Relationships: Salesforce data model includes different types of relationships between objects, such as master-detail, lookup, many-to-many, and hierarchical relationships. Users can interact with these relationships to establish connections between objects, enabling the creation of robust and accurate reports, workflows, and triggers. This interaction is essential for modeling data in a hierarchical structure or linking records in one object to numerous records in another object.

  • API Interaction: The Salesforce API collection includes SOAP API, REST API, and Bulk API, allowing external systems to interact with Salesforce's data model. Users can perform complex queries, retrieve specific data sets, and share data between Salesforce and external systems, enabling intelligent data analysis and reporting.

In summary, the Salesforce API provides a comprehensive set of tools and capabilities for interacting with various data models, enabling users to manage and analyze their business data effectively.

Potential use cases

Based on the information provided in the sources, here are five potential use cases that can be enabled using the Salesforce API:

  • Building Custom Development Tools: Utilize the Salesforce Tooling API to create custom tools for applications. This includes managing and deploying working copies of Apex classes and triggers, Visualforce pages and components, and integrating Salesforce metadata with other systems for seamless integration.

  • Building Native Apps with Salesforce Functionality: Use the Salesforce User Interface API to build user interfaces that facilitate seamless interactions with Salesforce records. This is ideal for mobile or web apps, allowing them to mirror the functionality provided by Salesforce itself, including operations like creating, reading, updating, and deleting records.

  • Integrating with Salesforce Features: Leverage the Salesforce Connect REST API to integrate external systems or applications with a wide range of Salesforce features such as B2B Commerce for Lightning, CMS managed content, Experience Cloud sites, files, notifications, and Chatter feeds. This enables the development of applications that can fetch details, manage content, and facilitate effective communication within an organization.

  • Accessing Salesforce Data in Mobile or Web Apps: Use the Salesforce REST API to access your Salesforce data in a mobile or web app. This API allows for easy data manipulation, including basic CRUD operations on Salesforce records, and the use of SOQL queries to fetch, search, and manipulate data.

  • Managing Organization Customizations: Employ the Salesforce Metadata API to manage the customization and configuration details of your Salesforce organization. This API is particularly useful for tasks like migrating changes from a sandbox or testing environment to a production org, and for developing custom applications or tools that interact with the Salesforce metadata model.

Building with Salesforce's API

How to get a Salesforce developer account and API Keys?

Here's the rewritten section focusing on how to get a developer account and API keys, using a clear and precise tone:

To get a developer account for Salesforce and create an API integration, follow these steps:

  1. Create a Free Developer Account: Sign up for a free Salesforce Developer account. This account provides access to a working Salesforce organization, allowing you to explore the interface and manage users.

  2. Set Up a Connected App: After setting up your developer account, create a Connected App. Navigate to the Setup menu, enter "App Manager" in the Quick Find box, and select App Manager. Create a new Connected App by providing details such as the app name, API name, and callback URL. After setting up, you'll receive a Consumer Key and Consumer Secret for your app.

  3. Obtain Credentials for Authentication: To authenticate your API requests, obtain credentials by adding an API integration to your installed package. Locate the client ID and client secret under the component details. Use these credentials with your Authentication Base URI to get an access token.

  4. Create an API Integration: Ensure you have the "Installed Package | Administer" permission to create an API integration. This permission is automatically applied to the Administrator and Marketing Cloud Administrator system-defined roles. You can add the permission for a role or user in the Administration area. Depending on your package type (enhanced or legacy), use OAuth 2.0 authentication to obtain an access token.

By following these steps, you can successfully create a developer account for Salesforce and set up an API integration to interact with Salesforce data programmatically.

Open API Spec

API Explorer

Run Queries against the Salesforce API

Salesforce SDKs

TypeScript Logo

Typecript / Javascript

Top Salesforce SDK on NOM

Ruby Logo


Top Salesforce SDK on Rubygems

Python Logo


Top Salesforce SDK on PyPi

PHP Logo


Top Salesforce SDK on Packagist

C Sharp Logo


Top Salesforce SDK on NuGet

Salesforce API Details

What type of API does Salesforce provide?

Salesforce offers a variety of APIs, each designed for specific use cases and integrations. The primary types of APIs Salesforce provides are:

  • REST API: A lightweight, web service based on RESTful principles, supporting both XML and JSON data formats. It's suitable for creating, reading, updating, and deleting (CRUD) records, querying data, retrieving object metadata, and accessing information about limits in your Salesforce org.

  • SOAP API: A protocol for exchanging structured information in web services using XML, with a strict format definition. It's particularly useful for enterprise applications where robustness, strict contracts, and advanced security features are paramount.

  • GraphQL API: Allows clients to request exactly what they need, reducing the amount of data transferred over the network and improving performance. It's ideal for building highly responsive and scalable applications that require precise control over the data returned from the server.

  • gRPC API: A high-performance, open-source framework developed by Google, using Protocol Buffers as its interface definition language. It supports multiple programming languages and is well-suited for creating scalable microservices due to its support for bidirectional streaming and flow control.

Does the Salesforce API have webhooks?

Yes, the official Salesforce API supports webhooks. Specifically, Salesforce's Customer 360 API allows you to create data action targets of the webhook type. This means you can subscribe to various events and have Salesforce send notifications to your specified endpoint when those events occur.

To use webhooks effectively, you would typically:

  1. Define the webhook in Salesforce, specifying the URL of your endpoint that will receive the notifications.
  2. Configure the events you want to subscribe to. This could involve setting up triggers or processes within Salesforce that fire the webhook under specific conditions.
  3. Implement the endpoint on your server to receive and process the webhook notifications.

For detailed instructions on setting up webhooks in Salesforce, including how to define them and the types of events you can subscribe to, you would need to consult the Salesforce documentation or developer resources, as the specific details and capabilities can vary based on the Salesforce product and version you are using.

Rate Limits and other limitations

The Salesforce API rate limits vary depending on the type of Salesforce edition you have (e.g., Developer, Unlimited, Enterprise, etc.). However, the specific details about the rate limits for each edition are not directly provided in the search results. Typically, Salesforce outlines these limits in their documentation, which includes information on the number of API calls you can make within a certain timeframe.

For a comprehensive understanding of the API rate limits for your specific Salesforce edition, it's recommended to consult the Salesforce documentation directly or contact Salesforce support. Salesforce's documentation is regularly updated and provides detailed information on API limits, including any changes or updates to these limits.

Latest API Version

The most recent version of the Salesforce API is not directly mentioned in the provided sources. However, Salesforce API versions are released with major seasonal releases of Salesforce, such as Winter '20, Spring '21, and so on. Each major release rolls out over several months in multiple phases, starting with preview instances, then selected sandboxes instances, and continuing through multiple waves of rollout to different subsets of production instances. There is no single release date for any API version; it's always an extended process. The concept of a release date simply isn't very meaningful for Salesforce API versions.

For the most accurate and up-to-date information on the latest Salesforce API version, it's recommended to check the official Salesforce Developer documentation or the Salesforce release notes page. These resources provide detailed information about the latest releases, including API versions, and are regularly updated by Salesforce.

Status Page

The most current status page URL for Salesforce is

Code Examples

Building authentication

Here are the steps to set up authentication for the Salesforce API:

  1. Obtain your Salesforce API credentials, including the client ID and client secret.

  2. Request an authorization code by sending a GET request to the Salesforce authorization endpoint:

    curl -X GET ""

    Replace YOUR_CLIENT_ID, YOUR_REDIRECT_URI, and YOUR_SCOPES with your actual values.

  3. After the user grants permission, Salesforce will redirect the user to the specified redirect URI with an authorization code in the query parameters.

  4. Exchange the authorization code for an access token by sending a POST request to the Salesforce token endpoint:

    curl -X POST "" \
         -H "Content-Type: application/x-www-form-urlencoded" \
         -H "Accept: application/json" \
         -d "client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&redirect_uri=YOUR_REDIRECT_URI&grant_type=authorization_code&code=YOUR_AUTHORIZATION_CODE"


  5. The response from the token endpoint will include an access token and a refresh token. Store these tokens securely for future use.

  6. To refresh the access token when it expires, send a POST request to the Salesforce token endpoint using the refresh token:

    curl -X POST "" \
         -H "Content-Type: application/x-www-form-urlencoded" \
         -H "Accept: application/json" \
         -d "client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=refresh_token&refresh_token=YOUR_REFRESH_TOKEN"

    Replace YOUR_CLIENT_ID, YOUR_CLIENT_SECRET, and YOUR_REFRESH_TOKEN with your actual values.

  7. The response from the token endpoint will include a new access token. Update your stored access token with the new one.

By following these steps, you can set up authentication for the Salesforce API and obtain the necessary access token to make authenticated requests to the API endpoints.