salesforce-mcp-jsforce
Provides tools for interacting with Salesforce, including SOQL queries, SOSL search, object description, and CRUD operations on records via the Salesforce REST API.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@salesforce-mcp-jsforceshow me the top 10 opportunities by amount"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
salesforce-mcp-jsforce
A lite, single-org Model Context Protocol server for Salesforce, built on jsforce.
Bring your own token. The server never stores a client secret, username, or password. You authenticate once with OAuth; it holds only an access token + instance URL.
Two ways to run. Locally over stdio (for Claude Code and other MCP clients) or as a dedicated streamable-HTTP server where each request carries its own token.
Safe to host & open-source. No org-specific config, no multi-environment credential matrix, no destructive metadata tooling. Optional read-only mode.
Tools
Tool | Mode | Description |
| read | Identity of the supplied token (token validity check) |
| read | Run a SOQL query |
| read | Run a SOSL full-text search |
| read | List sObjects + key metadata |
| read | Trimmed describe of an sObject |
| read | Retrieve a record by Id |
| write | Create a record |
| write | Update a record |
| write | Delete a record |
Set SF_READONLY=1 to register the read tools only.
Related MCP server: MCP Force
Quick start
npm install -g @imazhar101/salesforce-mcp-jsforce
# 1. Log in (PKCE against your External Client App)
salesforce-mcp-jsforce login --client-id <ECA_CONSUMER_KEY>
# sandbox: add --login-url https://test.salesforce.com
# 2. Use it from Claude Code
claude mcp add salesforce -- npx -y @imazhar101/salesforce-mcp-jsforcelogin opens a browser, completes the OAuth handshake, saves the token to
~/.config/salesforce-mcp-jsforce/token.json, and prints ready-to-paste config.
Credentials
stdio — one of:
SF_ACCESS_TOKEN+SF_INSTANCE_URLenvironment variables, orthe token file written by
login(read automatically).
HTTP — per request, via headers:
X-SF-Access-TokenX-SF-Instance-UrlX-SF-Api-Version(optional)
Run as a dedicated HTTP server
PORT=3000 salesforce-mcp-jsforce httpStateless streamable-HTTP at POST /mcp; health probe at GET /health. Each
request is handled by a throwaway server instance keyed to its own token — no
caller state is shared. Put it behind TLS; the access token is a live credential.
curl -s http://localhost:3000/mcp \
-H 'content-type: application/json' \
-H 'accept: application/json, text/event-stream' \
-H "X-SF-Access-Token: $SF_ACCESS_TOKEN" \
-H "X-SF-Instance-Url: $SF_INSTANCE_URL" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'Environment variables
Var | Default | Purpose |
| — | stdio access token |
| — | stdio instance URL |
|
| REST API version |
| off |
|
|
| OAuth host (sandbox: |
| — | ECA consumer key for |
| — | only for confidential apps |
|
| OAuth scopes |
|
| HTTP host port |
Security model
The token grants exactly the permissions of the user who authorized it — the server adds no privilege.
In HTTP mode no credentials are persisted; the token lives only for the duration of one request.
In stdio mode the saved token file is written
chmod 600.Tokens are never logged.
Build from source
npm install
npm run build
node dist/index.js --helpLicense
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/imazhar101/salesforce-mcp-jsforce'
If you have feedback or need assistance with the MCP directory API, please join our Discord server