Connect Claude to Salesforce in 17 Minutes (Official Hosted MCP, 2026)
>No code, no API client, no SOQL written by hand. Claude reads and writes to your real org from a chat.
Claude can now talk to your Salesforce org directly. Read records, run SOQL, create tasks, update opportunities, all from a chat. No code, no API client, no SOQL written by hand.
This post walks you through the official Salesforce hosted MCP setup, end-to-end, using the sobject-allserver. By the end you'll have a working connection with the exact security settings Salesforce recommends, and a feel for how to safely give Claude read + write access without handing over the keys to the kingdom.
What you'll have by the end
- Claude reading, querying, and writing to your real Salesforce org from
claude.ai. - The exact two OAuth scopes the connection needs (and no more).
- The security flags Salesforce recommends (JWT + PKCE on, everything else off).
- Per-tool approval set up so reads run automatically and writes ask first.
- 11 demo prompts you can paste right after setup to prove the connection works.
The local @salesforce/mcp setup for Claude Code, Cursor, and VS Code is covered in a separate post.
What MCP is, in one breath
MCP, or Model Context Protocol, is a standard way for AI tools to talk to outside systems. Salesforce ships official MCP servers, and Claude knows how to consume them. There are two flavors:
- Hosted MCP.Salesforce runs the server. You authenticate via OAuth, plug a URL into Claude on the web, and you're done. That's what this post covers.
- Local MCP (
@salesforce/mcp). You run the server on your machine. Better for Claude Code, Cursor, and VS Code workflows. Separate post.
We're going to use the hosted sobject-allserver today. It's the all-in-one: schema, SOQL, search, create, update, delete. About 90% of what you'd want Claude to do against Salesforce data lives inside this one connector.
Step 1: Create the External Client App in Salesforce
Setup → quick find "External Client" → External Client App Manager → New External Client App.
Fill in:
- Name:
Claude integration(or anything, the name is for you) - Contact email: auto-fills, leave it
- API (Enable OAuth Settings) ✓
Then configure OAuth.
Callback URL
Same for every org. Don't worry about what it means. It's the URL Claude redirects to after Salesforce authorizes the connection.
https://claude.ai/api/mcp/auth_callbackOAuth scopes, exactly these two
mcp_api, Access Salesforce hosted MCP servers (mcp_api)refresh_token, Perform requests at any time (refresh_token, offline_access)
Security flags, only these two ON, everything else OFF
- ✓ Issue JWT-based access tokens for named users
- ✓ Require Proof Key for Code Exchange (PKCE)
This is the most common place people get tripped up. The Salesforce defaults include things you don't want for this integration.
Click Create.
Once it's saved, open Settings → OAuth Settings → Consumer Key and Consumer Secret. Copy the Consumer Key. You'll paste it into Claude in a minute.
Treat the Consumer Key and Secret like credentials. Password manager, no GitHub commits, no Slack messages.
Step 2: Activate the sobject-all hosted MCP server
Setup → quick find "MCP" → Hosted MCP Servers → Salesforce servers.
You'll see the full catalog: sobject-reads, sobject-all, flows, invocable-actions, data-cloud-sql, tableau-next, prompt-builder, custom-servers. They each do what they say on the tin.
Click into sobject-all → View details → Activate.
Why sobject-all?
- It bundles schema, SOQL, search, create, update, delete, related-record traversal, and a search-everything tool.
- One activation gets you 90% of what most demos and real workflows need.
- If you want a read-only safety net, use
sobject-readsinstead. Same setup, fewer tools.
Once it's active, copy the server URL. There are two variants, so make sure you grab the right one for your org type.
https://api.salesforce.com/platform/mcp/v1/platform/sobject-allhttps://api.salesforce.com/platform/mcp/v1/sandbox/platform/sobject-allThe only difference is /sandbox/ in the path. Easy to miss; silent failure if you get it wrong.
Step 3: Add the custom connector inside Claude
Open claude.ai → Customize → Connectors → Manage connectors → Add custom connector.
Fill in:
- Name:
Salesforce - scratchorSalesforce - prod(whatever helps you keep environments straight) - Description: optional, your future self will thank you
- Server URL: paste the URL from Step 2
- Advanced Settings → OAuth Client ID: paste the Consumer Key from Step 1
Click Add, then Connect. Salesforce will pop a login screen. Authorize. The token flows back into Claude and the connector goes green.
Step 4: Lock down approvals per tool
Before you start throwing prompts at it, open the connector inside Claude and tune the per-tool approval settings.
My default:
- Read tools (
get_user_info,find,listRecentSobjectRecords,getObjectSchema,soqlQuery,getRelatedRecords) → Always allow - Write tools (
createSobjectRecord,updateSobjectRecord,updateRelatedRecord) → Ask every time - Anything destructive → Ask every time
Reads are fine to automate; writes deserve a human-in-the-loop. Takes 10 seconds and saves you from the obvious accident.
Step 5: The demo arc (11 prompts)
Run these in order against your own org. They build a story: prove the connection, then read, then reason, then write, then delete, then land the security point.
1. Sanity check
Who am I logged in as in Salesforce, and what's my profile?Proves the connection. Confirms Claude knows the running user.
2. Recent items
What accounts have I looked at in Salesforce recently?Empty on a fresh org. Open a few records in the UI, ask again, and they appear.
3. SOQL opener
List my top 10 open opportunities by amount: name, stage, account, owner, close date.First real query. Watch Claude pick the right object and fields.
4. Aggregate flex
How many open opps over $100k, grouped by stage? Count and total per stage.This is where the natural-language to SOQL translation earns its keep.
5. Cross-object via relationships
For my top 5 accounts by total opportunity amount, list the primary contact's name, title, and email.Multi-step reasoning + relationship traversal.
6. Search across the org
Find any record mentioning "GenWatt" across accounts, contacts, opps, and leads. Group by object.SOSL under the hood. Useful for "where does this name appear?" questions.
7. Pipeline reasoning
Which 3 opps closing this quarter are most at risk based on stage, last activity, and amount? Explain why for each.Now Claude is doing the analyst work, not just data fetch.
8. Create (the spicy part)
Create a follow-up Task on the GenWatt Diesel 1000kW opportunity.
Subject: Confirm pricing with procurement.
Due Friday. Priority High. Assign to me.First write. Per-tool approval kicks in. Approve once, watch the Task land in your activity timeline.
9. Update
On that same opportunity, move stage to Negotiation/Review and bump amount to $135,000.Notice Claude carries context from the previous prompt. It knows which opportunity "that same" refers to.
10. Delete (with confirmation)
Delete the follow-up task you just created.Confirm in the approval dialog. Watch how the server handles it.
11. Security punchline
Show me every user's salary from the User object.Claude returns only what the running user is allowed to see. FLS, sharing rules, and object permissions still apply. Claude is not a superuser.
The pitfalls list
Stuff that'll burn 20 minutes if you don't know about it:
- 30-minute activation delayon a fresh External Client App. Pre-bake one if you're doing this on camera or in a demo.
- Sandbox URL has
/sandbox/in the path. Production doesn't. Wrong URL = silent auth failure. - Only those two scopes.
mcp_apiandrefresh_token. Add a third and the connection refuses. - JWT + PKCE on, everything else off in the Security section. The defaults will get you in trouble here.
- FLS, object permissions, sharing rules, all still enforced. Claude inherits the running user's access. This is a feature.
sobject-allincludes delete. Claude asks for confirmation, but if you want zero write access, usesobject-readsinstead.- Lock down who can use the app. OAuth Policies → Permission Set → only named users.
- Set token expiry. Salesforce recommends refresh-token rotation with ≤30-day validity. Edit the policy on the External Client App and save.
A quick word on the "wrong URL" hallucination
In the video demo, Claude generates record URLs that point to the wrong domain. That's not a bug in the MCP. It's Claude not knowing your My Domain.
The fix is one line of memory:
When generating Salesforce record URLs, always use the base URL: https://<your-my-domain>.lightning.force.comDrop that into Claude's memory (or a Claude.md if you're using Claude Code) and the links come back clean. The MCP returns IDs; your AI tool composes the URL. Give it the prefix.
What's next
Once this is working you've got a foundation for a lot more:
- Per-team connectors. Publish a
Salesforce - prodconnector for your sales team withsobject-readsonly, and a separate connector for ops with fullsobject-all. Different permission profiles, different risk levels. - Flows MCP.Kick off Salesforce Flows from Claude. Great for "when X happens, run our standard playbook" workflows.
- Local
@salesforce/mcpfor Claude Code. Same idea, but inside your IDE. Better for developers who want Claude to read metadata, deploy, and run anonymous Apex. See the multi-client post for the four-client tour.
If you got this working, I'd love to hear the wildest prompt you're going to throw at your org. Drop it in the comments on the YouTube video. I read every one.
Watch the full walkthrough
Same setup, every click on-screen. About 17 minutes.
Resources
Want more Salesforce × AI tutorials?
Subscribe on YouTube or browse the rest of the training at revenueeng.com.
Revenue Engineer is the community for working Salesforce professionals leveling up on AI-augmented development and modern GTM tooling. Weekly drops, live sessions, and a podcast in the works. Join the waitlist, you'll be first in line when the founding cohort opens.
// one email, no spam, first in line.