How does authentication work?

The MCP does not store Salesforce credentials. It uses the Salesforce CLI auth chain — run `sf org login web` (or use the VS Code Salesforce extension) once, and the MCP picks up whichever orgs are authorized. The agent sees only the orgs you have authorized.

Is it production-safe?

It can write — metadata deploy, permission set assignment, Apex test execution. Treat it like the CLI it wraps: point it at a sandbox first, and only authorize a production org after the workflow is proved. The server is in beta as of 2026-06; verify against your security review before enabling against a production org.

Yes. SOQL queries against records are a primary tool. Read scope is bounded by the connecting user's permissions in the authorized org — give the auth user the minimum profile required for what you want the agent to do.

How is this different from a community Salesforce MCP?

It is published by Salesforce CLI (the `salesforcecli` GitHub org), shares the Apache-2.0 license and the same auth chain as the official `sf` CLI, and lives in the official npm scope (`@salesforce/mcp`). Community wrappers exist; this is the vendor-maintained path.

Which clients are supported?

Anything that can spawn a stdio MCP — Claude Code, Cursor, VS Code Copilot, Cline, Windsurf, Claude Desktop. The README has client-specific JSON snippets for each.

Salesforce DX

Name: Top MCPs — curated MCP directory
Creator: Top MCPs
License: https://creativecommons.org/licenses/by/4.0/

Official

Official Salesforce MCP — SOQL queries, metadata deploy/retrieve, Apex tests, and org management from AI clients.

Score 84(?)SalesforceApache-2.0 425Verified Jun 15, 2026Top MCPs for CRM →

Install View on GitHub

Quick answer

What it does

Exposes a Salesforce org as MCP tools — SOQL queries, metadata deploy/retrieve, Apex test execution, permission set assignment, code analyzer, and DevOps Center workflows via the Salesforce CLI auth chain.

Best for

SOQL queries against Salesforce records from an IDE
Metadata deploy and retrieve from chat
Apex test execution and triage
Permission set assignment

Not for

Non-Salesforce CRMs
Production writes without human review

Setup recipe

Pick your client, then follow the three steps.

Install

claude_desktop_config.jsonjson

{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}

Paste under mcpServers. Fully quit and reopen Claude after editing.

CLI or .mcp.jsonshell

claude mcp add salesforce-dx -- npx -y @salesforce/mcp

Run from your repo. Commit .mcp.json to share with your team.

.cursor/mcp.jsonjson

{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}

Global path: ~/.cursor/mcp.json. Reload window after editing.

.vscode/mcp.jsonjsonc

{
  "servers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}

VS Code uses the "servers" key (not "mcpServers").

~/.codeium/windsurf/mcp_config.jsonjson

{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}

Open via Cascade → hammer icon → Configure.

cline_mcp_settings.jsonjson

{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}

Open via the Cline sidebar → MCP Servers → Edit.

~/.continue/config.jsonjson

{
  "experimental": {
    "modelContextProtocolServers": [
      {
        "transport": {
          "type": "stdio",
          "command": "npx",
          "args": [
            "-y",
            "@salesforce/mcp"
          ]
        }
      }
    ]
  }
}

Continue uses modelContextProtocolServers with a transport block.

~/.codex/config.tomlshell

# ~/.codex/config.toml
[mcp_servers.salesforce-dx]
command = "npx"
args = [
  "-y",
  "@salesforce/mcp",
]

Codex uses TOML. Each server is a [mcp_servers.<name>] subtable.

~/.config/zed/settings.jsonjsonc

{
  "context_servers": {
    "salesforce-dx": {
      "command": {
        "path": "npx",
        "args": [
          "-y",
          "@salesforce/mcp"
        ]
      }
    }
  }
}

Zed calls them "context_servers". Settings live-reload on save.

ChatGPT → Apps directorynone

Salesforce DX doesn't ship a hosted HTTPS endpoint today. ChatGPT supports remote MCP servers only — to use this server in ChatGPT you'll need to deploy it to a public HTTPS URL first (e.g. via Cloudflare Workers or Vercel) or wait for an official remote build.

2
Set required secrets
No credentials required — this MCP runs over stdio without authentication.
3
Try a minimum working prompt
Find at-risk deals via SOQL from the IDE
Using the Salesforce MCP, run SOQL against my Sandbox org: select Id, Name, StageName, Amount, CloseDate, OwnerId from Opportunity where IsClosed = false and CloseDate < NEXT_N_DAYS:14 and Probability < 50. Group the results by Owner and return totals.
Tested with: Claude Code, Cursor, VS Code.

Tools & permissions

Tools list pending verification. The server exposes tools over MCP; we haven’t yet parsed its capability manifest into this page. Check the GitHub repo for the authoritative list.

Security & scope

Access scope: Read + write
Sandbox: Runs as a stdio child process. Inherits Salesforce CLI auth — the agent sees only the orgs the connecting user authorized. Salesforce-side profile, permission sets, and field-level security still apply to every query and mutation.
Gotchas: The MCP can deploy metadata and run Apex tests — never authorize a production org without a sandbox-first workflow and a human-in-the-loop step on deploys.
SOQL queries return rows the auth user can see. If the auth user is an admin, the agent gets admin-level visibility — create a dedicated automation user with the minimum profile required.
Beta as of 2026-06: behavior and tool surface may shift between releases. Pin a version in `package.json` if reproducibility matters.

Agent prompt pack

— copy into Claude, Cursor, or ChatGPT.

Paste into Claude, Cursor, or ChatGPT. Edit the [brackets] before sending.

Recommend the best MCP servers for [task: e.g. crm work] in [client: Claude].

Constraints:
- Prefer tools that are [official | open-source | read-only] — pick what matters for my use case.
- Exclude MCPs that require [e.g. a paid plan, OAuth-only flows, remote-only transport].
- Return at most 3 picks, ranked.

For each pick include:
1. One-sentence rationale.
2. The ready-to-paste install snippet for my client.
3. Any required secrets I need to create before installing.

Cross-check the top-mcps.com listing: https://top-mcps.com/top-mcps-for-crm

Compare Salesforce DX against a real alternative. Swap the second MCP in [brackets] if you want a different match.

Compare Salesforce DX MCP vs [HubSpot MCP] for the following job: [describe the job, e.g. "let an agent create GitHub issues on bug triage"].

Judge them on:
- Setup time and complexity (what a new user hits first).
- Auth model (none / API key / OAuth 2.1) and credential risk.
- Transport (stdio / Streamable HTTP / SSE) and where the server runs.
- Required secrets and the blast radius if they leak.
- Operational risk in an unattended agent loop.
- Which one is "good enough" for a weekend prototype vs. production.

End with one sentence: which should I pick for my scenario, which is: [my scenario].

References:
- https://top-mcps.com/mcp/salesforce-dx
- top-mcps.com listing for HubSpot

Asks the agent to install and verify. Works inside Claude Code, Cursor Agent, Codex CLI.

Install the Salesforce DX MCP server for my [client: Claude] at the default config path for that client.

Use the exact install snippet published at https://top-mcps.com/mcp/salesforce-dx (fetch https://top-mcps.com/mcp/salesforce-dx.json for the canonical server.json if you can read URLs).

Before finishing:
1. Create the required secrets (no secrets) and put them in the appropriate env block — do not hard-code them.
2. Restart or reload the client so it picks up the new server.
3. Verify the server is connected (green / running state) and at least one tool is listed.
4. If anything fails, read the client's MCP logs and report the exact error — do not silently retry.

Confirm when done and list the tools the server now exposes.

Frequently asked questions

What changed

— 2 updates tracked.

Jun 15, 2026
Refreshed install snippets and fact sheet; verified for 2026.
Aug 12, 2025
Initial directory listing.

More CRM MCPs

Other tools in the same category worth evaluating.

Attio

Official

Official Attio MCP — natural-language CRM control across records, lists, and notes via OAuth.

attiocrmsalespipeline

< 1 minLow

Pipedrive

Pipedrive MCP — search deals, contacts, organizations, and activities across the Pipedrive REST API.

pipedrivecrmsalespipeline

5 minLow

Compared with Salesforce DX

Side-by-side breakdowns for the choices people most often weigh against this MCP.

Salesforce DXvsHubSpot Salesforce DXvsAttio Salesforce DXvsPipedrive Salesforce DXvsZapier

Exploring Top MCPs for CRM? See all CRM MCPs →