# Salesforce DX

> Official Salesforce MCP — SOQL queries, metadata deploy/retrieve, Apex tests, and org management from AI clients.

[Canonical HTML page](https://top-mcps.com/mcp/salesforce-dx) · [server.json](https://top-mcps.com/mcp/salesforce-dx.json) · [methodology](https://top-mcps.com/about/methodology)

## Install

### Claude Desktop — `claude_desktop_config.json`

Paste under mcpServers. Fully quit and reopen Claude after editing.

```json
{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}
```

### Claude Code — `CLI or .mcp.json`

Run from your repo. Commit .mcp.json to share with your team.

```shell
claude mcp add salesforce-dx -- npx -y @salesforce/mcp
```

### Cursor — `.cursor/mcp.json`

Global path: ~/.cursor/mcp.json. Reload window after editing.

```json
{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}
```

### VS Code — `.vscode/mcp.json`

VS Code uses the "servers" key (not "mcpServers").

```jsonc
{
  "servers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}
```

### Windsurf — `~/.codeium/windsurf/mcp_config.json`

Open via Cascade → hammer icon → Configure.

```json
{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}
```

### Cline — `cline_mcp_settings.json`

Open via the Cline sidebar → MCP Servers → Edit.

```json
{
  "mcpServers": {
    "salesforce-dx": {
      "command": "npx",
      "args": [
        "-y",
        "@salesforce/mcp"
      ]
    }
  }
}
```

### Continue — `~/.continue/config.json`

Continue uses modelContextProtocolServers with a transport block.

```json
{
  "experimental": {
    "modelContextProtocolServers": [
      {
        "transport": {
          "type": "stdio",
          "command": "npx",
          "args": [
            "-y",
            "@salesforce/mcp"
          ]
        }
      }
    ]
  }
}
```

### Codex CLI — `~/.codex/config.toml`

Codex uses TOML. Each server is a [mcp_servers.<name>] subtable.

```shell
# ~/.codex/config.toml
[mcp_servers.salesforce-dx]
command = "npx"
args = [
  "-y",
  "@salesforce/mcp",
]
```

### Zed — `~/.config/zed/settings.json`

Zed calls them "context_servers". Settings live-reload on save.

```jsonc
{
  "context_servers": {
    "salesforce-dx": {
      "command": {
        "path": "npx",
        "args": [
          "-y",
          "@salesforce/mcp"
        ]
      }
    }
  }
}
```

### ChatGPT — `ChatGPT → Apps directory`

Salesforce DX doesn't ship a hosted HTTPS endpoint today. ChatGPT supports remote MCP servers only — to use this server in ChatGPT you'll need to deploy it to a public HTTPS URL first (e.g. via Cloudflare Workers or Vercel) or wait for an official remote build.

```none

```

## At a glance

- **Maintainer:** Salesforce
- **Transport:** stdio
- **Auth model:** OAuth 2.1
- **Required secrets:** None
- **Supported clients:** Claude, Cursor, VS Code, Cline, Any MCP-compatible client, Salesforce CLI
- **License:** Apache-2.0
- **Language:** TypeScript
- **Latest version:** latest
- **Last verified:** 2026-06-15
- **GitHub stars:** 425 (fetched 2026-06-17T11:53:23.532Z)
- **Score:** 84/100 (rubric 2026-04 — see https://top-mcps.com/about/methodology)
- **Source:** https://github.com/salesforcecli/mcp
- **Homepage:** https://github.com/salesforcecli/mcp

## Security & scope

- **Access scope:** read-write
- **Sandbox:** Runs as a stdio child process. Inherits Salesforce CLI auth — the agent sees only the orgs the connecting user authorized. Salesforce-side profile, permission sets, and field-level security still apply to every query and mutation.
- **Gotchas:**
  - The MCP can deploy metadata and run Apex tests — never authorize a production org without a sandbox-first workflow and a human-in-the-loop step on deploys.
  - SOQL queries return rows the auth user can see. If the auth user is an admin, the agent gets admin-level visibility — create a dedicated automation user with the minimum profile required.
  - Beta as of 2026-06: behavior and tool surface may shift between releases. Pin a version in `package.json` if reproducibility matters.

## Quick answer

**What it does.** Exposes a Salesforce org as MCP tools — SOQL queries, metadata deploy/retrieve, Apex test execution, permission set assignment, code analyzer, and DevOps Center workflows via the Salesforce CLI auth chain.

**Best for:**
- SOQL queries against Salesforce records from an IDE
- Metadata deploy and retrieve from chat
- Apex test execution and triage
- Permission set assignment
- Code analyzer scans on Apex / LWC source
- DevOps Center release workflows

**Not for:**
- Non-Salesforce CRMs
- Production writes without human review
- Environments where PII access by an LLM is disallowed regardless of scope

## Recipes

### Find at-risk deals via SOQL from the IDE

```
Using the Salesforce MCP, run SOQL against my Sandbox org: select Id, Name, StageName, Amount, CloseDate, OwnerId from Opportunity where IsClosed = false and CloseDate < NEXT_N_DAYS:14 and Probability < 50. Group the results by Owner and return totals.
```

_Tested with: Claude Code, Cursor, VS Code_

## Description

The official `@salesforce/mcp` server, published by Salesforce CLI. It exposes a Salesforce org as MCP tools: run SOQL queries against records, deploy and retrieve metadata, execute Apex tests, manage permission sets, run code analyzer scans, and operate LWC and DevOps Center workflows. Authentication is delegated to the Salesforce CLI — the agent inherits whichever orgs you authorized with `sf org login web` or via the VS Code Salesforce extension.

## Why it matters

Salesforce is the dominant enterprise CRM, and an official, Salesforce-published MCP is the answer to "can an agent safely touch our org." Earlier paths required custom REST integrations or third-party connectors; `@salesforce/mcp` collapses that to a single signed npm package that reuses the same `sf` CLI auth that every Salesforce developer already has.

## Key features

- Published by Salesforce (`@salesforce/mcp` on npm)
- Reuses Salesforce CLI auth (`sf org login web`)
- SOQL data queries, metadata deploy/retrieve, Apex tests
- Permission set assignment + user admin tools
- Code analyzer + static testing
- Lightning Web Component dev tools
- DevOps Center + mobile dev surfaces
- Apache-2.0, public source at `salesforcecli/mcp`

## FAQ

### How does authentication work?

The MCP does not store Salesforce credentials. It uses the Salesforce CLI auth chain — run `sf org login web` (or use the VS Code Salesforce extension) once, and the MCP picks up whichever orgs are authorized. The agent sees only the orgs you have authorized.

### Is it production-safe?

It can write — metadata deploy, permission set assignment, Apex test execution. Treat it like the CLI it wraps: point it at a sandbox first, and only authorize a production org after the workflow is proved. The server is in beta as of 2026-06; verify against your security review before enabling against a production org.

### Can it run SOQL?

Yes. SOQL queries against records are a primary tool. Read scope is bounded by the connecting user's permissions in the authorized org — give the auth user the minimum profile required for what you want the agent to do.

### How is this different from a community Salesforce MCP?

It is published by Salesforce CLI (the `salesforcecli` GitHub org), shares the Apache-2.0 license and the same auth chain as the official `sf` CLI, and lives in the official npm scope (`@salesforce/mcp`). Community wrappers exist; this is the vendor-maintained path.

### Which clients are supported?

Anything that can spawn a stdio MCP — Claude Code, Cursor, VS Code Copilot, Cline, Windsurf, Claude Desktop. The README has client-specific JSON snippets for each.

## Changelog

- **2026-06-15** — Refreshed install snippets and fact sheet; verified for 2026.
- **2025-08-12** — Initial directory listing.