Salesforce

Live

OAUTH 2.0

CRM

CRM & Sales

Accounts, opportunities, and forecasts. Your CRM of record is Salesforce. Your agent can read and update records, log activities, and query pipeline, scoped to the user's permissions.

  • Acts as the user: Record access and write actions stay tied to the Salesforce user who authorized the agent.
  • Credentials stay vaulted: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: User permissions enforced. 90-day audit trail.
Salesforce
agent · Acme Q3
Run
What opportunities are closing this quarter over $100K?
S
salesforce_soql_query
96ms
Sales agent
3 opportunities closing Q4 over $100K: Acme Enterprise ($250K, 85% probability), Globex Renewal ($180K, 90%), Initech Expansion ($130K, 70%).
Sources: 3 opportunities, Q4 2024
salesforcemcp
3 opportunities
18:29
Message Claude...

Tools your sales agent reaches for on Salesforce, scoped per user.

CALL ANY TOOL
Read and write accounts, contacts, leads, opportunities, and cases. Run SOQL queries for custom data retrieval.
salesforce_account_create
Create account
Create a new Account in Salesforce. Supports standard fields
Parameters
Name
Type
Required
Description
Name
string
Required
Account Name
AccountNumber
string
Optional
Account number for the organization
AnnualRevenue
number
Optional
Annual revenue
BillingCity
string
Optional
Billing city
BillingCountry
string
Optional
Billing country
BillingPostalCode
string
Optional
Billing postal code
BillingState
string
Optional
Billing state/province
BillingStreet
string
Optional
Billing street
Description
string
Optional
Description
Industry
string
Optional
Industry
NumberOfEmployees
integer
Optional
Number of employees
OwnerId
string
Optional
Record owner (User/Queue Id)
Phone
string
Optional
Main phone number
RecordTypeId
string
Optional
Record Type Id
Website
string
Optional
Website URL
salesforce_account_delete
Delete account
salesforce_account_get
Get account
salesforce_account_update
Update account
salesforce_accounts_list
List accounts
salesforce_chatter_comment_create
Create chatter comment
salesforce_chatter_comment_delete
Delete chatter comment
salesforce_chatter_comments_list
List chatter comments
salesforce_chatter_post_create
Create chatter post
salesforce_chatter_post_delete
Delete chatter post
salesforce_chatter_post_get
Get chatter post
salesforce_chatter_posts_search
Search chatter posts
salesforce_chatter_user_feed_list
List chatter user feed
salesforce_composite
Composite
salesforce_contact_create
Create contact
salesforce_contact_get
Get contact
salesforce_dashboard_clone
Dashboard Clone
salesforce_dashboard_get
Get dashboard
salesforce_dashboard_metadata_get
Get dashboard metadata
salesforce_dashboard_update
Update dashboard
salesforce_global_describe
Global Describe
salesforce_limits_get
Get limits
salesforce_object_describe
Object Describe
salesforce_opportunities_list
List opportunities
salesforce_opportunity_create
Create opportunity
salesforce_opportunity_get
Get opportunity
salesforce_opportunity_update
Update opportunity
salesforce_query_next_page
Query Next Page
salesforce_query_soql
Query Soql
salesforce_report_create
Create report

For more tools, view docs.

Build your Agent
Drop the toolkit in, point it at the user, and your agent can query Salesforce records and run SOQL from the first run.
Python · LlamaIndex
import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["salesforce"], toolNames: ["salesforce_soql_query", "salesforce_record_search", "salesforce_record_get"] },
pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
name: t.tool.definition.name,
description: t.tool.definition.description,
schema: z.object({}).passthrough(),
func: async (args) => {
const { data } = await sk.tools.executeTool({
toolName: t.tool.definition.name,
identifier: "user_123",
params: args,
});
return JSON.stringify(data);
},
}));

const agent = createReactAgent({ llm, tools: lcTools });
import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["salesforce"], toolNames: ["salesforce_soql_query", "salesforce_record_search", "salesforce_record_get"] },
pageSize: 100,
});

const llmTools = tools.map((t) => ({
type: "function",
function: {
name: t.tool.definition.name,
description: t.tool.definition.description,
parameters: t.tool.definition.input_schema,
},
}));

const resp = await openai.responses.create({
model: "gpt-4o", input: prompt, tools: llmTools,
});
import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["salesforce"], toolNames: ["salesforce_soql_query", "salesforce_record_search", "salesforce_record_get"] },
pageSize: 100,
});

const llmTools = tools.map((t) => ({
name: t.tool.definition.name,
description: t.tool.definition.description,
input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
model: "claude-sonnet-4-6", max_tokens: 1024,
tools: llmTools,
messages: [{ role: "user", content: prompt }],
});
import { Agent } from "@google/adk/agents";
import {
MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
connectionParams: new StreamableHTTPConnectionParams({
url: "https://mcp.scalekit.com/salesforce",
headers: { Authorization: `Bearer ${userScopedToken}` },
}),
});

const agent = new Agent({
name: "agent", model: "gemini-2.0-flash",
tools: await toolset.getTools(),
});
Try these prompts
Paste any prompt into your agent to start pulling CRM intelligence from Salesforce.
Search & recall
Copy the prompt
Copied
Show me all open opportunities over $100K closing this quarter.
Copy the prompt
Copied
Find all contacts at [account name].
Copy the prompt
Copied
List all leads from [campaign name].
Copy the prompt
Copied
What cases are open with priority High?
Action & updates
Copy the prompt
Copied
Update the stage on [opportunity name] to Negotiation.
Copy the prompt
Copied
Create a new lead: [name], [company], [email].
Copy the prompt
Copied
Log a call with [contact name]: [notes].
Copy the prompt
Copied
Close won the [opportunity name] deal at [$amount].
Pipeline & reporting
Copy the prompt
Copied
Run a SOQL query: SELECT StageName, SUM(Amount) FROM Opportunity GROUP BY StageName.
Copy the prompt
Copied
What is my total pipeline value this quarter?
Copy the prompt
Copied
Which accounts have no activity in the last 30 days?
Copy the prompt
Copied
List all opportunities owned by [rep name].
SEE HOW AUTH WORKS
Users authorize Salesforce once. Their org credentials stay vaulted, every call is checked, and every action is logged.
1
Authorize
Your user connects
Salesforce
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Salesforce
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Salesforce
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Salesforce
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
Same per-user auth pattern across other sales agents and MCP connectors. Working code, live demos, fork what fits.
GTM
Salesforce customer insights agent
Surface Salesforce account activity, NPS signals, and renewal flags into Slack threads for the account team.
GTM
CRM AI agent
Log calls, update opportunity stages, and surface stalled deals across HubSpot or Salesforce. No manual data entry.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.
01.
Shared tokens bypass field-level security
A shared Salesforce token bypasses field-level security. In production, every SOQL query and record write runs under the integration profile, not the rep's. FLS rules break. Opportunity ownership breaks. Scalekit resolves the rep's profile at call time, so Salesforce enforces the right access rules.
// shared bot token
token = "sk_salesforce_shared_xxx"
audit → bot_service_account
rep_filter → broken

// scalekit · per-user
token = resolve(user_id)
audit → user_abc
scope → enforced ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Salesforce today. HubSpot, Attio, Apollo tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Salesforce as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.
Where is the Salesforce oauth 2.0 stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.
Can I limit what the agent is allowed to do in Salesforce?
Yes. Pass a tool name filter to listScopedTools so the sales agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Salesforce.
What happens when a user revokes Salesforce access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.
Does SOQL execution respect Salesforce field-level security?
Yes. SOQL queries run as the authorizing user. Field-level security, sharing rules, and profile permissions all apply. The agent cannot read or write what the user cannot.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""salesforce"": {
""url"": ""https://mcp.scalekit.com/salesforce"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.salesforce]
url = ""https://mcp.scalekit.com/salesforce""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""salesforce"": {
""url"": ""https://mcp.scalekit.com/salesforce"",
""type"": ""http""
}
}
}