Claude and Salesforce Integration | Official Hosted MCP Connection Guide

Claude Code Salesforce MCP Claude Desktop 外部連携 SOQL

Clauder Navi 編集部 / 最終更新 2026-06-15

The need to "read our company's Salesforce data directly from Claude" or "ask for sales figure summaries in natural language" got a major boost in 2026. At TDX 2026, Salesforce Hosted MCP Server became Generally Available (GA), making it possible for your own Salesforce org to be exposed as an MCP server. No local server setup is required — you can connect through the "Connectors" settings in claude.ai or Claude Desktop alone. This article covers the full picture of connection options, concrete setup steps, and tips for safe operation.

Article Summary by AI Chatpowered by Claude
結論powered by Claude

As of 2026, there are two main ways to connect Claude to Salesforce. One is the Salesforce Hosted MCP Server that went GA at TDX 2026, and the other is @salesforce/mcp (DX MCP Server) that runs locally.

The Hosted MCP Server is an approach where Salesforce hosts the infrastructure and your org directly becomes an MCP endpoint — you simply connect via OAuth from the "Custom Connectors" section in claude.ai / Claude Desktop. No local Node.js server is needed.

The connection flow is: enable the MCP server on the Salesforce side → configure OAuth for the external client app → register the connector URL and consumer key on the Claude side. Starting with the read-only sobject-reads server is the safe approach.

All operations are executed under the permissions of the logged-in user (CRUD, FLS, sharing rules), so you don't need to learn a new security model. It is essential to verify behavior in a sandbox environment before using it in a production org.

目次 (8)

Overview of Claude × Salesforce Integration — What Changed in 2026

There are currently two main paths for Claude to access Salesforce.

  1. Salesforce Hosted MCP Server: An MCP server officially hosted by Salesforce. Simply enable your org via Setup, and you can connect from claude.ai or Claude Desktop through a browser.
  2. Local @salesforce/mcp (DX MCP Server): A local MCP server launched via npx on a developer's PC. It uses Salesforce CLI login credentials and is accessed from IDE clients such as Claude Code.

While the local @salesforce/mcp already existed, the Hosted MCP Server GA marks the first time "the Salesforce org itself becomes an MCP server on the cloud side." The Salesforce Developers Blog describes it as "your Salesforce org is now an MCP server," explaining that MCP-compatible clients including Claude and ChatGPT can execute SOQL queries, perform record operations, and call Apex without going through a browsersource.

In short, the distinction is: use the local version if you want to integrate it into development right now, and use the Hosted MCP Server if business users want to access company data from Claude in a browser.

What Is the Salesforce Hosted MCP Server — Your Org Becomes an MCP Server

The Salesforce Hosted MCP Server is an MCP server whose infrastructure is managed and scaled by Salesforce itself. There is no need to provision servers or monitor their uptime — just enable the target server from the Setup screen and the endpoint is immediately available.

According to the official blog, it covers SOQL queries, Apex Invocable Actions and REST calls, Flow execution, and Named Query API, handling not just reads but also record updates. Importantly, all MCP transactions are executed under the authenticated user's permissions (CRUD, field-level security, sharing rules). Because your existing permission design applies as-is, you don't need to learn a new security model for AI integrationsource.

Regarding supported editions, the official blog explicitly states Enterprise Edition or higher as the GA target. There are also reports of testing in Developer Edition since the beta phase, so developers who want to try the feature can get a feel for it with a free developer org.

Connection Steps — Salesforce-Side Configuration

Here are the steps for connecting the Hosted MCP Server from claude.ai (or Claude Desktop). First, configure the Salesforce side. As a prerequisite, you need administrator permissions for the target org.

  1. Enable the MCP server: In Setup, open "MCP Servers," select the "Salesforce Server (may still show beta label)" tab, choose sobject-reads, and enable it. sobject-reads is a read-only server, ideal for initial validation.
  2. Create an external client application: In the "External Client App Manager" in Setup, create a new app. The app name and API reference name can be anything you like.
  3. Configure OAuth: Set the callback URL to https://claude.ai/api/mcp/auth_callback, and set the OAuth scopes to mcp_api and refresh_token, offline_access. Enable "Require Proof Key for Code Exchange (PKCE)" and "Require Secret for Refresh Token Flow" to tighten security.
  4. Retrieve the consumer key: After saving, copy the "Consumer Key" and "Consumer Secret" from the settings tab. You will need these for the Claude-side configuration next.

This approach to configuring the external client app and OAuth scopes is also described in detail in a validation articlesource.

Connector Setup on the Claude Side — claude.ai / Claude Desktop

Once the Salesforce side is ready, register a custom connector on the Claude side.

  1. Add a custom connector: In claude.ai, go to "Settings > Connectors" and select "Add custom connector" via the "+" button. In Claude Desktop, add it similarly via "Customize > Connectors."
  2. Enter connector details: Give it any name (e.g., Salesforce MCP), set the URL to an endpoint such as https://api.salesforce.com/platform/mcp/v1/platform/sobject-reads, and enter the consumer key you copied earlier as the OAuth Client ID.
  3. Log in to Salesforce to connect: Clicking the connector's "Connect" button opens the Salesforce login screen. Log in and select "Allow" to complete the OAuth flow and establish the connection.

Once connected, tools will be visible from the Claude chat. For example, if you ask "Get a list of accounts," the internal tools soql_query or list_recent_sobject_records will be called and records will be returned. During beta validation, read-oriented tools such as describe_global, get_user_info, and describe_sobject, as well as get_related_records and find, were confirmed to be availablesource.

What You Can Do — SOQL, Record Lookups, and Sales Data Analysis

The great benefit of the Hosted MCP Server is that even users who can't write SOQL can request aggregations in natural language. If you type "Summarize new orders from 2025 by opportunity stage," Claude will build and execute the SOQL behind the scenes and return the results in a table.

In practice, there are field reports of using Claude Code to analyze Salesforce data, dramatically cutting the time previously spent manually compiling sales figures and creating reportssource. Being able to dig into "trends in lost deal reasons" or "conversion rates by lead source" across opportunities, accounts, and activity history through conversation represents a major shift from the traditional analysis experience of alternating between SQL and dashboard creation.

On the other hand, write operations (record updates and deletions) — while supported in GA — still require careful handling. The practical approach is to first confirm the value of read-only access with sobject-reads, then gradually open up write operations only after setting up the necessary permissions and approval flows.

When to Use Hosted MCP Server vs. Local @salesforce/mcp

The two approaches are not competing — they serve different purposes.

  • Cases where Hosted MCP Server is a better fit: Business users want to access company data from the claude.ai / Claude Desktop browser UI. You want to avoid setting up a local environment and rely on the org's existing permission management. You don't want to deal with server operations.
  • Cases where local @salesforce/mcp (DX MCP Server) is a better fit: Developers want to run Salesforce development tasks (metadata deploy/retrieve, Apex tests, LWC development) from Claude Code. You want to reuse an org already logged into via Salesforce CLI. You want a self-contained local setup without depending on Pro/Max plan tiers.

Specific configuration for the local version (writing to .mcp.json, narrowing with --toolsets, authentication via sf org login web, etc.) is explained in detail in a separate article: "Claude Salesforce MCP Connection | Steps and Toolsets." The repository is at salesforcecli/mcp. Teams looking to incorporate Salesforce development operations into Claude Code will get up to speed fastest by starting with the local version.

Security and Considerations — Read-Only, User Permissions, Pre-Production Validation

Because the Hosted MCP Server is designed to "access data under the permissions of the logged-in user," creating a dedicated integration user for AI, and removing update/delete permissions from that profile to make it read-only, raises the safety level significantly. Combined with sobject-reads (the read-only server), this virtually eliminates the risk of data being modified by accidental operations.

Key operational considerations are as follows.

  1. Test in a sandbox before going to production: Don't connect directly to your production org — confirm behavior and returned data in a Sandbox or Developer Edition first.
  2. Requires user login: As of now, fully automated execution without a user is not supported; a login is required when setting up the connector. If you're planning batch-style unattended operation, make sure to verify your requirements.
  3. Limit OAuth scopes: Keep the scopes granted to the minimum necessary, such as mcp_api, and avoid passing unnecessary permissions.

These points are repeatedly emphasized in beta validation articles — in particular, "start with read-only" and "pre-production validation is mandatory" are fundamentals to upholdsource.

Summary — Start by Confirming Value with Read-Only Access

The integration of Claude and Salesforce has reached the point of simplicity — "just enable your org and register a connector" — thanks to the Hosted MCP Server going GA at TDX 2026. Even business users who can't write SOQL can now aggregate and explore sales data in natural language.

The three key points for getting started are: start with sobject-reads in read-only mode, minimize OAuth scopes, and validate in a sandbox before going to production. Developers who want to automate development operations should choose the local @salesforce/mcp, while teams that want to run business analysis through conversation should choose the Hosted MCP Server — pick what fits your purpose.

Reference links:

参考になったら ♡
この記事は役立ちましたか?
ご注意: Clauder Navi は Anthropic 公式情報を直接参照し正確な内容に努めておりますが、 本記事の内容に基づく投資判断・契約・利用結果による損害について責任を負いかねます。 重要な意思決定の際は、必ず Anthropic 公式claude.com の一次情報をご自身でご確認ください。

関連記事

Claude and ServiceNow Integration | MCP Connection Guide and ITSM Automation
Claude Code

Claude and ServiceNow Integration | MCP Connection Guide and ITSM Automation

2026/06/15
What You Can Do with Claude × Val Town | Townie AI, MCP, and Instant Deploy
Claude Code

What You Can Do with Claude × Val Town | Townie AI, MCP, and Instant Deploy

2026/06/17
How to Use Claude Task Master | Auto-Generate Tasks from PRD in Cursor
Claude Code

How to Use Claude Task Master | Auto-Generate Tasks from PRD in Cursor

2026/06/17
How to Use Claude × Mermaid | From Diagram Generation to MCP Live Preview
Claude Code

How to Use Claude × Mermaid | From Diagram Generation to MCP Live Preview

2026/06/12
Clauder Navi 編集部
@clauder_navi

Anthropic の Claude / Claude Code を中心に、日本のエンジニア向けに最新動向と実務 を毎日発信。 運営方針 は メディアについて をご覧ください。

プロフィール → 副社長コラム → レッスン一覧 →