Salesforce-MCP-Server
Verified Safeby 5p875v6f46-ai
Overview
Provides programmatic access to Salesforce metadata through a standardized interface, enabling AI applications to discover and interact with Salesforce org structure.
Installation
python salesforce_mcp.pyEnvironment Variables
- SF_INSTANCE_URL
- SF_CLIENT_ID
- SF_CLIENT_SECRET
Security Notes
The primary authentication in `salesforce_mcp.py` uses Web Server OAuth Flow with PKCE, which is a secure standard. Credentials (Client ID/Secret) are loaded from environment variables, which is good practice. However, access tokens are saved to a plaintext file (`~/.salesforce_mcp_token.json`), which presents a moderate risk as any local process with file access can read the token. The `configure_salesforce` MCP tool within `salesforce_mcp.py` confusingly still accepts and stores `username` and `password` in `os.environ`, though these are not used by the primary PKCE authentication flow. Older documentation and test scripts also reference the less secure Username-Password Flow, but the main server has pivoted to PKCE. No malicious patterns like `eval` or obfuscation were detected.
Similar Servers
mcp-framework
This repository provides a framework for integrating and managing OAuth authentication within a server application, potentially involving HTTP streaming.
example-remote-server
A reference server demonstrating all Model Context Protocol (MCP) features and OAuth 2.0 authentication patterns.
mcp-tools
Provides a TypeScript library to simplify building Model Context Protocol (MCP) clients and servers, enabling AI applications to securely access private user data through OAuth-based authentication flows.
tiger-salesforce-mcp-server
Provides LLMs with tools to semantically search Salesforce case summaries and retrieve detailed case information from a TimescaleDB database.