Salesforce API Integration Guide In-Depth (2026)

This guide is part of our growing collection on CRM integrations. We’re continuously exploring new apps and updating our CRM Guides Directory with fresh insights.

Salesforce offers more than seven distinct APIs. REST, SOAP,Bulk, Streaming, Metadata, GraphQL, Connect — each designed for a differentjob. Most developers starting out pick one and assume it covers everything. It doesn't.

OAuth 2.0 setup trips people up the first time. API calllimits catch teams by surprise in production. And if you're building acustomer-facing integration — where your product connects to your customers' Salesforce orgs — there's a whole additional layer of complexity around schemanormalisation and per-org auth that most guides don't address at all.

This guide covers the full picture: which Salesforce API touse for which job, how authentication and licensing work, what the rate limitsactually are, and how to build integrations that hold up in production —whether you're writing internal automation or shipping a Salesforce integration as a product feature.

1. Understanding Salesforce API

Salesforce API integration involves connecting your business applications to Salesforce's APIs. This enables a smooth exchange of data and automated workflows. It helps you leverage the powerful functionality of all connected platforms.

There are two distinct contexts where Salesforce API integration comes up:

• Internal integrations: connecting Salesforce to other tools your team uses — syncing leads from Salesforce into a marketing platform, pushing closed-won deals into your billing system, or keeping your HRIS and Salesforce user records in sync. You control both ends.

• Customer-facing integrations: you're building a SaaS product and your customers want to connect it with their Salesforce org — pulling contact or deal data into your platform, or pushing activity data back into Salesforce. You don't control the customer's org configuration, field schema, or API version.

The right approach, tooling, and architecture differ significantly between the two. This guide covers both.

2. Salesforce API Types: Full Comparison

Salesforce has seven primary APIs. Most developers default to the REST API — which is correct for most use cases — but understanding when to use each one will save you from building something that breaks at scale

Overview of Salesforce APIs
Salesforce offers several APIs for different integration needs:

• REST API: Uses standard HTTP methods, making it ideal for web and mobile applications due to its simplicity. It supports JSON and XML formats.
• SOAP API: This uses the SOAP protocol and is suitable for enterprise-level integrations that require formal contracts and structured data exchange.
• Bulk API: Optimized for loading or deleting large data sets asynchronously, perfect for data migration and batch processing.
• Streaming API: Streams data in real-time, sending notifications when changes occur in Salesforce. This is great for applications requiring instant updates.
• Metadata API: Manages customizations and configurations within Salesforce, essential for deployment and continuous integration.

Knowing these APIs helps you choose the right tools for your integration goals.

Looking for a quick start with Salesforce Integrations? Check our Salesforce API Directory for common Salesforce API endpoints

‍

3. Which Salesforce API Should You Use?

Use case drives the choice. Here's the quick decision guide:

For most integrations, REST API is the right starting point. Switch to Bulk API 2.0 the moment you're dealing with record volumes above 10,000 — the REST API will hit rate limits fast at that scale, and Bulk API 2.0 is explicitly designed for it.

4. Why does Salesforce API Integration benefit businesses?

Integrating Salesforce APIs is essential for modern businesses to stay agile and customer-focused. Here’s why it’s so important:

• Real-Time Data Flow and Automation
  Salesforce API integration facilitates Salesforce CRM and other business applications, addressing issues of managing isolated data repositories. Data management, including data sharing, allocation, distribution, and automated data workflows, leads to better decision-making.
• Streamlined Operations & Enhanced Collaboration

Salesforce API Integration ensures a seamless flow of data via Salesforce and other

business applications. This integration improves communication and collaboration by

ensuring all members have access to real-time data

• 360-Degree View of Customers

Salesforce brings customer data from diverse sources into a centralized repository. Data such as sales interactions, support tickets, social media engagement, and marketing campaigns provide insights into customer's needs and behavior. With this understanding engagement strategies can bring a major impact.

Integrating Salesforce APIs isn’t just about making systems talk to each other—it’s about unlocking valuable insights, optimizing processes, and creating a responsive, customer-centered organization.

5. Setting Up Your Salesforce API Integration

Create Your Salesforce Developer Account

To start integrating with Salesforce APIs, you need to create a Salesforce Developer Account. Here you can create and test your custom application: 

Step-by-Step Guide to Setting Up

• Create a New Account: Visit the Salesforce Developer Signup Page
• Complete the Registration Form: Provide your first name, last name, email address, role, company, country, and unique username.
• Activate Your Account: Look for an email from Salesforce, follow the link to verify your account, set a password, and select a security question.
• Log In to Your Developer Org: Use your credentials to log in at Salesforce Login.

After logging in, you’ll have full access to your Salesforce Developer Organization, where you can begin building and testing your API integrations.

Manage Access and Authentication

Proper authentication is essential for secure API interactions.

Generating Salesforce API Tokens

Salesforce uses security tokens to enhance security:

1. Reset Security Token:
   • Click on your avatar and select Settings.
   • Under My Personal Information, choose Reset My Security Token.
   • Click Reset Security Token.
2. Retrieve the Token:
   • Salesforce sends the new security token to your registered email.
   • Keep this token confidential; it's required for API authentication.

Understanding Salesforce API Authentication

Salesforce supports OAuth 2.0 for authentication:

• Authentication Endpoint: https://login.salesforce.com/services/oauth2/token
• Required Parameters:some text
  • grant_type: Should be password.
  • client_id: Your Connected App's Consumer Key.
  • client_secret: Your Connected App's Consumer Secret.
  • username: Your Salesforce username.
  • password: Your Salesforce password is concatenated with your security token.

By authenticating, you receive an access token in the Authorization header of your API requests.

Resolving Common Authentication Issues

• Invalid Credentials: Double-check your username, password, and security token.
• Insufficient Permissions: Ensure your Connected App has the necessary OAuth scopes.
• IP Restrictions: If accessing from an untrusted IP, adjust settings under Connected App > Manage > Policies.

API Access: Licenses and Permission Sets

One of the most common blockers after getting OAuth working is hitting an "API_CURRENTLY_DISABLED" error. This usually means the integration user's profile doesn't have API access enabled — not an auth problem, a licensing one.

Which Salesforce editions include API access?

• Enterprise, Unlimited, Performance, and Developer editions include API access by default.

• Professional edition does not include API access by default — you need the API Access add-on (available at extra cost from Salesforce).

• Essentials edition does not support API access.

Enabling API access on a user profile

1. Go to Setup → Users → Profiles

2. Select the profile assigned to your integration user

3. Under System Permissions, check "API Enabled"

4. Save the profile

Using a Permission Set instead (recommended)

Rather than modifying a shared profile, create a dedicated permission set for API access and assign it to your integration user. This keeps your profile settings clean and makes it easy to audit which users have API access.

5. Setup → Permission Sets → New

6. Under System Permissions, enable "API Enabled"

7. Save, then assign to your integration user via Manage Assignments

Salesforce Integration User license

Salesforce introduced a dedicated Integration User license designed for API-only access. Unlike a standard user license, it restricts the user to API access only (no UI login) and is priced lower. If you're setting up a dedicated service account for your integration, this is the right license to use. Find it under Setup → Users → New User → User License → Salesforce Integration.

‍

6. Exploring Salesforce API Endpoints

Key Salesforce API Endpoints

Salesforce Lead API

Manage potential customers using the Lead object:

• Create a Lead: POST /services/data/vXX.X/sobjects/Lead/
• Retrieve a Lead: GET /services/data/vXX.X/sobjects/Lead/{LeadId}
• Update a Lead: PATCH /services/data/vXX.X/sobjects/Lead/{LeadId}
• Delete a Lead: DELETE /services/data/vXX.X/sobjects/Lead/{LeadId}

Salesforce User API

Handle user accounts and permissions:

• Create a User: POST /services/data/vXX.X/sobjects/User/
• Retrieve a User: GET /services/data/vXX.X/sobjects/User/{UserId}
• Update a User: PATCH /services/data/vXX.X/sobjects/User/{UserId}
• Deactivate a User: Set the IsActive field to false.

Salesforce Open API

Salesforce provides an Open API specification for its REST API, enabling:

• Standardized API Definitions: Simplify client library generation.
• Improved Documentation: Facilitate better understanding of API endpoints.
• Enhanced Collaboration: Help teams work more efficiently with consistent API contracts.

Salesforce Account API

Manage company and organisation records:

- Create an Account: POST /services/data/vXX.X/sobjects/Account/

- Retrieve an Account: GET /services/data/vXX.X/sobjects/Account/{AccountId}

- Update an Account: PATCH /services/data/vXX.X/sobjects/Account/{AccountId}

- List all Accounts (SOQL): GET /services/data/vXX.X/query/?q=SELECT+Id,Name,Industry+FROM+Account

Checking your remaining API calls

To see how many API calls you have left before hitting your daily limit:

• GET /services/data/vXX.X/limits

• Look for "DailyApiRequests" in the response — it returns both the daily limit and the remaining count.

• Call this endpoint at the start of batch operations to confirm you have sufficient headroom.

‍

Crafting Effective API Requests

Using HTTP Methods with Salesforce APIs

• GET: Retrieve data or query records.
• POST: Create new records.
• PATCH: Update existing records.
• DELETE: Remove records.

Ensure you use the correct method and endpoint for each operation to avoid errors.

Handling JSON Responses

Salesforce APIs typically return JSON responses:

• Success Responses:

Contain fields like id, success, and errors.

Example:

{

  "id": "00Q1I000004W2XxUAK",

  "success": true,

  "errors": []

}

• Error Responses:

Provides error codes and messages. Properly parsing these responses is crucial for handling the results of your API calls.

Example:
{

  "message": "Required fields are missing: [LastName]",

  "errorCode": "REQUIRED_FIELD_MISSING",

  "fields": ["LastName"]

}

7. Salesforce API Rate Limits & Governor Limits

Hitting Salesforce's API limits in production is one of the most common integration failures — and one of the easiest to avoid if you planfor them upfront.

Daily API request limits by edition

These limits reset every 24 hours on a rolling basis, not at midnight. Your Salesforce org's limit details are visible under Setup → Company Information → API Requests, Last 24 Hours.

Bulk API 2.0 limits (separate from REST limits)

• Bulk API 2.0 jobs do not count against your daily REST API call limit — they have their own governor.

• Max 10,000 Bulk API 2.0 jobs per rolling 24-hour period per org.

• Max 150 million records processed per rolling 24-hour period.

• Use Bulk API 2.0 any time you're processing more than 2,000 records — it's purpose-built for it.

Streaming API limits

• Max 1,000 concurrent clients per org (across all channels).

• Max 100 PushTopic or StreamingChannel objects per org.

• Message delivery guaranteed for clients connected within the 24-hour replay window.

Best practices to stay within limits

• Cache responses where the data doesn't change frequently — don't call the API on every page load.

• Use SOQL queries with specific field lists (SELECT Id, Name FROM Contact) rather than retrieving full objects to reduce payload and processing time.

• Implement exponential backoff when you receive REQUEST_LIMIT_EXCEEDED — wait, then retry with increasing delays.

• Switch to Bulk API 2.0 for any batch operation above 2,000 records.

• Monitor usage via GET /services/data/vXX.X/limits and set up API Usage Notifications in Setup to alert you before you hit 80% of your daily limit.

‍

8. Building Your Salesforce API Integration

‍

Building Customer-Facing Salesforce Integrations

If you're a SaaS developer, there's a version of this problem that's harder than it looks: you need to let your customers connect your product to their Salesforce org. Not just one org — potentially hundreds of different customer orgs, each with different custom fields, different object configurations, and different API versions.

The challenge with direct Salesforce connectors

Building a direct connector to Salesforce works fine for the first customer. By the tenth, you start running into problems:

• Every customer's Salesforce schema is different. Custom fields, custom objects, different field names for the same concept ("Deal Value" in one org, "Opportunity Amount" in another).

• OAuth token management per customer org — you need to store, refresh, and handle expiry for each customer's credentials separately.

• API version drift — Salesforce releases three major API versions per year. Connectors built against v57.0 may behave differently against v62.0.

• Support load — when a customer's integration breaks (and it will), you're debugging their specific Salesforce configuration.

The unified API alternative

Knit's unified CRM API lets you integrate once and support Salesforce plus other CRMs (HubSpot, Pipedrive, Zoho) through a single normalised data model. Instead of writing against each CRM's different schema, you work with consistent Knit objects — Contact, Account, Deal, Activity — and Knit handles the translation to each underlying CRM.

• One integration covers Salesforce + other CRMs your customers use

• Knit handles OAuth per customer org — your platform never stores raw Salesforce credentials

• Normalised schema: a Knit Contact object has the same fields regardless of whether the source is Salesforce, HubSpot, or Pipedrive

• Real-time sync via Knit webhooks — no polling required

When to build direct vs. when to use a unified API

Documentation for Knit's CRM API: developers.getknit.dev

‍

Building 1:1 Integration with Salesforce

Make Your First Salesforce API Call

Setup and Authentication Process

Here is an Authenticate using the OAuth 2.0 Username-Password flow. You can use the username-password flow to authorize a client via a connected app that already has the user’s credentials.

Steps for the username password flow:

1. The connected app requests an access token by sending the user’s login credentials to the Salesforce API token endpoint.
2. After verifying the request, Salesforce grants an access token to the connected app.
3. The connected app can use the access token to access the protected data on the user’s behalf.

Understanding the parameter description, request, and response of access tokens in the salesforce API authentication flow is crucial.

Salesforce API Integration Code Example

Creating a new Account:

curl https://MyDomainName.my.salesforce.com/services/data/v62.0/sobjects/Account/ -H "Authorization: Bearer token" -H "Content-Type: application/json" -d "@newaccount.json"‍

Example of request body
{
  "Name" : "Express Logistics and Transport"
}

Example response body after successfully creating a new Account
{
  "id" : "001D000000IqhSLIAZ",
  "errors" : [ ],
  "success" : true
}

Advanced Integration Techniques

Utilizing Salesforce API User for Enhanced Control

Programmatically manage user accounts:

• Automate User Provisioning: Create users when onboarding new employees.
• Adjust Permissions: Update user roles and profiles based on their position.
• Deactivate Users: Automatically deactivate accounts when someone leaves the company.

Automating Lead Management with Salesforce API Lead

Enhance sales processes:

• Lead Assignment: Assign leads to sales reps based on territory or product interest.
• Lead Qualification: Update lead statuses based on interactions or data changes.
• Notification Systems: Trigger alerts when high-priority leads are created.

Leveraging Salesforce Open API for Flexibility

Use the Open API specification to:

• Generate Client Libraries: Auto-create code for interacting with Salesforce APIs in various programming languages.
• Standardize Integrations: Ensure consistent implementation across different applications.
• Simplify Documentation: Provide clear API details for your development team.

9. Common Salesforce Integration Patterns

CRM ↔ Marketing automation (internal)

Trigger: a new Lead is created or updated in Salesforce. Action: create or update the corresponding contact in HubSpot, Marketo, or another marketing platform. Implementation: use Streaming API (PushTopic on Lead) to detect changes in real-time, then REST API to read the full Lead record and push it to the marketing platform.

Salesforce ↔ Billing / ERP (internal)

Trigger: an Opportunity is marked Closed Won in Salesforce. Action: generate an invoice or contract record in the billing system (e.g., Zuora, QuickBooks, NetSuite). Implementation: PushTopic on Opportunity.StageName, REST API to read deal details, then push to billing via that system's API. Use Bulk API 2.0 for end-of-month reconciliation syncs.

Salesforce ↔ Support tools (internal)

Sync Salesforce Cases to Zendesk or Intercom, or let support agents see Salesforce account and deal data in the helpdesk without leaving it. Implementation: Streaming API on Case object to detect new/updated cases, REST API to read case details, push to support tool API. Reverse sync: support tool webhooks trigger REST API PATCH on the Salesforce Case.

Customer-facing: CRM data in your SaaS product

Your SaaS product needs to pull contact, deal, or account data from a customer's Salesforce org and display it or act on it within your product. The customer connects their Salesforce account via OAuth, and your platform syncs their CRM data. At scale across many customers (each with different Salesforce schemas), this is where a unified API like Knit adds the most value — you receive normalised Contact and Deal objects regardless of how each customer's org is configured.

AI agents reading Salesforce data

AI agents (built on Claude, GPT-4, or other LLMs) increasingly need access to live CRM data for sales intelligence, pipeline analysis, and customer context. Knit's MCP Server exposes Salesforce contact, account, and deal data in a format AI agents can query directly — without requiring the agent to understand Salesforce's SOQL query language or API structure.

Bulk data migration

Moving 500K+ records from a legacy CRM into Salesforce. Always use Bulk API 2.0 for this — never REST API. Upload CSV batches of up to 150 million records per 24h. Monitor job status via GET /services/data/vXX.X/jobs/ingest/{jobId} and handle failed record batches via the failedResults endpoint.

‍

10. Enhance Your Workflow with Knit

How Knit Supports Salesforce API Integration

Knit offers a unified API platform that simplifies integration with Salesforce and other services.

Features and Benefits

• Single API Interface: Interact with multiple services using one consistent API.
• Simplified Authentication: Knit handles OAuth flows and token management.
• Data Normalization: Standardizes data formats across different platforms.

Integration Capabilities

• Cross-Platform Connectivity: Connect Salesforce with other tools like HubSpot, Zendesk, or custom applications.
• Workflow Automation: Streamline processes that involve multiple systems.
• Scalability: Easily scale your integrations as your business grows.

Preparing for Integration with Knit

Requirements and Setup Steps

1. Sign Up for Knit:
   1. Visit the Knit and create an account suitable for your needs.
2. Obtain API Credentials:
   1. Access your Knit dashboard to retrieve your API key and secret.‍
3. Complete the integration with Knit:
   1. Follow the guided getting started flow
4. Obtain a Salesforce Sandbox
   1. Test your integration in the sandbox
5. Move to production
   1. Go live with your customers. Authenticate the integration using Knit's in-build auth component

Configuring Accounts and Permissions

• Ensure Proper Permissions:
  • Verify that the Salesforce user account has access to the required objects and fields.
  • Adjust field-level security if needed.
• Set OAuth Scopes:
  • During configuration, select appropriate scopes to limit access appropriately.

Integrate Salesforce APIs with Knit

Authenticating with Knit and Salesforce APIs

Knit simplifies authentication by managing tokens and sessions internally. You only need to use your Knit API key for requests.

Automating Processes Using Knit

By leveraging Knit, you can:

• Synchronize Data: Automatically sync contacts, leads, and other records between Salesforce and other systems.
• Trigger Workflows: Initiate processes in response to events, like creating a support ticket when a high-priority lead is identified.
• Normalize Data: Work with consistent data formats, reducing the need for custom parsing or transformation.

Best Practices:

• Error Handling: Implement try-except blocks to manage exceptions.
• Logging: Keep logs of API requests and responses for debugging.
• Data Validation: Ensure data meets the required formats before sending.

Salesforce and Knit Object-Field Mapping

Understanding how fields map between Salesforce and Knit is crucial. Here's a table illustrating common mappings:

Using this mapping ensures that data is correctly transferred between systems.

Test and Validate Your Integration

• Automate Tests: Implement automated testing for continuous integration.
• Authentication Failures: Check API keys and permissions.
• Data Mismatches: Verify field mappings and data formats.
• API Limit Exceeded: Monitor API usage to stay within limits.

‍

11. Best Practices for a Strong Salesforce API Integration

Secure Your Salesforce API Data

Data Protection Strategies

• Encrypt Data in Transit: Use HTTPS for all API calls.
• Secure Storage: Protect API keys and tokens using environment variables or secure vaults.
• Access Controls: Limit permissions to only what is necessary for the integration.

Compliance Considerations

• GDPR: Ensure compliance when handling data of EU citizens.
• CCPA: Adhere to regulations for California residents' data.
• HIPAA: If dealing with health information, follow HIPAA guidelines.

Optimize Salesforce API Usage

Efficient API Call Management

• Use Bulk API for Large Data: Optimize performance when dealing with large datasets.
• Implement Caching: Reduce unnecessary API calls for data that doesn't change frequently.
• Monitor Usage Limits: Keep track of API limits to avoid service interruptions.

Performance Optimization Tips

• Selective Data Retrieval: Only request necessary fields to reduce payload size.
• Asynchronous Processing: Use asynchronous calls for operations that don't require immediate results.
• Optimize Queries: Use efficient SOQL queries to improve response times.

Monitor and Log Salesforce API Activity

Setting Up Monitoring Tools

• Salesforce Event Monitoring: Track API usage and performance.
• Real-Time Monitoring: It helps you monitor and detect standard events in salesforce in near real-time.
• Third-Party Tools: Use services like New Relic or Datadog for advanced monitoring.

Analyzing API Logs for Insights

• Identify Patterns: Detect anomalies or unusual activity.
• Optimize Performance: Use logs to find and fix bottlenecks.
• Enhance Security: Monitor for unauthorized access attempts.

12. Overcome Challenges and Access Support

Identify Common Salesforce API Integration Issues

• Authentication Errors‍
  • These errors often arise due to incorrect credentials, expired tokens, or misconfigured OAuth settings. ‍
  • Example: The "INVALID_SESSION_ID" error indicates that the session has expired or the access token is invalid, requiring re-authentication.‍
  • Resolution: Re-authenticate by obtaining a new access token and verify that your credentials are correct.

• Authorization Errors ‍
  • These errors often arise when the user lacks the necessary permissions to perform specific access.‍
  • Example: The "INSUFFICIENT_ACCESS" error indicates that the user lacks permission to access certain resources.‍
  • Resolution: Check the user profile and permission sets.

• Runtime Errors‍
  • These errors often arise when you do not provide correct resources, request invalid operations or exceeded API Limits.‍
  • Example: The "REQUEST_LIMIT_EXCEEDED" error indicates that you have exceeded the API Call limits.‍
  • Resolution: Reduce unnecessary calls by optimizing and monitoring usage.

• Validation Errors‍
  • These errors often arise when your data doesn’t meet the salesforce’s data and parameter requirements.‍
  • Example:  "INVALID_FIELD_FOR_INSERT_UPDATE" error indicates that an invalid field is provided for insert or update operation.‍
  • Resolution: Ensure you have provided the required fields for the API call.

Effective Troubleshooting Tips

• Review Detailed Error Messages‍
  • Salesforce provides specific error codes and messages that pinpoint issues.

• Check and Update Credentials‍
  • Ensure that your API keys, access tokens, and passwords are correct and not expired. If using OAuth 2.0, verify that your refresh token flow is correctly set up to handle token expiration seamlessly.

• Verify User Permissions and Access Rights‍
  • Confirm that the integration user has the necessary permissions by reviewing their profile and assigning permission sets. Make sure they have access to required objects, and fields, and that "API Enabled" is checked in their profile settings.

• Monitor and Manage API Usage‍
  • Use Salesforce's "API Usage Notifications" to set up alerts when approaching limits. Implement efficient coding practices like bulkification to reduce the number of API calls and stay within allocated limits.

When to Seek Professional Help

• Persistent Integration Errors: Consult a Salesforce developer if persistent "MALFORMED_QUERY" errors persist despite troubleshooting.
• Complex Multi-System Integrations: Hire an integration specialist for complex multi-system setups to ensure data consistency and reliability.
• Security and Compliance Challenges: Engage a compliance expert when handling sensitive data under regulations like GDPR or HIPAA to meet legal requirements and protect customer information.

13. Stay Updated with Salesforce API Changes

Upcoming Salesforce API Features

Future Enhancements

• AI Integrations: Expanded capabilities with Salesforce Einstein for predictive analytics.

How to Prepare for Updates

• Salesforce Release Notes: Salesforce provides updates regarding enhancement, bug fixes and new features in release notes.
• Participate in Beta Programs: Gain early access to new features.
• Test in Sandbox Environments: Assess the impact of updates by testing in sandbox environment before deploying to production.

Keeping Your Integration Up-to-Date

Regular Maintenance Practices

• Field Service Maintenance Plans: This helps you to define maintenance visits frequency and to generate work orders for future visits.
• Schedule Reviews: Periodically evaluate your integration's performance and relevance.
• Update Dependencies: Keep libraries and SDKs current.
• Monitor Deprecations: Adapt your integration ahead of deprecated features being removed.

Leveraging Salesforce Resources

• Trailhead Learning Modules: Enhance your skills with Salesforce's educational content.
• Developer Forums: Engage with the community to share knowledge and solutions.
• Official Documentation: Refer to Salesforce's API documentation for accurate information.

API versioning strategy for customer-facing integrations

If you're building a customer-facing Salesforce integration, API versioning is a more significant concern than for internal tools — because you can't control when your customers' orgs upgrade or how their Salesforce admins configure API version settings.

• Always specify an explicit API version in your endpoint paths (e.g., /services/data/v62.0/) rather than using "latest" — this prevents silent behaviour changes when Salesforce ships a new version.

• Test against new Salesforce releases in a developer sandbox before your customers' orgs auto-upgrade. Salesforce publishes a release calendar 90 days in advance.

• If using a unified API provider like Knit, API versioning is handled by the platform — your integration code stays stable as Salesforce versions change.

‍

14. Conclusion

Get Started with Salesforce API Integration

Salesforce's API surface is broad, but the decision of which API to use for which job follows a clear pattern: REST for standard operations, Bulk for large datasets, Streaming for real-time events, Metadata for configuration. Get authentication right upfront — use a dedicated integration user with the correct license and permission set — and plan for rate limits before you hit production.

If you're building an internal Salesforce integration, the Salesforce REST API and the resources in this guide are everything you need to get started. The official Trailhead module and Salesforce Developer Documentation are the authoritative references for anything not covered here.

Building Salesforce integrations for your customers?

If your SaaS product needs to connect to customers' Salesforce orgs — pulling contacts, deals, account data, or activities — Knit's unified CRM API handles the hard parts: OAuth per customer org, schema normalisation across Salesforce and other CRMs, and real-time sync without polling.

• One Knit integration → Salesforce + HubSpot + Pipedrive + more through a single normalised CRM data model

• Knit handles token storage and refresh per customer org — your platform never holds raw Salesforce credentials

• Consistent Contact, Account, Deal, and Activity objects regardless of each customer's Salesforce schema

• Real-time sync via webhooks with a 99.9% uptime SLA

Documentation: developers.getknit.dev   Schedule a demo: getknit.dev/book-demo

‍

15. Frequently Asked Questions

Q1: What is Salesforce API integration?

Salesforce API integration is the process of connecting external applications to Salesforce using one of its APIs — REST, SOAP, Bulk, Streaming, Metadata, GraphQL, or Connect. This allows external systems to read, create, update, or delete Salesforce records, subscribe to real-time data changes, or deploy configuration changes. Integrations can be internal (connecting Salesforce to your own tools) or customer-facing (built into a SaaS product so your customers can connect their Salesforce orgs to your platform).

Q2: How many types of API does Salesforce have?

Salesforce has seven primary APIs: REST API (standard CRUD operations), SOAP API (enterprise XML-based integrations), Bulk API 2.0 (asynchronous batch operations for large datasets), Streaming API / Pub/Sub API (real-time change notifications), Metadata API (deploying configurations and schema changes), GraphQL API (precise field-level queries), and Connect REST API (Chatter, Communities, and Experience Cloud). For most integrations, REST API is the right starting point. Use Bulk API 2.0 for any operation involving more than 10,000 records.

Q3: How do I authenticate with the Salesforce API?

Salesforce uses OAuth 2.0 for API authentication. The standard flow for server-to-server integrations is the Username-Password OAuth flow: POST to https://login.salesforce.com/services/oauth2/token with grant_type=password, your Connected App's client_id and client_secret, your username, and your password concatenated with your security token. The response includes an access_token to include in subsequent API request headers as "Authorization: Bearer {token}". For customer-facing integrations where your customers authenticate their own Salesforce orgs, use the Web Server OAuth flow instead.

Q4: Which Salesforce API should I use?

Use REST API for standard create, read, update, delete operations on Salesforce objects — it covers the vast majority of integration use cases. Switch to Bulk API 2.0 when processing more than 10,000 records — REST API will hit governor limits fast at that scale. Use Streaming API / Pub/Sub API when you need real-time notifications of record changes rather than polling. Use Metadata API only for deploying configuration changes (custom fields, layouts). If you're building a customer-facing integration across multiple CRMs, a unified API like Knit normalises Salesforce data alongside HubSpot, Pipedrive, and others through a single endpoint.

Q5: What are Salesforce API rate limits?

Salesforce's daily API request limit depends on your edition and license provisioning. Enterprise edition starts at 100,000 requests per 24 hours and increases based on your provisioned licenses. Unlimited and Performance editions have a higher base allocation. Developer orgs get 15,000 per day. The daily limit is a soft limit — Salesforce won't immediately block you at the threshold, but sustained excess will trigger a hard HTTP 403 REQUEST_LIMIT_EXCEEDED. Bulk API 2.0 has separate limits and does not count against the REST API daily quota. Check your remaining calls via GET /services/data/vXX.X/limits and set up API Usage Notifications in Setup to alert you before you hit your limit.

Q6: Can I use the Salesforce API on Professional edition?

Professional edition does not include API access by default. You need to purchase the API Access add-on from Salesforce. Enterprise, Unlimited, Performance, and Developer editions include API access. If you're setting up a dedicated integration user, the Salesforce Integration User license is designed for API-only access at a lower per-seat cost than a standard user license — configure it under Setup → Users → User License → Salesforce Integration.

Q7: What is the easiest way to build a Salesforce integration into my SaaS product?

If you only need Salesforce, build directly against the Salesforce REST API. If you need to support multiple CRMs (Salesforce plus HubSpot, Pipedrive, or others) for different customers, a unified API like Knit is significantly faster: you integrate once with Knit and get normalised CRM data across all supported platforms through a consistent data model. Knit handles OAuth per customer org, schema normalisation, and API versioning — so your product code stays stable as Salesforce versions change. See developers.getknit.dev for the CRM API documentation.

‍

‍

Reference 

1. Rest API
2. Oauth
3. Create API
4. Guide to Salesforce API
5. Salesforce Marketing CRM.
6. Salesforce Integration Understanding
7. Understanding Salesforce
8. What When of Salesforce API
9. When to use Salesforce API
10. What is Salesforce API
11. Types of Integration Solution
12. Authentication Provider
13. Apex Dev Guide
14. Rest API Java
15. Customer Stories
16. Uber Eats Customer Success
17. World Economic Forum Customer Success
18. Create a Record API
19. Simple Salesforce‍