Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including salesforce-node-client with all npm packages installed. Try it out:

var salesforceNodeClient = require("salesforce-node-client")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

salesforce-node-client v1.2.3

Node client library for Salesforce services (OAuth2, Data and Apex REST)

Build Status

Salesforce Node Client

Table of Content

  • About
  • Installation
  • Documentation
    • Declaring your application in Salesforce
    • Configuring and instantiating the client
    • Authenticating
    • Interacting with Salesforce data
    • Interacting with Apex REST resources
  • Changelog


Node.js client library for the Salesforce Platform.

This library provides access to the following Salesforce Platform services:

  • Authentication through OAuth 2.0
  • Data through Salesforce Platform REST APIs
  • Apex REST resources

This client is provided “as is“ without any warranty or support. Salesforce does not officially endorse it.

The authentication service of this project is largely inspired by cangencer's project.

Sample application
A sample React.js application that integrates with Salesforce using this client can be found in this repository.
Even if you are not familiar with React.js, the Node.js backend code is worth looking at.


This project can be installed through NPM:

$ npm install salesforce-node-client --save


Declaring your application in Salesforce

Before being able to interact with the Salesforce Platform with your application, you will have to declare it as a connected application:

  1. Log in your Salesforce administrator account
  2. Access Setup
  3. Type 'App' in the quick find box and navigate to Build > Create > Apps
  4. Scroll down and click 'New' in the 'Connected Apps' section
  5. Fill in the required fields in the 'Basic Information' section
  6. Check 'Enable OAuth Settings', this will open some additional settings
  7. Provide a callback URL (this is an endpoint belonging to your application that should match auth.callbackUrl specified in the client configuration later)
  8. Select your OAuth scope(s) ('api' is a good start)
  9. Save your settings

Configuring and instantiating the client

The first thing that you need to do to use this project is to set its configuration and create a client instance.

There are two options to configure the client:

Option 1: instantiating the client with a configuration object

const SalesforceClient = require('salesforce-node-client');

// Settings for Salesforce connection
const sfdcConfig = {
  // OAuth authentication domain
  // For production or a Developer Edition (DE) use
  domain: '',
  // For a sandbox use
  //domain : '',

  // URL called by Salesforce after authorization and used to extract an authorization code.
  // This should point to your app and match the value configured in your App in SFDC setup)
  callbackUrl: 'http://localhost:3000/auth/callback',

  // Set of secret keys that allow your app to authenticate with Salesforce
  // These values are retrieved from your App configuration in SFDC setup.
  // NEVER share them with a client.
  consumerKey: 'your consumer key',
  consumerSecret: 'your consumer secret key',

  // Salesforce API version
  apiVersion: 'v41.0'

// Instantiate Salesforce client with configuration
const sfdcClient = new SalesforceClient(sfdcConfig);

Option 2: instantiating the client with Node.js environment variables

Ensure that the Node.js environment variables (process.env) contains the same keys/values as the sfdcConfig object in option 1 before calling the client constructor. You can set environment variables in several ways but I recommend storring them in a .env file and loading them with dotenv when the server starts.

const SalesforceClient = require('salesforce-node-client');

// Instantiate Salesforce client with Node.js environment variables.
// It's your responsibility to set those ahead of this call or you will get an error.
const sfdcClient = new SalesforceClient();

Once the client is instantiated with either options, you may access the underlying client services with these properties:

  • auth for the authentication service
  • data for the data service
  • apex for the apex REST service


Prior to performing any operation, you will need to authenticate with Salesforce.

There are two authentication methods available:

  • Standard user authentication (requires a browser).
  • Password authentication for non-browser operations such as programmatic access.

Standard user authentication mode

The first step in standard user authentication is to generate the authorization URL with your OAuth scope(s) (API only in in this example) and redirect the user to it:

// Redirect to Salesforce login/authorization page
var uri = sfdc.auth.getAuthorizationUrl({scope: 'api'});
return response.redirect(uri);

The user will authorize your application to connect to Salesforce and will be redirected to the auth.callbackUrl URL you specified in the client configuration.
Important: the callback URL you specified in the client configuration MUST match your connected applications settings in Salesforce.

The user will be redirected to that call back URL with an authorization code passed as a query parameter.
The Node client library will use that code (request.query.code in the following example) to authenticate with Salesforce. The, once the authentication is completed:

  1. persist the response payload in a server-side session (you will need this for all further operations)
  2. redirect the user to your application's home page
// Authenticate with Salesforce
sfdc.auth.authenticate({'code': request.query.code}, function(error, payload) {
    // Store the payload content in a server-side session
    // Redirect your user to your app's home page

The authenticate response payload is an object with the following format:

idURL that represents logged in user
issued_atTimestamp of token creation
refresh_tokenLong-lived token that may be used to obtain a fresh access token on expiry of the access token
instance_urlURL that identifies the Salesforce instance to which API calls should be sent
access_tokenShort-lived access token
signatureHash used to sign requests sent to Salesforce (the client library will take care of that for you)

Password authentication mode

In order to perform password authentication, use the following:

// Authenticate with Salesforce
    'username': 'the user name',
    'password': 'the user password',
}, function(error, payload) {
    // Store the payload content in a server-side session
    // Do something

Logging out

You may log out a user of your application by revoking his access token accessToken with the following code:

// Revokes your user's access to Salesforce
sfdc.auth.revoke({'token': accessToken}, function(error) {
    // Do something

Important: revoking a user's access token logs the user out of your application but not Salesforce.

Interacting with Salesforce data

Once you have authenticated, you may perform various operations on the Salesforce Platform.

For all operations, you will need the response payload of auth.authenticate or auth.password. We will refer to it as sfdcSession.

Interacting with Salesforce data

Interactions with Salesforce data performed with this client are handled with REST APIs in two steps.

First, prepare the request options and sign it with the client by calling data.createDataRequest. To do so, you will need to provide two paramters:

  • sfdcSession the session information
  • resourceUrlSuffix a string containing the location of the REST resource you wish to interact with (you may use the REST Explorer from the Workbench to get the right URL).

Finally, send the request with the HTTP verb of your choice and process the response.

// Prepare Salesforce request options with a SOQL query that lists users
var query = encodeURI('SELECT Id, Name FROM User LIMIT 10');
var apiRequestOptions =, 'query?q='+ query);
// Send an HTTP GET request with our options
httpClient.get(apiRequestOptions, function (error, payload) {
    // Do something

Retrieving the currently logged user

As a convenience, you can retrieve the currently logged in user with this call:

// Request logged user info, function (error, userData) {
    // Do something

Interacting with Apex REST resources

Apex REST resources can be called in the following way:

// Builds a REST query to a custom Apex resource
var apiRequestOptions = sfdc.apex.createApexRequest(sfdcSession, 'MyCustomApexResource/001B000000RS9WWIA1');
// Send an HTTP GET request with our options
httpClient.get(apiRequestOptions, function (error, payload) {
    // Do something
RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free