Skip to main content

Salesforce API Endpoints

The Salesforce REST API endpoints, authentication, pagination, and request limits the Salesforce integration uses.

This article lists the Salesforce REST API endpoints that the iPaaS.com integration uses to move Account and Contact data between Salesforce and iPaaS.com. All paths are part of your own Salesforce org's REST API; subscribers do not call them directly, but they are documented here so that you can review the scope of access, audit API usage, and confirm the integration against your Salesforce edition's API allocations.

The integration uses Salesforce REST API version 64.0. Account and Contact records (including their addresses) are read, created, and updated through the standard sObject resources; authentication is handled through the Salesforce OAuth 2.0 token endpoints. The integration does not delete Salesforce records.

Portal/Instance Identifier

Not applicable. Salesforce identifies your org by its My Domain instance URL rather than a separate portal or instance identifier.

Base URL

Staging and Production: Your Salesforce instance (My Domain) URL, for example https://your-domain.my.salesforce.com/.

All endpoints below are relative to this base URL. Replace the bracketed placeholders (for example {id}) with the relevant record identifier. The version segment v64.0 reflects the Salesforce REST API version the integration targets.

Table of Contents

Account Endpoints

Account records, including their billing and shipping address fields, are synced through the standard Account sObject resources.

Get an Account by Id (GET)

Retrieves a single Account record and its fields, including the address fields stored on the record.

[Base URL]/services/data/v64.0/sobjects/Account/{id}

Get changed Accounts for polling (GET)

Returns the Accounts modified since the last poll, used to detect new and updated Accounts on a schedule.

[Base URL]/services/data/v64.0/query/?q=SELECT Id FROM Account WHERE LastModifiedDate >= {lastModifiedDateTime}

Create an Account (POST)

Creates a new Account record, including its address fields.

[Base URL]/services/data/v64.0/sobjects/Account

Update an Account (PATCH)

Updates an existing Account record, including its address fields. Only the fields included in the request are changed; fields that are not sent are left unchanged.

[Base URL]/services/data/v64.0/sobjects/Account/{id}

Contact Endpoints

Contact records, including their mailing address fields, are synced through the standard Contact sObject resources.

Get a Contact by Id (GET)

Retrieves a single Contact record and its fields, including the mailing address fields stored on the record.

[Base URL]/services/data/v64.0/sobjects/Contact/{id}

Get changed Contacts for polling (GET)

Returns the Contacts modified since the last poll, used to detect new and updated Contacts on a schedule.

[Base URL]/services/data/v64.0/query/?q=SELECT Id FROM Contact WHERE LastModifiedDate >= {lastModifiedDateTime}

Create a Contact (POST)

Creates a new Contact record, including its address fields.

[Base URL]/services/data/v64.0/sobjects/Contact

Update a Contact (PATCH)

Updates an existing Contact record, including its address fields. Only the fields included in the request are changed; fields that are not sent are left unchanged.

[Base URL]/services/data/v64.0/sobjects/Contact/{id}

Authorization Endpoint

The integration authenticates to Salesforce using the OAuth 2.0 token endpoints. These are called during connection setup and whenever an access token needs to be refreshed.

Exchange an authorization code for access and refresh tokens (POST)

Used during initial connection to obtain the first access token and refresh token.

[Base URL]/services/oauth2/token

Obtain a new access token using the refresh token (POST)

Used to renew an expired access token without re-authorizing.

[Base URL]/services/oauth2/token

Check the state of an access token (POST)

Used to confirm whether the current access token is still valid.

[Base URL]/services/oauth2/introspect

Pagination

The polling queries use the Salesforce SOQL query resource. When a query result set is larger than a single response can return, Salesforce includes a nextRecordsUrl locator and a done flag in the response. The integration follows the nextRecordsUrl locator with additional GET requests until done is true, so that all changed records in the look-back window are processed. Salesforce determines the batch size automatically; there is no batch-size parameter to configure.

API Request Limits

Each call the integration makes counts against your Salesforce org's API request allocation. Salesforce enforces a Daily API Request Limit, which is the total number of API calls (across REST, SOAP, Bulk, and Connect APIs) your org is entitled to within a rolling 24-hour period. The allocation depends on your Salesforce edition and licenses. Subscribers on lower-volume editions should be mindful that frequent polling and large initial syncs consume API calls; you can review your remaining allocation in Salesforce under the org's API usage tools. If you expect high record volumes, confirm your edition's allocation before enabling the integration.

Salesforce also enforces a separate Concurrent API Request Limit on long-running requests (those that take 20 seconds or more). Production orgs and sandboxes allow up to 25 such concurrent requests, while Developer Edition and trial orgs allow up to 5. The integration's polling and sync calls are normally short, but very large queries during an initial sync can approach this limit if other API clients are active at the same time.

The current per-edition Daily API Request and Concurrent API Request allocations are published by Salesforce in API Request Limits and Allocations (https://developer.salesforce.com/docs/atlas.en-us.salesforce_app_limits_cheatsheet.meta/salesforce_app_limits_cheatsheet/salesforce_app_limits_platform_api.htm), accessed June 30, 2026. Refer to that page for the figures that apply to your edition, as Salesforce updates them over time.

Authentication

Authentication uses the Salesforce OAuth 2.0 web server flow against a Salesforce Connected App in your org. During connection setup, the authorization code is exchanged for an access token and a refresh token at the token endpoint; the access token is renewed from the refresh token as needed. The integration requires the API URL, Consumer Key, and Consumer Secret from your Salesforce Connected App, configured in the iPaaS.com subscription settings. Change capture is schedule/poll-based; there is no inbound Salesforce push-webhook.

Related Documents

External References

Did this answer your question?