Orgs
Registers a new Salesforce organization or updates an existing one.
Requirements:
- sfdxAuthUrl is required (Generate using: sf org:display -u [email protected] --verbose --json)
- The connection is validated before registration
- instanceUrl is optional and will be extracted from sfdxAuthUrl if not provided
Optional fields:
- isDevHub: Mark this org as a DevHub (default: false)
- isDefault: Mark this as the default DevHub - only one org can have this set (default: false)
- metadata: Additional metadata as key-value pairs in JSON format
If an org with the same username exists, it will be updated.
For sandbox registrations without sfdxAuthUrl, use /auth/salesforce/register-sandbox-by-name instead.Instance URL of the Salesforce org (will be extracted from sfdxAuthUrl if not provided)
https://mycompany.my.salesforce.comPattern: https://*.salesforce.comSFDX Auth URL (generated using sf org:display -u [email protected] --verbose --json)
force://CLIENT_ID:CLIENT_SECRET:[email protected]Whether this org is a DevHub
falseWhether this is the default DevHub (only one org can have this set to true)
falseAdditional metadata stored as key-value pairs
{"environment":"production","region":"us-west"}Organization successfully registered/updated
Invalid input or connection failed
POST /sfp/api/auth/salesforce/register HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 277
{
"instanceUrl": "https://mycompany.my.salesforce.com",
"username": "[email protected]",
"sfdxAuthUrl": "force://CLIENT_ID:CLIENT_SECRET:[email protected]",
"isDevHub": false,
"isDefault": false,
"metadata": {
"environment": "production",
"region": "us-west"
}
}{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {}
}Registers a Salesforce sandbox organization using credentials from an already registered production org.
Requirements:
- The production org must be registered first using /auth/salesforce/register
- The sandbox must be created by the same user whose credentials are stored for the production org
- The system will validate the sandbox and retrieve all necessary details automatically
This endpoint is specifically for sandboxes where you don't have the sfdxAuthUrl.
Just-in-time authentication will be used when accessing the sandbox.Name of the sandbox to register
dev1Username of the production org (must be already registered)
[email protected]Sandbox successfully registered
Invalid input or validation failed
Production org not found
POST /sfp/api/auth/salesforce/register-sandbox-by-name HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 65
{
"sandboxName": "dev1",
"productionUsername": "[email protected]"
}{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {}
}Returns a list of all registered Salesforce organizations with optional filtering.
Filter options:
- type: Filter by organization type (e.g., "Production", "Sandbox")
- devhub: Filter to show only DevHub organizations
- metadata: Filter by metadata key-value pairs using either format:
- Comma-separated: key1=value1,key2=value2
- JSON object: {"key1":"value1","key2":"value2"}
Response includes DevHub status, default flag, and metadata for each org.Filter organizations by type (e.g., "Developer Edition", "Production", "Sandbox")
Filter to show only DevHub organizations
Filter by metadata key-value pairs. Format: key1=value1,key2=value2 or JSON object
Include sfdxAuthUrl in response (only for owner role or application tokens)
List of registered organizations
GET /sfp/api/auth/salesforce/orgs HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
List of registered organizations
[
{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {},
"createdAt": "2025-08-14T14:43:22.125Z"
}
]Returns detailed information about a specific registered Salesforce organization. Owner role and application tokens receive additional authentication details.
Username of the Salesforce org to retrieve, or sandbox name for sandboxes with no sfdxAuthUrl
Organization details
Organization not found
GET /sfp/api/auth/salesforce/org?username=text HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {},
"createdAt": "2025-08-14T14:43:22.125Z"
}Removes the stored credentials for a Salesforce organization
Username of the Salesforce org to delete, or sandbox name for sandboxes with no sfdxAuthUrl
Organization successfully deleted
Organization not found
DELETE /sfp/api/auth/salesforce/org?username=text HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
No content
Updates metadata fields of an existing Salesforce organization registration without re-validating the connection.
Updatable fields:
- isDevHub: Mark/unmark as DevHub
- isDefault: Mark/unmark as default DevHub (enforces single default constraint)
- metadata: Update metadata key-value pairs
Note: This endpoint does not validate the Salesforce connection, it only updates metadata attributes.Username of the Salesforce org to update
Whether this org is a DevHub
Whether this is the default DevHub (only one org can have this set to true)
Additional metadata stored as key-value pairs
{"environment":"production","region":"us-west"}Organization successfully updated
Organization not found
PATCH /sfp/api/auth/salesforce/org?username=text HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 93
{
"isDevHub": true,
"isDefault": true,
"metadata": {
"environment": "production",
"region": "us-west"
}
}{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {}
}Tests if the stored credentials for a given org are still valid
Username of the Salesforce org to test, or sandbox name for sandboxes with no sfdxAuthUrl
Connection test results
Organization not found
POST /sfp/api/auth/salesforce/test-connection?username=text HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"isValid": true,
"username": "text",
"orgId": "text",
"organizationType": "text",
"instanceName": "text",
"error": "text"
}Returns the org marked as the default DevHub with authentication details for owner role and application tokens.
Default DevHub organization details
No default DevHub found
GET /sfp/api/auth/salesforce/default-devhub HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"username": "text",
"instanceUrl": "text",
"orgId": "00D1a000000xxxxx",
"organizationType": "Enterprise Edition",
"instanceName": "NA139",
"parentProductionUsername": "text",
"isJitRegistration": true,
"isDevHub": true,
"isDefault": true,
"metadata": {},
"createdAt": "2025-08-14T14:43:22.125Z"
}Returns or redirects to a frontdoor URL for a sandbox or scratch org.
The endpoint will check in order:
1. Registered orgs with stored auth URLs
2. Pool instances (if repository is provided)
3. Dynamic generation using production org credentials
For pool instances, the repository parameter is required to ensure the correct sandbox is accessed.Scratch org username, sandbox name, or pool instance name
Repository identifier (org/repo) to search for pool instances
Production org username (for dynamic sandbox generation)
Redirect to frontdoor URL (default true)
GET /sfp/api/auth/salesforce/frontdoor?target=text HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
No content
Was this helpful?