
How to add Salesforce DX MCP Server to Cursor
Salesforce's official DX server: run SOQL, deploy and retrieve metadata, run Apex tests and manage orgs from your agent. Paste the config into ~/.cursor/mcp.json and restart Cursor.
Last updated June 14, 2026 · 432★ · stdio · oauth · official
Cursor config for Salesforce DX MCP Server
npx -y @salesforce/mcp --orgs DEFAULT_TARGET_ORG --toolsets orgs,metadata,data,users{
"mcpServers": {
"salesforce-dx-mcp-server": {
"command": "npx",
"args": [
"-y",
"@salesforce/mcp",
"--orgs",
"DEFAULT_TARGET_ORG",
"--toolsets",
"orgs,metadata,data,users",
"--tools",
"run_apex_test",
"--allow-non-ga-tools"
]
}
}
}Setup steps
- 1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
- 2Paste the Salesforce DX MCP Server config below into the "mcpServers" object.
- 3Fill in placeholder secrets, then save.
- 4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
- 5Ask Cursor to use one of Salesforce DX MCP Server's tools to confirm it's connected.
Before you start
- Node.js 18+ with npx
- Salesforce CLI installed and at least one org authorized (`sf org login web`)
- A Salesforce DX project for metadata deploy/retrieve workflows
What Salesforce DX MCP Server can do in Cursor
get_usernameResolve the right username/alias for an operation, handling default orgs and Dev Hubs
resume_tool_operationResume a long-running operation started by another tool
run_soql_queryRun a SOQL query against a Salesforce org
deploy_metadataDeploy metadata from your DX project to an org
retrieve_metadataRetrieve metadata from an org into your DX project
list_all_orgsList all locally-configured orgs, optionally checking connection status
create_scratch_orgCreate a scratch org (NON-GA)
create_org_snapshotCreate a scratch org snapshot (NON-GA)
Security
No credentials live in the config — the server reuses orgs you've already authorized through the Salesforce CLI, restricted to the --orgs allowlist you set (avoid ALLOW_ALL_ORGS). Telemetry is on by default (--no-telemetry disables it), and pre-GA tools stay off unless you explicitly pass --allow-non-ga-tools.
Salesforce DX MCP Server + Cursor FAQ
Where is the Cursor config file?
Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the Salesforce DX MCP Server config there under the "mcpServers" key and restart the client.
Is Salesforce DX MCP Server safe to use with Cursor?
No credentials live in the config — the server reuses orgs you've already authorized through the Salesforce CLI, restricted to the --orgs allowlist you set (avoid ALLOW_ALL_ORGS). Telemetry is on by default (--no-telemetry disables it), and pre-GA tools stay off unless you explicitly pass --allow-non-ga-tools.
Is the Salesforce DX MCP Server safe to point at production orgs?
The access model is conservative — only locally pre-authorized orgs on your --orgs allowlist are reachable, and no secrets are stored in config. But tools like deploy_metadata and delete_org write to orgs, so the sane default is scratch orgs and sandboxes, with production access left off the allowlist.
Do I need the Salesforce CLI installed?
Effectively yes. The server piggybacks on Salesforce CLI authentication, so each org must be authorized with `sf org login web` (or the VS Code equivalent) before the MCP server can use it.
Which toolsets should I enable?
Start with `orgs,data,metadata,testing` for a typical dev loop and add `code-analysis` or `devops` when needed. Salesforce recommends against `all` — the 60+ tool catalog eats context. Individual tools can be cherry-picked with --tools.