Salesforce OAuth Scopes

To seamlessly integrate your AI testing pipeline with Salesforce, Jataka uses a Connected App authorized through OAuth 2.0. Because Jataka runs as an automated testing robot in CI/CD and scheduled workflows, it requires scoped permissions that allow secure, unattended execution without manual login on each run.

Scope Breakdown

api (Manage user data via APIs)
- Plain English: Allows Jataka to communicate with Salesforce over REST and SOAP APIs.
- Why needed: Core automation channel for reading metadata, executing validation logic, and writing test outcomes.
refresh_token, offline_access (Perform requests at any time)
- Plain English: Allows Jataka to maintain a persistent secure session in the background.
- Why needed: Enables unattended pipeline and scheduled test execution without requiring repeated user re-authentication.
web (Manage user data via Web browsers)
- Plain English: Allows token-based web session usage.
- Why needed: Supports deep-linking from Jataka dashboards to Salesforce pages for failed runs and diagnostics.
full (Full access)
- Plain English: Grants access to all data/metadata that the authorizing user can access.
- Why needed: Ensures complete test coverage across custom objects, Apex, Flows, and cross-domain configurations.

Getting Started

Features

Integrations

Permissions and Scopes

Salesforce

Salesforce OAuth Scopes

Scope Breakdown

Getting Started

Features

Integrations

Permissions and Scopes

Documentation Index

​Salesforce OAuth Scopes

​Scope Breakdown

Salesforce OAuth Scopes

Scope Breakdown