No description, website, or topics provided.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.



Please use the original version instead:

That version is being actively maintained.


A ruby gem for the Salesforce REST api.


  • A clean and modular architecture using Faraday middleware and Hashie::Mash'd responses.
  • Support for interacting with multiple users from different orgs.
  • Support for parent-to-child relationships.
  • Support for aggregate queries.
  • Support for the Streaming API
  • Support for blob data types.
  • Support for GZIP compression.
  • Support for custom Apex REST endpoints.
  • Support for dependent picklists.
  • Support for decoding Canvas signed requests. (NEW!)


Add this line to your application's Gemfile:

gem 'force'

And then execute:

$ bundle

Or install it yourself as:

$ gem install force


Force is designed with flexibility and ease of use in mind. By default, all api calls will return Hashie::Mash objects, so you can do things like client.query('select Id, (select Name from Children__r) from Account').Children__r.first.Name.


Which authentication method you use really depends on your use case. If you're building an application where many users from different orgs are authenticated through oauth and you need to interact with data in their org on their behalf, you should use the OAuth token authentication method.

If you're using the gem to interact with a single org (maybe you're building some salesforce integration internally?) then you should use the username/password authentication method.

OAuth Token Authentication

client = :instance_url => '',
                   :oauth_token => '...'

Although the above will work, you'll probably want to take advantage of the (re)authentication middleware by specifying a refresh token, client id and client secret:

client = :instance_url => '',
                   :oauth_token => '...',
                   :refresh_token => '...',
                   :client_id => '...',
                   :client_secret => '...'

Username/Password authentication

If you prefer to use a username and password to authenticate:

client = :username => '',
                   :password => '...',
                   :security_token => '...',
                   :client_id => '...',
                   :client_secret => '...'

You can also set the username, password, security token, client id and client secret in environment variables:

export SALESFORCE_USERNAME="username"
export SALESFORCE_PASSWORD="password"
export SALESFORCE_SECURITY_TOKEN="security token"
export SALESFORCE_CLIENT_ID="client id"
export SALESFORCE_CLIENT_SECRET="client secret"
client =

Proxy Support

You can specify a http proxy using the :proxy_uri option, as follows:

client = :proxy_uri => ''

This paramter also will accept or using the environemnt variable PROXY_URI.

Sandbox Orgs

You can connect to sandbox orgs by specifying a host. The default host is

client = :host => ''

The host can also be set with the environment variable SALESFORCE_HOST.

Global Configuration

You can set any of the options passed into globally:

Force.configure do |config|
  config.client_id = 'foo'
  config.client_secret = 'bar'


accounts = client.query("select Id, Something__c from Account where Id = 'someid'")
# => #<Force::Collection >

account = accounts.first
# => #<Force::SObject >

# => 'Account'

# => "someid"

account.Name = 'Foobar'
# => true

# => true


client.find('Account', '001D000000INjVe')
# => #<Force::SObject Id="001D000000INjVe" Name="Test" LastModifiedBy="005G0000002f8FHIAY" ... >

client.find('Account', '1234', 'Some_External_Id_Field__c')
# => #<Force::SObject Id="001D000000INjVe" Name="Test" LastModifiedBy="005G0000002f8FHIAY" ... >


# Find all occurrences of 'bar''FIND {bar}')
# => #<Force::Collection >

# Find accounts match the term 'genepoint' and return the Name field'FIND {genepoint} RETURNING Account (Name)').map(&:Name)
# => ['GenePoint']


client.create('Account', Name: 'Foobar Inc.') # => '0016000000MRatd'


client.update('Account', Id: '0016000000MRatd', Name: 'Whizbang Corp') # => true


client.upsert('Account', 'External__c', External__c: 12, Name: 'Foobar') # => true


client.destroy('Account', '0016000000MRatd') # => true

All the CRUD methods (create, update, upsert, destroy) have equivalent methods with a ! at the end (create!, update!, upsert!, destroy!), which can be used if you need to do some custom error handling. The bang methods will raise exceptions, while the non-bang methods will return false in the event that an exception is raised.


client.describe # => { ... }
client.describe('Account') # => { ... }


client.describe_layout('Account') # => { ... }
client.describe_layouts('Account', '012E0000000RHEp') # => { ... }


client.picklist_values('Account', 'Type') # => [#<Force::Mash label="Prospect" value="Prospect">]

# Given a custom object named Automobile__c
#   with picklist fields Model__c and Make__c,
#   where Model__c depends on the value of Make__c.
client.picklist_values('Automobile__c', 'Model__c', :valid_for => 'Honda')
# => [#<Force::Mash label="Civic" value="Civic">, ... ]


Performs an authentication and returns the response. In general, calling this directly shouldn't be required, since the client will handle authentication for you automatically. This should only be used if you want to force an authentication before using the streaming api, or you want to get some information about the user.

response = client.authenticate!
# => #<Force::Mash access_token="..." id="" instance_url="" issued_at="1348465359751" scope="api refresh_token" signature="3fW0pC/TEY2cjK5FCBFOZdjRtCfAuEbK1U74H/eF+Ho=">

# Get the user information
info = client.get(
# => '005E0000001eM4LIAU'

File Uploads

Using the new Blob Data api feature (500mb limit):

image ='image.jpg', __FILE__), 'image/jpeg')
client.create 'Document', FolderId: '00lE0000000FJ6H',
                          Description: 'Document test',
                          Name: 'My image',
                          Body: image)

Using base64-encoded data (37.5mb limit):

data = Base64::encode64('image.jpg')
client.create 'Document', FolderId: '00lE0000000FJ6H',
                          Description: 'Document test',
                          Name: 'My image',
                          Body: data)

See also:

Downloading Attachments

Force also makes it incredibly easy to download Attachments:

attachment = client.query('select Id, Name, Body from Attachment').first, 'wb') { |f| f.write(attachment.Body) }

Custom Apex REST endpoints

You can use Force to interact with your custom REST endpoints, by using .get, .put, .patch, .post, and .delete.

For example, if you had the following Apex REST endpoint on Salesforce:

global class RESTCaseController {
  global static List<Case> getOpenCases() {
    String companyName = RestContext.request.params.get('company');
    Account company = [ Select ID, Name, Email__c, BillingState from Account where Name = :companyName];

    List<Case> cases = [SELECT Id, Subject, Status, OwnerId, Owner.Name from Case WHERE AccountId = :company.Id];
    return cases;

...then you could query the cases using Force:

client.get '/services/apexrest/FieldCase', :company => 'GenePoint'
# => #<Force::Collection ...>


Force supports the Streaming API, and makes implementing pub/sub with Salesforce a trivial task:

# Force uses faye as the underlying implementation for CometD.
require 'faye'

# Initialize a client with your username/password/oauth token/etc.
client = :username => 'foo',
  :password       => 'bar',
  :security_token => 'security token'
  :client_id      => 'client_id',
  :client_secret  => 'client_secret'

# Create a PushTopic for subscribing to Account changes.
client.create! 'PushTopic', {
  ApiVersion: '23.0',
  Name: 'AllAccounts',
  Description: 'All account records',
  NotifyForOperations: 'All',
  NotifyForFields: 'All',
  Query: "select Id from Account"
} {
  # Subscribe to the PushTopic.
  client.subscribe 'AllAccounts' do |message|
    puts message.inspect

See also:


The gem supports easy caching of GET requests (e.g. queries):

# rails example:
client = cache: Rails.cache

# or
Force.configure do |config|
  config.cache = Rails.cache

If you enable caching, you can disable caching on a per-request basis by using .without_caching:

client.without_caching do
  client.query('select Id from Account')

Logging / Debugging / Instrumenting

You can inspect what Force is sending/receiving by setting Force.log = true.

Force.log = true
client ='select Id, Name from Account')

Another awesome feature about force is that, because it is based on Faraday, you can insert your own middleware.

For example, if you were using Force in a Rails app, you can setup custom reporting to Librato using ActiveSupport::Notifications:

client = do |builder|
  builder.insert_after Force::Middleware::InstanceURL,
                       FaradayMiddleware::Instrumentation, name: 'request.salesforce'


ActiveSupport::Notifications.subscribe('request.salesforce') do |*args|
  event =*args)
  Librato.increment ''
  Librato.timing 'api.salesforce.request.time', event.duration
end Canvas

You can use Force to decode signed requests from Salesforce. See the example app.

Tooling API

To use the Tooling API, call Force.tooling instead of

client = Force.tooling(...)

Security note

Always sanitize your raw SOQL queries. To avoid SQL-injection (in this case, SOSQL-injection) attacks. Given the syntax similarities between SQL and SOQL, Salesforce recommends using ActiveRecord's sanitization methods.



Force is available under the MIT license. See the LICENSE file for more info.