Salesforce isn't a CRM; it's a metadata-driven platform that ships sales, service, marketing, commerce, and analytics apps on top of one object model. The SObject + SOQL + Apex + Flow stack is the foundation. AgentForce, Data Cloud, Einstein Trust Layer, MuleSoft, Slack, and Tableau are the ecosystem that wraps it. The system of record most large SA businesses run sales and service on — and now the substrate the AgentForce digital-labour pitch rides on.
Salesforce is the largest CRM by revenue, but the part that matters technically is the Lightning Platform beneath it. Everything is an SObject — Account, Contact, Opportunity, Case, plus custom objects you define. Queries run in SOQL (the SQL-shaped, relationship-traversing query language). Server-side logic runs in Apex (Java-shaped, with declarative governor limits). Low-code automation runs in Flow. The user interface is built from Lightning components. The same metadata declaration drives the API, the UI, the report builder, and the AI prompts.
The product surfaces ("Clouds") layer on top of the platform: Sales Cloud, Service Cloud, Marketing Cloud, Commerce Cloud, Experience Cloud. They're not separate products in the architectural sense — they're packaged combinations of objects, page layouts, flows, and reports configured for a function. You can build any of them yourself if you know the platform; that's what makes Salesforce both expensive and infinitely customisable.
The AI fabric is newer and runs across all of it. AgentForce is the agent runtime. Data Cloud is the unified customer profile (a CDP, in lay terms). The Einstein Trust Layer wraps every model call with secure data retrieval, zero data retention, and toxicity detection. MuleSoft is the integration layer (and the bridge to MCP). Slack is the conversational surface. Tableau is the analytics surface. They are all branded as a single Customer 360 picture; technically they are distinct products that depend on each other and on the core platform's metadata.
AgentForce + Tableau + Slack — the experience layer. Conversational, visual, and channel surfaces. Data Cloud + Einstein Trust Layer — the data and governance layer. Unified profile, RAG-grounded retrieval, model-routing with masking. MuleSoft — the integration layer; the bridge from internal Salesforce APIs to the rest of the enterprise, including the new "API as MCP server" path. Lightning Platform — SObject + SOQL + Apex + Flow + Lightning components. Underneath: Hyperforce, the multi-tenant public-cloud infrastructure (AWS, GCP, Azure) that hosts modern Salesforce orgs.
Everything you build on Salesforce is some combination of these four. Get them right and the platform is a productivity superpower. Get them wrong and you'll spend a year fighting governor limits, mixed-DML errors, and SOQL row caps.
Every table is an SObject. Standard (Account, Contact, Opportunity) or Custom (Project__c). Fields are typed; relationships are lookup or master-detail; record-level access is governed by Sharing Rules.
SQL-shaped but relationship-traversing. SELECT Name, Account.Industry FROM Contact joins automatically. Governor-limit aware: 50k rows per transaction, 100 queries per execution.
Java-shaped server-side language. Triggers run on DML events. Schedulable, Batchable, Queueable patterns. Every Apex transaction operates inside governor limits — bulkify or fail.
The declarative automation engine that replaced Workflow Rules and Process Builder. Screen Flows, Auto-launched Flows, Record-Triggered Flows. Same metadata, low-code authoring — and AgentForce can invoke a Flow as an action.
A typical SOQL query — relationship traversal in one go, the thing SQL can't do without joins:
// Find open opportunities with their owner and account industry SELECT Id, Name, Amount, CloseDate, Owner.Name, Owner.Email, Account.Name, Account.Industry, Account.AnnualRevenue FROM Opportunity WHERE IsClosed = false AND Amount > 100000 AND CloseDate = THIS_QUARTER ORDER BY Amount DESC LIMIT 200
A trigger-friendly Apex pattern — bulkified, governor-safe, the shape every Salesforce dev learns the hard way once:
trigger OpportunityHealthCheck on Opportunity (after update) { Set<Id> ids = new Set<Id>(); for (Opportunity opp : Trigger.new) { if (opp.StageName != Trigger.oldMap.get(opp.Id).StageName) { ids.add(opp.Id); } } if (!ids.isEmpty()) { // One SOQL, one DML — bulkified for thousands of records OpportunityHealthService.recompute(ids); } }
Apex is a multi-tenant runtime. To stop one customer's runaway code from starving everyone else, every transaction caps SOQL queries (100), DML statements (150), CPU time (10s sync), heap (6 MB sync), callouts (100), and rows queried (50,000). Bulkified code stays under all of these for thousands of records; non-bulkified code dies at 200. "Bulkify everything" is the single most important phrase in Salesforce engineering.
The 2024–26 evolution: Einstein was the brand for predictive AI features baked into clouds; that brand still exists but has been subsumed by AgentForce (the agent runtime) and the Einstein Trust Layer (the security wrapper around every model call). Data Cloud is the unifying data plane that makes any of it useful.
| Layer | What it is | Depends on |
|---|---|---|
| AgentForce 360 | The agent platform. Atlas Reasoning Engine, five-attribute agents (Role / Data / Actions / Guardrails / Channel), Flex Credits pricing. | Data Cloud, Einstein Trust Layer, Lightning Platform |
| Data Cloud | Unified customer profile. Real-time ingestion, identity resolution, harmonisation across structured + unstructured data. RAG source for AgentForce. | Hyperforce, source-system connectors |
| Einstein Trust Layer | The security wrapper. Zero data retention with model providers, dynamic grounding, toxicity detection, secure data retrieval, audit trail. | Every model call AgentForce or a Flow makes |
| MuleSoft | API integration. Anypoint Platform, API Catalog, Topic Center. As of AgentForce 3, can expose any API as an MCP server consumable by AgentForce agents. | Source systems (SAP, Oracle, etc.) |
| Slack | The conversational surface. AgentForce agents respond in Slack channels and DMs; Data Cloud notifications fire to Slack in sub-second. | AgentForce, Data Cloud |
| Tableau | The analytics surface. Data Cloud feeds Tableau Pulse and dashboards; AgentForce can query Tableau for the answer to a sales rep's "how are we tracking?". | Data Cloud, source systems |
AgentForce agents reason via the Atlas Reasoning Engine, which uses retrieval-augmented generation (RAG) over Data Cloud's harmonised data. Without Data Cloud, AgentForce agents only see what's directly inside the Salesforce org and a few connected systems. With Data Cloud, they reason over a single profile assembled from every system that's been ingested — orders from SAP, support history from Zendesk, marketing engagement from Mailchimp. The Data Cloud licence is the load-bearing one for any serious AgentForce deployment.
Salesforce auth is OAuth 2.0 in every modern flow, mediated by a Connected App in the org. Pick the flow that matches your topology: JWT bearer for server-to-server, Web Server flow for user-context apps, the User-Agent flow for SPAs. The legacy Username-Password flow is deprecated for new use and disabled in many orgs.
| Flow | Use when | Token type |
|---|---|---|
| JWT bearer | Server-to-server integration. Cert-based, no user interaction. The default for AgentForce / MuleSoft / backend automations. | Access token (no refresh) |
| Web Server (auth code) | User-context apps. Standard authorisation-code flow with refresh tokens. | Access + refresh |
| Client Credentials | System-to-system OAuth where a service user is acceptable. Simpler than JWT for low-risk integrations. | Access (short-lived) |
| Username-Password | Legacy. Disabled by default in new orgs; do not use in new code. | Access (deprecated) |
// JWT bearer flow — the server-to-server default // 1. Build a JWT signed with your Connected App's private key // 2. POST it to the token endpoint // 3. Receive an access_token, use it as Bearer for the REST / SOQL APIs POST https://login.salesforce.com/services/oauth2/token Content-Type: application/x-www-form-urlencoded grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer& assertion=eyJhbGciOiJSUzI1NiIs... // the signed JWT // Response { "access_token": "00DXX...!AQ...", "instance_url": "https://yourorg.my.salesforce.com", "token_type": "Bearer" }
// Then call REST or SOQL with the access token GET https://yourorg.my.salesforce.com/services/data/v60.0/query/ ?q=SELECT+Id,Name,Industry+FROM+Account+LIMIT+10 Authorization: Bearer 00DXX...!AQ... // SObject CRUD endpoints — pattern is identical for every object GET /services/data/v60.0/sobjects/Account/{id} POST /services/data/v60.0/sobjects/Account PATCH /services/data/v60.0/sobjects/Account/{id} DELETE /services/data/v60.0/sobjects/Account/{id} // Composite API — batch multiple operations in one round trip POST /services/data/v60.0/composite
A Connected App declares OAuth scopes (api, refresh_token, full, chatter_api, web, and the AgentForce-specific scopes for agent actions). Each scope unlocks a class of API calls. Create one Connected App per integration use case rather than one all-powerful app — a leaked AgentForce token should not have full access to your org's SOQL endpoint. Rotate the signing certificate annually.
The 2nth CRM sub-domain holds both. They cover the same use case (customer graph + GTM ops) but they're built for different sizes of business and have different ceilings:
| Concern | Salesforce | HubSpot |
|---|---|---|
| Sweet spot | Enterprise, complex sales, regulated industries | Mid-market, marketing-led, simpler ops |
| Customisation | Unlimited via Apex + Flow + Lightning | Bounded; you bend HubSpot, not extend it |
| Data model | Custom objects + complex relationships | Fixed objects + custom properties |
| Query | SOQL (relationship-traversing) | Search API (filter-groups, capped at 10k) |
| AI layer | AgentForce + Einstein + Data Cloud | Breeze (HubSpot's AI brand) |
| Price floor | ~$25 / user / mo (Starter), real deployments > $100 | Free tier + $20+ / user / mo for paid hubs |
| Implementation | Partner-led, 3–12 months to production | DIY-friendly, weeks to live |
The six-role partnering model (Revenue Leader, Sales Rep, Marketing Manager, Service Lead, RevOps Engineer, Executive) maps cleanly onto Salesforce, just like it does onto HubSpot. The objects shift: Opportunity in Salesforce replaces Deal in HubSpot; Case replaces Ticket; Lead is a Salesforce-specific concept that HubSpot folds into contacts. The decisions stay with humans; the AI surfaces the next-best action.
Six failure modes that show up the first time a Salesforce integration goes from sandbox to live.
A trigger that works on 10 records will fail at 200 if it isn't bulkified. The platform won't warn you until production data volumes hit. Always run loops outside DML; always query before the loop, not inside.
Standard sandbox refresh copies the core CRM org but Data Cloud has its own provisioning flow and doesn't follow sandbox refresh cycles. Plan AgentForce-touching test data separately.
One query: 50,000 rows max. But aggregate queries with GROUP BY cap at 2,000 grouped results. If you need everything, use the Bulk API 2.0, which has its own async semantics.
A new Connected App can take 5–10 minutes to be ready for OAuth across all Salesforce datacenter routes. CI pipelines that create + immediately use an App will get 401s that disappear on a retry.
A Record-Triggered Flow on an Account update can fire before, after, or both, depending on the configuration. Mixing Apex triggers and Flows on the same object frequently produces "ghost updates" the first time around. Pick one automation tier per object; don't mix.
Salesforce's REST API is versioned (v60.0, v61.0, ...). A Connected App declares a default version. New SObject fields only show up in the version they were introduced. Always pin and bump deliberately.
Hyperforce in South Africa. Salesforce's Hyperforce is the multi-region public-cloud infrastructure that hosts modern Salesforce orgs (AWS, GCP, Azure). As of mid-2026 there is no Hyperforce datacenter in South Africa — SA-based orgs typically land in eu-central-1 (Frankfurt) or eu-west-1 (Ireland). Data residency for POPIA Section 72 analysis happens at the cluster level; you'll want a Salesforce-provided data-residency commitment in writing as part of any enterprise agreement.
POPIA and the Einstein Trust Layer. The Trust Layer's "zero data retention" guarantee with model providers is the load-bearing claim for POPIA-sensitive workloads — OpenAI, Anthropic, and Google don't retain Salesforce-sent prompts or completions on their side. That's the contractual basis on which an SA Information Officer can sign off on AgentForce processing customer data. Without that guarantee, the same workflow would need a local-inference or air-gapped setup.
FX and the digital-labour pitch. AgentForce's Flex Credits are USD-priced ($0.10 per credit). For SA businesses, every AgentForce action carries an FX-translated cost in rand — budget envelope planning needs to model ZAR depreciation. A "digital labour is cheaper than human labour" claim that pencils at R18/USD looks different at R22/USD. Pre-commit pricing is worth the discount for predictability.
The BBBEE / GAR question. Salesforce's SA presence has expanded since the mid-2020s but it remains a US-headquartered vendor. For B-BBEE scorecards and government tenders that require local technology spend, a Salesforce licence rarely counts. Local System Integrator partners that hold the Salesforce licence on behalf of clients can change that calculus; budget for that conversation early in any procurement cycle.
Salesforce is at the centre of the GTM data fabric. Most of the AI value comes from the layers wrapped around it.