---
title: "Salesforce integration security"
description: "The OnceHub integration with Salesforce communicates with your Salesforce organization in real time using the Salesforce API."
url: "https://help.staticso2.com/scheduleonce/account-integrations/crm/salesforce/salesforce-integration-security"
---

The [OnceHub integration with Salesforce](https://help.staticso2.com/scheduleonce/account-integrations/crm/salesforce/salesforce-integration "The ScheduleOnce integration with Salesforce") communicates with your Salesforce organization in real time using the Salesforce API. All API calls between OnceHub and Salesforce are made via a special [API User](https://help.staticso2.com/scheduleonce/account-integrations/crm/salesforce/connecting-salesforce-api-user "How to connect a Salesforce API User") that is granted the OnceHub [permission set](https://help.staticso2.com/scheduleonce/account-integrations/crm/salesforce/assigning-oncehub-permission-set-to-salesforce-api-user "How to assign the ScheduleOnce permission set to the Salesforce API user"). This ensures that new records can always be created, and at the same time, the permissions of individual Salesforce users are not altered.

Below is how OnceHub communicates with Salesforce:

* **Access your basic information (id, profile, email, address, phone):** Allows access to the Identity URL service.
* **Perform requests on your behalf at any time (refresh\_token, offline\_access):** Allows a refresh token to be returned if you are eligible to receive one. This lets the app interact with the User’s data while the User is offline. The refresh\_token scope is synonymous with offline\_access.
