Back

Salesforce

Salesforce Development Salesforce Implementation Salesforce Integration AppExchange App Development Salesforce Consulting Hire a Salesforce Developer Salesforce Managed Services Salesforce Data Cloud Services Agentforce Services

ServiceNow

ServiceNow Consulting ServicesServiceNow Implementation ServicesServiceNow Managed Services

AWS

AWS Managed Services AWS Application Development AWS Migration Services AWS Security Services

GCP

Google Cloud Services

Cloud

Cloud Consulting Services Cloud Migration Services Cloud Application Development Cloud Security Solutions Cloud Managed Services

Additional

Product Engineering ServicesNintex Development Services IT Staff Augmentation Services UI/UX Design Services
Heroku Collaboration Webinar
Aarch Merchant Tool ChargeOn Easy Incentivizer Easy Rollup Heroku Collaboration Webinar ROI newsletter
Blogs Customer Success Stories Case Studies Webinar Podcast Press Release Newsletter Heroku Collaboration Webinar ROI
Business Spotlight Events Footprints Heroku Collaboration Webinar ROI

Explore the Latest Business Insights

Flowers

Explore the Latest Business Insights

Uncover the Keys to Success with Popular CRM Trends, New Releases and AI Launches and More!

Download E-Guide

Flowers

Download E-Guide

Register to read the complete guide as PDF on your email.

Download Customer Success Story

Flowers

Download Customer Success Story

Submit your details below to get a detailed success story delivered to your inbox as a PDF.

Download Case Study

Flowers

Download Case Study

Register to read the complete solution and benefits of this Case Study as a PDF on your email.

Download Whitepaper

Flowers

Download Whitepaper

Register to Get the Whitepaper Delivered Straight to Your Email.

Download Industry Report

Flowers

Download Industry Report

Register to Get the Industry Report Delivered Straight to Your Email.

What is Heroku AppLink? Everything you need to know

November 27, 2025
eye-glyph 3

Table of Contents

    Modern businesses move fast, but their integrations often don’t. Some are still dependent on legacy systems that were once cutting-edge but now struggle to keep pace with innovation. As a result, their developers spend hours chasing approvals, untangling middleware that breaks the flows at the slightest change. It’s not just frustrating, it’s actually expensive, costing businesses time and money.

    Heroku AppLink changes that. The platform directly makes the Heroku applications visible and functional inside the Salesforce ecosystem securely. Saving developers hours of custom coding and manual security management. Eventually, modernizing the way businesses process and integrate off-platform logic securely.

    In this blog, we’ve explained about what Heroku AppLink is, what it does, and why it matters for businesses in building high-performing digital systems. 

    Let’s get started!

    What is Heroku AppLink?

    Heroku AppLink is a Salesforce add-on that makes the Heroku application into a service that Salesforce can use natively. It allows Salesforce to invoke Heroku APIs securely and contextually without the need to use a custom middleware. AppLink was previously known as Heroku Integration. 

    AppLink replaces the manual and limited fractionation of its legacy with a much more standardized, governed, and OpenAPI-driven approach. Along with it comes user-controlled authorization and built-in compliance with Salesforce permissions. AppLink is Salesforce’s native bridge to securely bring Heroku logic inside CRM workflows.

    Let’s understand the different user modes offered by the platform.

    User Modes

    Heroku AppLink offers three user modes that define what level of access your Heroku app receives.

    • User mode:

    Heroku acts on behalf of the logged-in Salesforce user. It respects field-level security and permission sets. This is ideal for personalized experiences.

    • User-plus mode:

    The app receives temporary elevated access to specific objects or fields. This is used when a user needs limited privileged access for a particular action.

    • Authorized-user mode:

    The app uses a designated integration user with full access. This is typically used for background jobs, data processing, or heavy integrations that do not require per-user context.

    Point of differenceUser modeUser-plus modeAuthorized-user mode
    User identity that is utilizedThe Salesforce user who triggers the actionThe Salesforce user, plus temporary extra permissionsA dedicated integration user (not the triggering user)
    Permissions enforcedBased on the user’s own profile and accessUser’s permissions along with a defined permission setBased on the authorized user’s profile
    Setup complexityComparatively easierModerateHighly complexed
    Ideal forEnforcing strict user-level accessTemporarily elevating access for specific actionsBackground jobs, cross-org logic, or centralized control. Basically, system-level controls are detached from users.
    ExampleA sales rep triggers a quote calculator for their own routine tasks.A rep temporarily accesses a restricted discount field that is usually accessible only by higher authorities.A sync during night hours updates records across multiple orgs.

    What does Heroku AppLink do?

    Heroku AppLink gives enterprises an operational framework to expose custom Heroku logic as native Salesforce actions. Below are some of the key capabilities of the platform mentioned:

    1. Exposes Heroku APIs to Salesforce:

    AppLink registers your Heroku endpoints inside Salesforce. This lets Flow, Apex, Data Cloud, and Agentforce call Heroku APIs without writing custom interfaces.

    2. Enforces governed access:

    AppLink uses scoped tokens, permission sets, and user modes to enforce the same security rules that apply inside Salesforce.

    3. Supports real-time and high-volume workflows:

    Heroku dynos process incoming Salesforce requests and return responses to them in real time.

    4. Publishes the same Heroku service to multiple orgs:

    Ecosystems supporting multiple business units or partner networks can publish one Heroku app to several Salesforce orgs.

    What is a scoped token?

    This is a temporary access key that is issued by Salesforce, which helps in identifying the user who is making a request and assessing what they can access. This token gets attached to every triggering request sent to the Heroku application through AppLink.

    Why does Heroku AppLink matter for businesses?

    Here are some of the reasons that validate the importance of using Heroku AppLink for businesses:

    Why does Heroku AppLink matter for businesses
    Why does Heroku AppLink matter for businesses

    1. Faster development cycles:

    Heroku AppLink streamlines the integration process by removing the need for using any middleware, manual authentication flows, or custom API wiring. This allows the organization’s developers to showcase Heroku-hosted services directly in Salesforce rapidly using an OpenAPI spec and the AppLink CLI. This eventually enables their teams to deliver integrations and deployments faster, and respond to changing business requirements quicker than ever.

    2. Consistent governance:

    AppLink leverages Salesforce’s native permission model to control access for Heroku services. This means that access is governed by the same profiles and permission sets already in use within Salesforce, based on the designated user modes. This lets businesses have consistent control over the mitigation of risk of unauthorized access, compliance fallouts, and data security concerns across both platforms.

    3. Operational scalability:

    Heroku apps run on dynos (these are lightweight containers that can scale elastically based on demand). This allows businesses to offload heavy tasks such as machine learning inference or batch data processing to Heroku without impacting Salesforce performance. As a result, the organizations can maintain a responsive app experience while expanding backend capabilities.

    4. Architectural flexibility:

    AppLink supports services built in any language or frameworks that are supported by Heroku, which include Node.js, Python, Go, and Java. These services can be seamlessly integrated into Salesforce workflows using declarative tools like Flow or programmatic access via Apex. This flexibility enables businesses to reuse existing services and, at the same time, adopt modern architectural patterns such as microservices or event-driven systems.

    What do business executives care about?

    For business leaders, Heroku AppLink delivers value where it matters most:

    • Governance: Unified access control across Salesforce and Heroku.
    • Scalability: Flexible infrastructure to handle growing workloads without performance degradation.
    • Risk Reduction: Minimized exposure to compliance and security issues.
    • Cost Efficiency:  Faster deployment cycles, reduced middleware overhead, and better resource utilization

    How does Heroku AppLink work?

    AppLink operates through a clean workflow that standardizes how Heroku applications are exposed inside Salesforce. Let’s understand the working based on a few easy steps:

    Step 1: Build and Deploy a Heroku App

    Developers build a RESTful API using Node.js, Python, Java, or any supported language. This API is deployed on Heroku dynos, which receive API requests, execute logic, and send responses back to Salesforce.

    Step 2: Add the Heroku AppLink add-on

    AppLink is added to the Heroku app. It then scans the OpenAPI specification (considered as a menu that has the information about all inputs, endpoints, and outputs)  for all defined endpoints and understands the structure of each operation.

    Step 3: Publish the Heroku app

    AppLink then publishes the API to Salesforce. The CRM platform then generates external service actions automatically. Here, each endpoint becomes a callable service.

    These actions then get available in Flow, Apex, Agentforce, and Data Cloud without any custom development.

    Step 4: Salesforce calls the Heroku app

    So now, when a user triggers a Flow, presses a button, or executes an Apex method, Salesforce sends a request to Heroku. The request includes a scoped token with user identity and permissions. The application receives requests through its dyno, processes them, and returns the results to Salesforce.

    Step 5: AppLink enforces governance and logs context

    AppLink then ensures every request respects Salesforce permissions. It enforces identity, security, and field-level governance. It provides context to the app, including user identifiers, session details, and org metadata. This makes every Heroku interaction secure, audited, and compliant.

    What is the Heroku AppLink dashboard?

    The dashboard is a centralized interface that allows management of the app’s connection to Salesforce. Along with that, it shows connected orgs, authorizations, and track published apps. This helps teams monitor integration health and security.

    Heroku AppLink setup and integration methods

    Heroku AppLink supports three integration paths. Each method focuses on a different part of the Salesforce platform. Before integrating, ensure the following prerequisites are met.

    Let’s take a look at these three integration methods:

    • A functional Heroku app with exposed API endpoints
    • A Heroku account using an Eco or Basic dyno plan
    • Heroku AppLink add-on installed
    • AppLink CLI plugin installed
    • A valid OpenAPI specification
    • A Salesforce org, such as Developer, Sandbox, or Scratch
    • Additional scratch org features for Data Cloud or Agentforce

    Method 1: Integration with Flow and Apex

    This is the core Salesforce integration path. This method is used for use cases like document generation, data enrichment, etc. These steps include deploying the app, adding AppLink, installing the CLI plugin, publishing the app, authorizing the Salesforce org, and then invoking it via Flow or Apex.

    Here are some of the steps explained in brief: 

    • Connect to a Salesforce Org
    • When connecting for the first time, a browser window opens for you to enter your Salesforce credentials. You’ll need to approve the access levels requested by Heroku.
    • Publish Your Heroku Application
    • After publishing your app, its input and output parameters become visible in Salesforce Setup.
    • Search for Heroku in Quick Find and Select Apps
    • Use the Quick Find bar in Setup to search for “Heroku,” then select Apps.
    • Select the App You Published
    • Choose your published app to view its configuration and available actions.
    Choose your published app to view its configuration and available actions
    Source: Heroku
    • Invoke App Actions with Apex, which receives generated classes that support synchronous or asynchronous execution.
    • Invoke App Actions with Flow, which receives callable actions that can be used declaratively.
    Invoke App Actions with Flow
    Source: Heroku

    Method 2: Integration with Salesforce Data Cloud

    Data Cloud can trigger Heroku apps in real time based on customer profile changes, events, or behavioral signals. The integration involves preparing the scratch org with the Customer Data Platform feature, publishing the app, and authorizing Data Cloud. 

    Here are some of the steps explained in brief:

    • Once user permissions are configured, establish a connection to Data Cloud. 
    • Next, authorize a user and proceed to publish your application. 
    • After linking your app with the Data Cloud org, you can define a data action target to enable interactions with your app.
    • You can see your data action target in Data Cloud:
    Integration with Salesforce Data Cloud
    Source: Heroku
    • Now you can create data actions to generate events to invoke the data action target when certain actions happen, such as customer interactions on an app, decreasing customer satisfaction scores, or more.

    Method 3: Integration with Agentforce

    Heroku AppLink exposes custom Heroku logic as actions that AI agents can invoke. The setup requires the Einstein1AIPlatform feature. Developers define Agentforce-compatible endpoints in their OpenAPI spec. Once published, the app becomes an action available to AI agents. 

    Follow these steps to create an agent action:

    • From Salesforce Setup, in the Quick Find box, enter and select Agentforce Assets.
    • Select the Actions tab, then New Agent Action.
    • Configure the action with the fields and values and select Next.
    • In the instructions window, fill out the following fields:
    Configure the action with the fields and values
    Source: Heroku
    • Then select the Finish tab.

    Next, add the action you created to an agent:

    • From Salesforce Setup, use the Quick Find box to search for and select Agentforce Agents.
    • In the Enable the Agentforce Agent section, toggle on the switch to activate the default agent.
    • Click the dropdown next to the agent and choose Open in Builder.
    • If visible, click Deactivate in the top-right corner of the builder window.
    • Navigate to the Topics tab, click New, then select Add from Asset Library.
    • Search for the General CRM topic, add it, and click Finish.
    • Next, select the General CRM topic and click New Version.
    • Go to the Topic Configuration tab and add content, including badge-related requests, in the Current Classification Description field. Click Save.
    • Switch to the This Topic’s Actions tab, click New, and choose Add from Asset Library.
    • Search for and add the action you created Generate Badge, then click Finish.
    • Finally, click Activate in the top-right corner to publish the topic.
    • You can now test the action within your Agentforce agent.
    Agentforce agent
    Source: Heroku

    How do AppLink actions differ from standard inference calls?

    AppLink actions differ from standard inference calls by being defined, discoverable, and invocable within Salesforce via Flow or Apex. Unlike generic API endpoints, AppLink actions are registered with metadata, enabling secure, governed, and reusable integrations. This ensures tighter alignment with Salesforce’s declarative tools and operational context.

    Heroku AppLink use cases

    These are some of the most prominent business use cases of AppLink:

    1. AI-based lead scoring:

    Many sales teams struggle to prioritize leads efficiently, especially in high-volume environments. For example, if there’s a tech-based B2B company that receives multiple inbound leads weekly, but its sales team finds it difficult to prioritize the leads. To solve this, they can build a machine learning model on Heroku, and with the help of AppLink, this model can be published as an action in Salesforce Flow. This will enable their sales teams to get their leads sorted based on scores instantly. 

    2. Rapid document generation:

    Legal and operations teams often need to generate customized documents quickly and accurately. For example, if a company’s legal team needs to generate NDAs and contracts tailored to each deal. Through Node.js, Python, or any supported language service on Heroku, they can fill templates with Salesforce data and return polished PDFs. Here, AppLink allows this service to be visible in Salesforce, enabling users to trigger it from Flow or Apex and thus generate documents rapidly.

    3. Data enrichment in real-time:

    Enriching customer records with verified external data is a common need across industries. For example, if a financial services firm wants to enrich customer profiles with verified data from external APIs like LinkedIn and government registries. So instead of embedding API logic in Salesforce, they can just build a Heroku app to handle the calls. Here, AppLink will make this service callable from Salesforce, so every new record gets enriched securely and in real time.

    4. Enabling custom pricing:

    Businesses with dynamic pricing models often require flexible logic based on multiple variables. Having a dynamic pricing set up for manufacturers and retailers lets them offer their customers better pricing each time. However, managing this custom logic based on different rules, such as region, time, order volume, etc., can be a tough task. That’s why a company can use a Heroku app, where the pricing updates can be managed easily. And then with the help of AppLink, Salesforce users can trigger the pricing engine from quote screens without hampering the platform’s performance.

    5. Case summarization:

    Support agents frequently need help summarizing long case histories to respond effectively. For example, customer support agents often have challenges in summarizing long case histories before responding to customers. To streamline this, a company can build a Heroku app that summarizes case details using a language model. Then, with AppLink, this service will get exposed to Salesforce, so agents can trigger it via Agentforce and instantly see a clean summary when opening a case.

    These were some of the use cases. Let us now take a look at some of the platform limitations.  

    Heroku AppLink limitations 

    AppLink has some limitations as well. Let’s understand some of the limitations:

    LimitationsWhat does this mean?How to handle this?
    Heroku API rate limitUp to 4500 requests per hour per add-on. This is why high-volume setups may require multiple add-ons or load balancing.Use multiple AppLink add-ons or implement request throttling/load balancing.
    Request timeoutHeroku enforces a maximum 30-second timeout. Thus, long tasks must run asynchronously.Offload long tasks to background workers or use Heroku’s worker dynos and queues.
    Salesforce API limitsAny Salesforce data pulled by the Heroku app counts towards API usage.Optimize API calls, use composite requests, and monitor usage with Event Monitoring.
    OpenAPI size limitsUp to 3 MB for YAML and 10 MB for JSON. The metadata bundle is expected to remain within 20 MB.Split large specs into smaller services or reduce schema complexity.
    Authorization limitEach Salesforce user can maintain only a limited number of active authorizations.Reuse authorizations where possible or implement shared integration users.

    These constraints are manageable with proper planning and guidance. Partner with certified, Heroku experts like Cyntexa. Their team of certified Heroku experts encourages enterprises to structure integrations for performance, scalability, and governance.

    Heroku AppLink best practices for enterprises

    Here are some of the best practices for enterprises to consider:

    1. Design for efficiency:

    Try to minimize the number of callouts and batch requests wherever possible. Along with that, also avoid unnecessary synchronous calls. This is because excessive callouts can slow down Salesforce flows and increase the risk of hitting governor limits.

    2. Modify OpenAPI specifications and monitor usage:

    The large APIs should be split into smaller, purpose-built services to stay within size limits. This not only reduces complexity but makes it easier to reuse services across orgs and flows. Further, keep a track of API consumption, dyno performance, and Salesforce limits. This helps in preventing outages and ensuring consistent performance throughout.

    3. Choose appropriate user modes:

    It is important to choose the offered user modes, i.e., User mode, User-plus mode, and Authorized-user mode, respectively, to avoid over-permissioning and mitigate compliance risks.

    4. Test integrations in sandbox environments:

    Testing securely in isolated environments before deploying is essential to reduce deployment risks and ensure compatibility with Salesforce features beforehand. You can use scratch orgs with the required features for Data Cloud or Agentforce before deploying to production.

    End note

    Heroku AppLink bridges a long-standing integration gap between Salesforce and custom-built applications. Is your business missing a link that allows you to scale in one ecosystem? You can do that by getting in touch with a Heroku consulting partner like Cyntexa. Reach out to our experts.

    As a reputed consulting partner, our team has been keeping tabs on how Heroku can help businesses design, build, and operationalize Heroku AppLink integrations with Salesforce seamlessly. Want to know more? Book a free consultation with the team today!

    Don’t Worry, We Got You Covered!

    Get The Expert curated eGuide straight to your inbox and get going with the Salesforce Excellence.

    AUTHOR

    Vishwajeet Srivastava

    Salesforce Data Cloud, AI Products, ServiceNow, Product Engineering

    Co-founder and CTO at Cyntexa also known as “VJ”. With 10+ years of experience and 22+ Salesforce certifications, he’s a seasoned expert in Salesforce Data Cloud & AI Products, Product Engineering, AWS, Google Cloud Platform, ServiceNow, and Managed Services. Known for blending strategic thinking with hands-on expertise, VJ is passionate about building scalable solutions that drive innovation, operational efficiency, and enterprise-wide transformation.

    Vishwajeet Srivastava Background Vishwajeet Srivastava

    Cyntexa.

    Join Our Newsletter. Get Your Daily Dose Of Search Know-How

    X

    Become a next-gen business with us.

    Tell us about your idea and we’ll bring it to life. Schedule a FREE consultation today.

    Looking for a new career?

    View job openings

    By submitting, you consent to Cyntexa processing your information in accordance with our Privacy Policy . We take your privacy seriously; opt out of email updates at any time.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Looking for a new career?

    View job openings
    X
    Cyntexa With Salesforce Collab Webinar