Tooling API

Introducing Tooling API
SOAP Calls
Tooling API Objects and Namespaces
Tooling API Objects
ActivationPlatform
AIApplication
AIApplicationConfig
AnimationRule
ApexClass
ApexClassMember
ApexCodeCoverage
ApexCodeCoverageAggregate
ApexComponent
ApexComponentMember
ApexEmailNotification
ApexExecutionOverlayAction
ApexExecutionOverlayResult
ApexLog
ApexOrgWideCoverage
ApexPage
ApexPageInfo
ApexPageMember
ApexResult
ApexTestQueueItem
ApexTestResult
ApexTestResultLimits
ApexTestRunResult
ApexTestSuite
ApexTrigger
ApexTriggerMember
AssignmentRule
AuraDefinition
AuraDefinitionBundle
AutoResponseRule
BrandingSet
BrandingSetProperty
BriefcaseDefinition
BusinessProcess
BusinessProcessDefinition
BusinessProcessFeedback
BusinessProcessGroup
BusProcessFeedbackConfig
Certificate
CleanDataService
CleanRule
ColorDefinition
CommunityWorkspacesNode
CompactLayout
CompactLayoutInfo
CompactLayoutItemInfo
ContainerAsyncRequest
CspTrustedSite
CustomApplication
CustomField
CustomFieldMember
CustomHelpMenuSection
CustomHttpHeader
CustomNotificationType
CustomObject
CustomTab
DataAssessmentConfigItem
DataIntegrationRecordPurchasePermission
DataType
DebugLevel
DeployDetails
Document
DuplicateJobDefinition
DuplicateJobMatchingRuleDefinition
EmailTemplate
EmbeddedServiceBranding
EmbeddedServiceConfig
EmbeddedServiceCustomComponent
EmbeddedServiceCustomization
EmbeddedServiceCustomLabel
EmbeddedServiceFieldService
EmbeddedServiceFlow
EmbeddedServiceFlowConfig
EmbeddedServiceLiveAgent
EmbeddedServiceMenuItem
EmbeddedServiceMenuSettings
EmbeddedServiceQuickAction
EmbeddedServiceResource
EnrichedField
EntityDefinition
EntityLimit
EntityParticle
EventDelivery
EventSubscription
ExternalDataSource
ExternalDataSrcDescriptor
ExternalServiceRegistration
ExternalString
ExternalStringLocalization
FieldDefinition
FieldMapping
FieldMappingField
FieldMappingRow
FieldRestrictionRule
FieldSet
FlexiPage
Flow
FlowDefinition
FlowElementTestCoverage
FlowTest (Beta)
FlowTestCoverage
ForecastingDisplayedFamily
ForecastingFilter
ForecastingFilterCondition
ForecastingSourceDefinition
ForecastingType
ForecastingTypeSource
FormulaFunction
FormulaFunctionAllowedType
FormulaOperator
GlobalValueSet
Group
GtwyProvPaymentMethodType
HeapDump
HistoryRetentionJob
HomePageComponent
HomePageLayout
IconDefinition
InboundNetworkConnection
InboundNetworkConnProperty
Index
IndexField
InstalledSubscriberPackage
InstalledSubscriberPackageVersion
IPAddressRange
KeywordList
Layout
LightningComponentBundle
LightningComponentResource
LookupFilter
ManagedContentNodeType
ManagedContentType
MarketingAppExtension
MarketingAppExtAssignment
MarketingAppExtActivity
MatchingRule
MenuItem
MetadataComponentDependency (Beta)
MetadataContainer
MetadataPackage
MetadataPackageVersion
MLDataDefinition
MLField
MLFilter
MLPredictionDefinition
ModerationRule
OrgDomainLog
NamedCredential
OperationLog
OpportunitySplitType
OutboundNetworkConnection
OutboundNetworkConnProperty
OwnerChangeOptionInfo
PackageInstallRequest
PackageUploadRequest
PackageVersionUninstallRequestError
PathAssistant
Package2
Package2Member
Package2Version
Package2VersionCreateRequest
Package2VersionCreateRequestError
PathAssistantStepInfo
PathAssistantStepItem
PermissionDependency
PermissionSet
PermissionSetGroup
PermissionSetGroupComponent
PermissionSetTabSetting
PipelineInspMetricConfig
PlatformEventChannel
PlatformEventChannelMember
PlatformEventSubscriberConfig
PostTemplate
Profile
ProfileLayout
Publisher
QueryResult
QuickActionDefinition
QuickActionList
QuickActionListItem
RecentlyViewed
RecommendationStrategy
RecordActionDeployment
RecordType
RelatedListColumnDefinition
RelatedListDefinition
RelationshipDomain
RelationshipInfo
ReleaseUpdate
RemoteProxy
RestrictionRule
SandboxInfo
SandboxProcess
SchedulingObjective
SchedulingRule
SearchLayout
SecurityHealthCheck
SecurityHealthCheckRisks
ServiceFieldDataType
Scontrol
SiteDetail
SOQLResult
SourceMember
SourceMemberDeployRequest
StandardAction
StaticResource
SubscriberPackage
SubscriberPackageVersion
SubscriberPackageVersionUninstallRequest
SvcCatalogCategory
SvcCatalogCategoryItem
SvcCatalogFulfillFlowItem
SvcCatalogFulfillmentFlow
SvcCatalogItemDef
SymbolTable
TabDefinition
TestSuiteMembership
TimeSheetTemplate
TimeSheetTemplateAssignment
TraceFlag
TransactionSecurityPolicy
User
UserCriteria
UserEntityAccess
UserFieldAccess
ValidationRule
WebLink
WorkflowAlert
WorkflowFieldUpdate
WorkflowOutboundMessage
WorkflowRule
WorkflowTask
WorkSkillRouting
WorkSkillRoutingAttribute
SOAP Headers for Tooling API
REST Headers for Tooling API
PDF

Newer Version Available

This content describes an older version of this product. View Latest

CspTrustedSite

Represents a CSP Trusted Site. The Lightning Component framework uses Content Security Policy (CSP) to impose restrictions on content. The main objective of CSP is to help prevent cross-site scripting (XSS) and other code injection attacks. To use third-party APIs that make requests to an external (non-Salesforce) server or to use a WebSocket connection, add the server as a CSP Trusted Site. Available in API version 39.0 and later.

Supported SOAP Calls

create(), delete(), describeSObjects(), query(), retrieve(), update(), upsert()

Supported REST HTTP Methods

GET

Limitations

SOQL Limitations

SOSL Limitations

Fields

Field Field Type Description
context CspTrustedSiteContext (enumeration of type string) Declares the scope of trust for the listed third-party host.
  • All allows the host for all supported context types.
  • Communities allows the host for Experience Builder sites only.
  • FieldServiceMobileExtension allows the host for the Field Service Mobile Extensions only. Available in API version 47.0 and later.
  • LEX allows the host for Lightning Experience only.
  • VisualForce allows the host for custom Visualforce pages only. Available in API version 55.0 and later.

For custom Visualforce pages, content is restricted to CSP Trusted Sites only if the page’s cspHeader attribute is set to true.

This field is available in API version 44.0 and later.
description string The description explaining what this trusted site is used for.
endpointUrl string Required. The URL for the trusted site.
isActive boolean Required. Indicates if the trusted site is active (true) or not (false).
isApplicableToConnectSrc boolean Required. Indicates if Lightning components can load URLs using script interfaces from this site (true) or not (false). This field is available in API version 48.0 and later.
isApplicableToFontSrc boolean Required. Indicates if Lightning components can load fonts from this site (true) or not (false). This field is available in API version 48.0 and later.
isApplicableToFrameSrc boolean Required. Indicates if Lightning components can load resources contained in <iframe> elements from this site (true) or not (false). This field is available in API version 48.0 and later.
isApplicableToImgSrc boolean Required. Indicates if Lightning components can load images from this site (true) or not (false). This field is available in API version 48.0 and later.
isApplicableToMediaSrc boolean Required. Indicates if Lightning components can load audio and video from this site (true) or not (false). This field is available in API version 48.0 and later.
isApplicableToStyleSrc boolean Required. Indicates if Lightning components can load style sheets from this site (true) or not (false). This field is available in API version 48.0 and later.
mobileExtension string Reserved for future use.