What is the most important tip for working with WSC (Web Service Connector)?

Use Partner WSDL for new integrations unless type safety on every field matters more than schema flexibility. Partner is version-stable and avoids the regeneration cycle that Enterprise WSDL forces.

WSC generates Java code for SOAP-based Salesforce integration.

DevelopmentAdvanced

WSC (Web Service Connector)

Q: Is WSC the modern approach?

REST APIs have largely superseded SOAP-based integration.

Q: What language is it for?

WSC is specifically a Java library.

Hear it

§ 01

Definition

WSC, short for Web Service Connector, is an open-source Java library that generates Java client stubs from Salesforce WSDL files and provides the runtime framework for making SOAP API calls to a Salesforce org from a Java application. Developers download the appropriate WSDL from Salesforce (Enterprise WSDL, Partner WSDL, Metadata WSDL, Tooling WSDL, or a custom Apex web service WSDL), run the WSC code generator against it, and embed the resulting jar file in their Java project. The application then calls Salesforce through type-safe Java method calls instead of hand-crafting SOAP envelopes.

WSC has been the standard Java integration toolkit for Salesforce SOAP APIs since 2010. The library is open-source on GitHub (the salesforce/wsc repository), maintained by Salesforce engineering, and pulled into many enterprise integration projects as the SOAP API client. In 2026, REST API has overtaken SOAP for new integrations, but WSC remains the right answer for any Java project that needs SOAP-specific features (Metadata API operations, certain bulk operations) or that has to interoperate with legacy Java code already built on WSC.

§ 02

WSC in 2026: SOAP, code generation, authentication, and the REST alternative

What WSC does and what it solves

WSC handles the boilerplate of SOAP-based Salesforce integration. Without it, a Java application calling Salesforce SOAP would need to: parse the WSDL, generate the matching Java classes manually, build SOAP envelopes by hand, handle XML serialization, manage session tokens, and handle exceptions. WSC handles all of this through code generation plus a small runtime library. The generated stubs are typed Java classes that mirror the Salesforce API: PartnerConnection for the Partner API, EnterpriseConnection for the Enterprise API, MetadataConnection for the Metadata API. Calling Salesforce becomes a normal Java method call: connection.create(records), connection.query(soql), connection.update(records). Errors surface as Java exceptions. Session management is handled automatically through the connection object.

WSDL types and the right one to generate from

Salesforce ships several WSDL files, each producing a different WSC stub set. Partner WSDL is the most common: it is generic, version-stable, and works with any object schema by passing sObject names at runtime. Enterprise WSDL is org-specific: regenerate it whenever the org schema changes (new fields, new objects). Metadata WSDL covers the Metadata API for deployments. Tooling WSDL covers the Tooling API for IDEs and developer tools. Apex WSDL covers custom Apex web services exposed by the org. Most production integrations use Partner WSDL because of its flexibility; Enterprise WSDL is preferred when type safety on every field is more valuable than schema flexibility. Document the WSDL choice in the integration README so future maintainers know how to regenerate stubs.

Code generation and the build pipeline

Generating WSC stubs is a one-time activity per WSDL version. The standard workflow is: download the WSDL from Salesforce (Setup, API), run wsc-VERSION.jar with the WSDL as input, get a generated jar back, add the jar to the Java project classpath. The generated jar contains the typed connection classes and the sObject Java classes that mirror the Salesforce schema. Modern build pipelines (Maven, Gradle) include the WSC runtime as a regular dependency and the generated stub jar as either a separate dependency (pre-built) or a build-time artifact (regenerated on every build). The latter pattern is more dynamic but requires the WSDL to be available at build time.

Authentication, sessions, and the connection lifecycle

A WSC connection starts with authentication. The application calls Connector.newConnection(config) with a ConnectorConfig holding the username, password (plus security token for older orgs), and login URL. WSC sends a login() SOAP call, receives a session id, and stores it on the connection object. Subsequent API calls automatically include the session id. Sessions expire after the org configured session timeout (default 2 hours of inactivity); WSC handles re-authentication transparently if the application sets the ConnectorConfig with credentials, or surfaces a session expired exception if the application has to handle re-auth manually. Mature WSC applications use OAuth instead of password authentication; WSC supports OAuth through ConnectorConfig.setSessionId() with a token obtained externally.

WSC versus REST API in 2026

In 2026, REST API has overtaken WSC for new Java integrations on most projects. REST returns JSON instead of XML, has lower overhead per call, integrates more naturally with modern Java HTTP clients (Apache HttpClient, OkHttp, Spring WebClient), and supports the same operations as SOAP plus some that SOAP does not. WSC remains the right answer in three cases: Metadata API integrations (REST Metadata API is newer and less complete than SOAP Metadata API), legacy Java code already built on WSC where rewriting is not justified, and bulk operations on the Enterprise WSDL where type safety on every field is critical. New projects without these constraints should use REST API with the Salesforce Java SDK (the modern alternative) instead of starting fresh on WSC.

Performance, retries, and production concerns

WSC has its own connection pool, retry behavior, and timeout configuration. ConnectorConfig.setReadTimeout() and ConnectorConfig.setConnectionTimeout() control HTTP timeout values; defaults are conservative but production may need tuning based on the org actual response times. WSC does not handle retries by default; the application has to wrap calls in retry logic to handle transient failures (UNABLE_TO_LOCK_ROW, REQUEST_RUNNING_TOO_LONG). Mature integrations build retry-with-exponential-backoff around every WSC call. Connection reuse is automatic across multiple calls on the same connection object, but applications should explicitly call connection.logout() at shutdown to release the Salesforce session. Monitor API call usage through the org API request limit; WSC calls count against the daily limit the same as any other SOAP or REST call.

§ 03

Building a Java integration with WSC

Using WSC in a Java integration is a four-piece workflow: download the WSDL and generate stubs, set up the Maven or Gradle build with the WSC runtime and the generated jar, write the authentication and API call code, and operationalize for production with retry and monitoring. Each piece is mostly mechanical, but the order matters and some pieces have non-obvious traps. This guide covers the standard pattern that most Java teams follow when standing up a new WSC-based Salesforce integration.

Download the WSDL and generate stubs
In Salesforce Setup, search API. Pick the right WSDL for the integration (Partner for generic, Enterprise for type-safe, Metadata for deployment, Tooling for IDE work). Click Generate, save the WSDL to your project resources folder. Download the latest WSC jar from the salesforce/wsc GitHub releases. Run java with classpath wsc-VERSION.jar com.sforce.ws.tools.wsdlc your-wsdl.wsdl output-stub.jar. The result is a stub jar containing the typed Java classes. Commit both the WSDL and the stub jar to source control (or regenerate on every build, depending on the team preference). Document the WSDL version and the WSC version in the project README.
Set up the Java project build
In Maven, add the WSC runtime as a dependency: groupId com.force.api, artifactId force-wsc, version matching the WSC release you used to generate stubs. Add the generated stub jar as either a separate Maven artifact (if it lives in an internal repository) or as a system-scope dependency (if local). For Gradle, the equivalent is a compile dependency on force-wsc and either an artifact dependency or a flat-dir dependency on the stub jar. Keep the WSC runtime version aligned with the version used for stub generation; mismatched versions cause cryptic runtime exceptions when the stub calls into the runtime.
Write authentication and API call code
Create a ConnectorConfig with the org username, password (plus security token if applicable), and login URL (login.salesforce.com for production, test.salesforce.com for sandbox). Call Connector.newConnection(config) to authenticate and get a PartnerConnection. From the connection, call API methods: connection.create(sObjects), connection.query(soql), connection.update(records), connection.delete(ids). Wrap each call in try-catch for ConnectionException and ApiFault. Log every call timing and result. For OAuth, set the session id directly via ConnectorConfig.setSessionId(token) after obtaining the token through your OAuth flow. Document the authentication choice in the integration runbook.
Operationalize for production with retry and monitoring
Wrap every WSC call in retry-with-exponential-backoff logic to handle transient failures (UNABLE_TO_LOCK_ROW, REQUEST_RUNNING_TOO_LONG, ConnectionTimeoutException). Configure retry counts and backoff intervals based on the operation idempotency: idempotent operations (queries, updates by ID) can retry aggressively; non-idempotent operations (creates without an external ID) need careful retry logic to avoid duplicates. Log every retry to a structured log so operators can diagnose chronic failures. Monitor the org daily API request limit; WSC calls count toward it. Set ConnectorConfig.setReadTimeout() and setConnectionTimeout() to values that match the org typical response times plus a safety margin.

Gotchas

WSC version mismatch between the runtime jar and the generated stub jar causes cryptic runtime exceptions. Keep both at the same version and document the version in the integration runbook.
Password authentication requires a Security Token unless the org has explicit IP allow-listing for the integration. Token rotation is a common cause of broken integrations; plan rotation as a recurring task.
WSC does not retry transient failures automatically. The application has to wrap every call in retry-with-backoff logic; without it, transient errors that should clear in seconds break the entire integration.
Enterprise WSDL is org-specific. Schema changes (new fields, new objects) require regenerating stubs and redeploying the integration. Partner WSDL is more flexible but loses some type safety.
WSC calls count against the org daily API request limit. Monitor usage proactively; a runaway integration can lock out every other caller for the rest of the day.

Trust & references

Official documentation

Straight from the source - Salesforce's reference material on WSC (Web Service Connector).

WSC (Web Service Connector) GitHub RepositorySalesforce Engineering
SOAP API Developer GuideSalesforce Developer Docs
Download WSDL FilesSalesforce Help

Was this entry helpful?

Help us write better definitions. Quick reactions or detailed edit suggestions.

About the Author

Dipojjal Chakrabarti is a B2C Solution Architect with 29 Salesforce certifications and over 13 years in the Salesforce ecosystem. He runs salesforcedictionary.com to help admins, developers, architects, and cert/interview candidates sharpen their fundamentals. More about Dipojjal.

Test your knowledge

Q1. What is WSC?

Q2. Is WSC the modern approach?

Q3. What language is it for?

Discussion

Loading…

Loading discussion…

Back to Dictionary