< go back

What type of API calls does Hubbl make on my org when performing a scan?

We perform only read-only operations on connected orgs:

  • We make GET requests to the Metadata API
  • We make GET requests to the REST API
  • We make GET requests to the Tooling API

Due to the way metadata list/retrieve permissions work in Salesforce, we do required Modify Metadata, because there is no read only equivalent to that permission.

We will never modify client data or metadata. If a scanning user does not have Create/Read/Update/Delete (CRUD) or Field Level Security (FLS) permissions on certain objects and fields, we cannot report on them.

Can't find what you're looking for?

submit a case