Skip to main content

SF-0099 · Concept · Medium

What are outbound messages? Or How can we send a message or data using outbound messages?

✓ Verified by Vikas Singhal · Last reviewed 5/17/2026 · Updated for Spring '26

An outbound message is a SOAP-formatted XML payload that Salesforce sends to an external HTTPS endpoint when a workflow rule or approval process fires the matching action. It’s the platform’s no-code outbound integration mechanism — you pick the fields, the endpoint URL, and Salesforce handles the call.

How they work

  1. Configure the outbound message in Setup: pick the object, the fields to include, and the target endpoint URL.
  2. Reference it from a workflow rule action (or approval action). When the rule fires, the message goes into a queue.
  3. Salesforce sends the SOAP XML to your endpoint over HTTPS.
  4. Your endpoint must respond with <Ack>true</Ack>. If it doesn’t, Salesforce retries with exponential backoff for up to 24 hours.

The XML payload shape

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Body>
    <notifications xmlns="http://soap.sforce.com/2005/09/outbound">
      <OrganizationId>00D...</OrganizationId>
      <ActionId>04k...</ActionId>
      <SessionId>00D...!...</SessionId>
      <EnterpriseUrl>https://login.salesforce.com/services/Soap/c/...</EnterpriseUrl>
      <PartnerUrl>https://login.salesforce.com/services/Soap/u/...</PartnerUrl>
      <Notification>
        <Id>04l...</Id>
        <sObject xsi:type="sf:Opportunity">
          <sf:Id>006...</sf:Id>
          <sf:Name>Acme - 50,000 widgets</sf:Name>
          <!-- ... selected fields ... -->
        </sObject>
      </Notification>
    </notifications>
  </soapenv:Body>
</soapenv:Envelope>

The SessionId lets your endpoint call back into Salesforce on behalf of the user, if you need to.

When to use outbound messages

Use outbound message when…Use something else when…
You need a simple “ping the external system with this record’s data”You need fine-grained control over headers, auth, or REST shape — use Apex callout
The external system is happy with SOAPThe external system only does REST — use Flow HTTP Callout or Apex
You want it 100% declarativeYou need OAuth, JWT, dynamic auth — Apex or Named Credentials

Limits and gotchas

  • Endpoint must be HTTPS with a Salesforce-trusted certificate
  • Body is SOAP only — there’s no REST/JSON variant
  • Max retry window is 24 hours; after that, the message is discarded and a notification fires
  • Endpoint URL changes require updating the outbound message definition (use Named Credentials if you can)
  • Failed messages appear in Setup → Outbound Messages → View Message Delivery Status

The modern alternative — Flow HTTP Callout

In 2026, the recommended path for new declarative outbound integration is Flow + HTTP Callout (with External Services and Named Credentials). It supports REST, JSON, and proper auth. Outbound messages are still around for legacy compatibility but are not where new development should start.

What interviewers want

  • A clear definition: SOAP XML pushed to an HTTPS endpoint from a workflow rule
  • The retry behaviour: 24-hour exponential backoff
  • Knowledge that Flow HTTP Callout is the modern replacement

Verified against: Salesforce Help — Outbound Messages. Last reviewed 2026-05-17 for Spring ‘26 release.