marketing-cloud-api
Use this skill when integrating Salesforce or external systems with Marketing Cloud Engagement REST or SOAP APIs — including OAuth 2.0 authentication, journey injection via /interaction/v1/events, triggered sends, and Data Extension row operations. Trigger keywords: MC API, Marketing Cloud REST, journey injection, triggered send, fire entry event, DE row upsert, dataeventsasync, Installed Package API integration. NOT for Salesforce core REST/SOAP APIs, MCAE/Pardot APIs, or Marketing Cloud Connect (CRM connector sync).
Best use case
marketing-cloud-api is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use this skill when integrating Salesforce or external systems with Marketing Cloud Engagement REST or SOAP APIs — including OAuth 2.0 authentication, journey injection via /interaction/v1/events, triggered sends, and Data Extension row operations. Trigger keywords: MC API, Marketing Cloud REST, journey injection, triggered send, fire entry event, DE row upsert, dataeventsasync, Installed Package API integration. NOT for Salesforce core REST/SOAP APIs, MCAE/Pardot APIs, or Marketing Cloud Connect (CRM connector sync).
Teams using marketing-cloud-api should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/marketing-cloud-api/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How marketing-cloud-api Compares
| Feature / Agent | marketing-cloud-api | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use this skill when integrating Salesforce or external systems with Marketing Cloud Engagement REST or SOAP APIs — including OAuth 2.0 authentication, journey injection via /interaction/v1/events, triggered sends, and Data Extension row operations. Trigger keywords: MC API, Marketing Cloud REST, journey injection, triggered send, fire entry event, DE row upsert, dataeventsasync, Installed Package API integration. NOT for Salesforce core REST/SOAP APIs, MCAE/Pardot APIs, or Marketing Cloud Connect (CRM connector sync).
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
# Marketing Cloud API
Use this skill when a task involves calling Marketing Cloud Engagement REST or SOAP APIs from Salesforce Apex, external systems, or integration middleware. It covers OAuth 2.0 authentication via Installed Package credentials, injecting contacts into journeys, firing triggered sends, and upserting rows into Data Extensions. Activate it when you see references to MC API endpoints, journey fire events, or dataeventsasync in the context.
---
## Before Starting
Gather this context before working on anything in this domain:
- Confirm the Marketing Cloud org has an **Installed Package** with an **API Integration** component. This is the only supported credential source for OAuth 2.0 client credentials flow. Legacy Fuel (AppCenter) credentials are deprecated.
- Identify the **tenant-specific subdomain** (also called MID subdomain). All REST and auth endpoints use `https://{{subdomain}}.auth.marketingcloudapis.com` and `https://{{subdomain}}.rest.marketingcloudapis.com`. A generic or shared endpoint URL is wrong.
- Know which resource you are targeting: a Journey (needs EventDefinitionKey and the exact entry source field names), a Triggered Send (needs TriggeredSendDefinition ExternalKey and the send must be in Started status), or a Data Extension (needs DE ExternalKey and field names matching DE schema exactly).
- Marketing Cloud REST API has **account-level throttling**. For bulk operations over ~100 rows, prefer the async endpoint (`dataeventsasync`) to avoid rate limit errors.
---
## Core Concepts
### OAuth 2.0 Client Credentials Flow
Both the REST and SOAP Marketing Cloud APIs require an OAuth 2.0 bearer token. The token is obtained by POSTing to the tenant-specific auth endpoint:
```
POST https://{{subdomain}}.auth.marketingcloudapis.com/v2/token
Content-Type: application/json
{
"grant_type": "client_credentials",
"client_id": "{{clientId}}",
"client_secret": "{{clientSecret}}"
}
```
The response contains `access_token` (a short-lived JWT, typically 20 minutes), `token_type: Bearer`, and `expires_in`. Cache the token and re-acquire only when it expires — do not request a new token for every API call. The token is then passed as `Authorization: Bearer {{access_token}}` on every subsequent request.
The Client ID and Client Secret come from the **API Integration** component inside an Installed Package in Marketing Cloud Setup. They are not Salesforce Connected App credentials.
### Journey Injection via Fire Entry Event
To inject a contact into a Journey, POST to:
```
POST https://{{subdomain}}.rest.marketingcloudapis.com/interaction/v1/events
Authorization: Bearer {{access_token}}
Content-Type: application/json
{
"ContactKey": "subscriber@example.com",
"EventDefinitionKey": "APIEvent-abc123",
"Data": {
"FirstName": "Jane",
"AccountTier": "Gold"
}
}
```
**Critical:** The field names inside `Data` must exactly match the field names configured on the journey's entry source schema — including case. If a field name is wrong or missing, the API returns HTTP 201 (Created) but the contact is silently dropped from the journey with no error. There is no retry or error callback.
`EventDefinitionKey` is found in Journey Builder under the journey's entry source settings, not the Journey's own key. These are different values.
### Triggered Sends
Triggered sends require a three-step lifecycle:
1. **Create** a `TriggeredSendDefinition` via SOAP API or Marketing Cloud Setup UI, specifying the email, subscriber list, and ExternalKey.
2. **Start** the definition (status must be `Active` / `Running`). Sending against a definition in `Draft` status returns an error.
3. **Fire** the send via REST:
```
POST https://{{subdomain}}.rest.marketingcloudapis.com/messaging/v1/messageDefinitionSends/key:{ExternalKey}/send
```
with a payload containing the subscriber's `To.Address` and `To.SubscriberKey`, plus any profile attribute substitutions.
### Data Extension Row Operations
Two patterns exist for writing rows to a Data Extension:
- **Synchronous upsert** (up to ~100 rows per call, recommended for real-time use cases):
```
POST /hub/v1/dataevents/key:{ExternalKey}/rowset
```
Blocks until rows are committed. Returns 200 on success.
- **Asynchronous bulk insert** (preferred for > 100 rows or high-volume batch jobs):
```
POST /hub/v1/dataeventsasync/key:{ExternalKey}/rowset
```
Returns immediately with a `requestId`. Poll `GET /hub/v1/dataeventsasync/{requestId}` to confirm completion. Use this pattern when throughput matters more than immediate confirmation.
---
## Common Patterns
### Pattern: Apex Callout for Journey Injection
**When to use:** Salesforce Apex code needs to fire a contact into a Marketing Cloud journey after a record change (e.g., Opportunity stage change triggers onboarding journey).
**How it works:**
1. Store Client ID, Client Secret, and subdomain in a Custom Metadata Type or Named Credential (never hardcode).
2. Make an Apex `HttpRequest` to the token endpoint; parse the `access_token` from the JSON response.
3. Build the journey injection payload with the correct `EventDefinitionKey` and `Data` object using the exact field names from the entry source schema.
4. POST to `/interaction/v1/events` with the bearer token.
5. Check the HTTP response code. A 201 means the request was accepted — not that the contact entered the journey. Log the response body for debugging.
**Why not a simple callout without token caching:** Each token request counts against API call limits. In a trigger or batch context, acquiring a new token per record will exhaust limits quickly.
### Pattern: Async DE Row Upsert for Bulk Sync
**When to use:** A nightly batch or platform event processor needs to sync hundreds or thousands of Salesforce records into a Marketing Cloud Data Extension.
**How it works:**
1. Batch records into chunks of up to 2,000 rows per request (check current limit in official docs).
2. POST each chunk to `dataeventsasync` endpoint and store the returned `requestId`.
3. After all chunks are submitted, poll each `requestId` until status is `Complete` or `Error`.
4. Log errors and implement retry logic only for `Error` status responses.
**Why not the synchronous endpoint:** The sync endpoint blocks the Apex thread and can time out on large datasets. The async endpoint decouples submission from confirmation and is the documented pattern for bulk operations.
---
## Decision Guidance
| Situation | Recommended Approach | Reason |
|---|---|---|
| New REST vs SOAP for new integration | Use REST API | REST is the documented preferred approach; simpler, JSON-native, broader support |
| Sending to < 100 DE rows in real-time | Sync upsert `/hub/v1/dataevents/.../rowset` | Immediate confirmation; simpler error handling |
| Sending > 100 DE rows or batch job | Async `/hub/v1/dataeventsasync/.../rowset` | Avoids throttling; decouples submission from confirmation |
| Contact must enter a Journey | POST `/interaction/v1/events` with exact field names | Journey injection is the only supported entry mechanism for API-triggered journeys |
| Sending a transactional email | Use Triggered Send via `/messaging/v1/messageDefinitionSends/...` | Designed for 1:1 transactional sends; journeys add unnecessary overhead |
| Authentication | OAuth 2.0 client credentials from Installed Package | Legacy Fuel credentials are deprecated; client credentials is the only current standard |
---
## Recommended Workflow
Step-by-step instructions for an AI agent or practitioner working on this task:
1. **Confirm credentials and endpoints:** Retrieve the Client ID, Client Secret, and tenant-specific subdomain from the Installed Package API Integration component. Verify the subdomain format is `{{MID}}.auth.marketingcloudapis.com` — not a generic URL.
2. **Acquire an OAuth 2.0 token:** POST to the `/v2/token` endpoint with `grant_type=client_credentials`. Parse and cache `access_token` and `expires_in`. Implement token refresh logic so the token is re-acquired before expiry, not on every call.
3. **Identify the target resource:** For journeys, locate the `EventDefinitionKey` from the entry source settings (not the journey key). For triggered sends, confirm the `TriggeredSendDefinition` exists and is in `Active` status. For DEs, confirm the DE ExternalKey and retrieve the field schema.
4. **Build the request payload:** Match field names exactly to the target resource schema. For journey injection, every field in `Data` must match entry source field names case-sensitively. For DE row operations, include all required fields or upsert will fail silently.
5. **Make the API call and handle the response:** A 201 for journey injection means accepted, not confirmed entry. A `requestId` from async DE insert requires polling. Log the full response body — Marketing Cloud error messages are in the body, not always in the status code.
6. **Validate end-to-end:** In Marketing Cloud, check Journey Builder contact history or DE row count to confirm records are processed, not just accepted.
---
## Review Checklist
Run through these before marking work in this area complete:
- [ ] Credentials come from an Installed Package API Integration component — not hardcoded, not Legacy Fuel
- [ ] Token is cached and refreshed before expiry, not requested per API call
- [ ] Journey injection payload uses the EventDefinitionKey from the entry source, not the journey key
- [ ] All field names in `Data` object exactly match the entry source schema (case-sensitive)
- [ ] TriggeredSendDefinition is in Active/Started status before firing sends
- [ ] Bulk DE operations use async endpoint and poll the requestId for completion status
- [ ] API responses are logged; errors from Marketing Cloud appear in response body, not only HTTP status codes
---
## Salesforce-Specific Gotchas
Non-obvious platform behaviors that cause real production problems:
1. **Journey injection silently drops contacts on field name mismatch** — If any field name in the `Data` object does not exactly match the entry source schema (including case), the API returns HTTP 201 but the contact never enters the journey. There is no error message and no retry. This is the most common cause of "contacts not entering the journey" bugs.
2. **TriggeredSendDefinition must be Started before firing** — Creating the definition is not enough. The definition must be explicitly started (status `Active`). Firing a send against a `Draft` definition returns an error, but the error message is not always obvious that status is the cause.
3. **Tenant-specific subdomain is mandatory — generic endpoints fail** — Marketing Cloud REST API endpoints are always tenant-specific: `https://{{subdomain}}.rest.marketingcloudapis.com`. Using a generic URL or the wrong tenant subdomain results in authentication failures or 404 errors that look like network issues.
---
## Output Artifacts
| Artifact | Description |
|---|---|
| OAuth 2.0 token acquisition snippet | Apex HttpRequest or REST client code to obtain and cache a bearer token from the MC token endpoint |
| Journey injection payload | JSON request body with EventDefinitionKey and Data object matching entry source schema |
| Triggered send sequence | Three-step setup: create definition, start it, fire the send POST request |
| DE row upsert request | Sync or async POST payload for Data Extension row operations with requestId polling for async |
---
## Related Skills
- `admin/marketing-cloud-connect` — use when configuring the CRM connector between Salesforce core and Marketing Cloud (not API-based integration)
- `integration/soap-api-patterns` — use when the integration requires SOAP API patterns in Salesforce core (not Marketing Cloud SOAP)
- `integration/oauth-flows-and-connected-apps` — use when managing OAuth flows for Salesforce core Connected Apps (not MC Installed Package credentials)Related Skills
experience-cloud-security
Use when configuring access controls, sharing, or site security for authenticated or guest Experience Cloud (community) users: external OWD, Sharing Sets, Share Groups, CSP, clickjack protection, guest user record access. NOT for internal sharing model configuration (use sharing-and-visibility).
headless-experience-cloud
Use when building custom frontends (React, Vue, mobile, static sites) that consume Salesforce CMS content via the Connect REST API headless delivery endpoint. Triggers: 'headless Salesforce CMS', 'deliver CMS content to external frontend', 'React app Salesforce content API', 'custom frontend Experience Cloud data', 'CMS delivery channel API'. NOT for standard Experience Builder site development. NOT for CMS Connect (3rd-party CMS federation into Experience Builder). NOT for Experience Cloud LWC components rendered inside a site.
experience-cloud-search-customization
Use this skill when configuring or extending search on an Experience Cloud site — covering Search Manager scope configuration, LWR vs Aura search component selection, federated search setup, guest user search access, and custom search result components. NOT for SOSL/SOQL query development. NOT for internal Salesforce global search or Einstein Search for agents.
experience-cloud-multi-idp-sso
Use this skill when configuring multiple identity providers (OIDC and/or SAML) on a single Experience Cloud site or across tenant-specific portals in the same org — covering auth provider registration, Start SSO URL routing, Federation ID mapping, RegistrationHandler implementation, and simultaneous SP+IdP topology. Trigger keywords: multiple identity providers Experience Cloud, multi-tenant SSO community portal, vendor and citizen portal same site, OIDC SAML both on login page, tenant-specific login routing community. NOT for internal Salesforce employee SSO configuration. NOT for single auth provider setups — see experience-cloud-authentication for basic SSO.
experience-cloud-lwc-components
Use when building custom LWC components for Experience Cloud (Experience Builder sites, LWR portals, Aura-based communities). Covers community context imports, guest user Apex access patterns, navigation API differences between LWR and Aura, and JS-meta.xml target configuration for Experience Builder exposure. NOT for internal LWC components deployed to Lightning App Builder or standard record pages (see lwc/lwc-development). NOT for Aura community components. Trigger keywords: build LWC for Experience Cloud, custom component community portal LWC, guest user LWC component, community context import salesforce, lightningCommunity target, @salesforce/community, guest Apex.
experience-cloud-authentication
Use when building custom login pages, social SSO flows, self-registration flows, or passwordless OTP login for Experience Cloud (community) sites. Trigger keywords: custom login page Experience Cloud, social SSO community portal, passwordless login Experience Cloud, self-registration custom flow, headless authentication community, auth provider OIDC SAML site. NOT for internal SSO configuration (use identity/sso skills). NOT for standard username/password authentication with no customization.
experience-cloud-api-access
Use this skill when configuring or troubleshooting API access for Experience Cloud external users and guest users: guest user Apex data access, Customer Community Plus or Partner Community REST/SOAP API access, external user OAuth scopes, and sharing enforcement on API responses. Trigger keywords: Experience Cloud API access external user, community user REST API, guest user API limits, Customer Community API permissions, external user OAuth. NOT for internal Salesforce API authentication, non-community OAuth flows, or internal user API security.
net-zero-cloud-setup
Use this skill when configuring Salesforce Net Zero Cloud — including Scope 1/2/3 emission source modeling via the StnryAssetCrbnFtprnt / VehicleAssetCrbnFtprnt / Scope3CrbnFtprnt object families, emission factor library setup (EmssnFctr / EmssnFctrSet), DPE-driven carbon calculation jobs, supplier engagement scoring, and CSRD / ESRS / TCFD disclosure pack mapping. Triggers on: Net Zero Cloud setup, Sustainability Cloud carbon accounting, Scope 1 2 3 emissions Salesforce, emission factor library, supplier engagement Net Zero, ESG disclosure pack mapping. NOT for ESG content scoring (use Marketing Cloud), NOT for general financial reporting (use Accounting Subledger), NOT for energy-only utility billing (use Energy & Utilities Cloud).
manufacturing-cloud-setup
Use this skill when configuring Salesforce Manufacturing Cloud — including Sales Agreement setup, Account-Based Forecasting (ABF) recalc jobs, run-rate management, Rebate Management programs, channel inventory tracking via Channel Revenue Management, and Group Membership / OrderItem-to-SalesAgreement reconciliation. Triggers on: Manufacturing Cloud setup, Sales Agreement Salesforce, account-based forecast recalculation, run rate manufacturing, rebate program setup, channel revenue management. NOT for general Sales Cloud opportunity-to-order flow (use standard Opportunity / Order), NOT for Field Service install-base management (use FSL skills), NOT for Automotive Cloud dealer modeling (use automotive-cloud-setup).
data-cloud-zero-copy-federation
Use this skill when configuring or troubleshooting Data Cloud Zero Copy / Lakehouse Federation against Snowflake, Databricks, BigQuery, or Redshift — including external Data Lake Object setup, query semantics through federation, refresh and cache behavior, and choosing federation versus physical ingestion. Triggers on: Data Cloud federated DLO setup, query latency against external warehouse, Snowflake/Databricks/BigQuery integration with Data Cloud, federation vs ingestion decision. NOT for physical Ingestion API streaming/bulk patterns (use data-cloud-integration-strategy), not for CRM Analytics external connectors (use analytics-external-data), not for outbound Data Cloud activation to external systems (use data-cloud-activation-development).
data-cloud-query-api
Use this skill when querying unified profile data, calculated insights, or Data Lake Objects from Data Cloud using ANSI SQL via the Query V2 or Query Connect APIs. Triggers on: SQL queries against Data Cloud, querying unified individuals, querying DMOs via API, paginating large Data Cloud result sets. NOT for SOQL queries against standard Salesforce objects, not for Data Cloud segment filtering in the UI, not for vector/semantic search (use data-cloud-vector-search-dev).
data-cloud-integration-strategy
Use this skill when designing or troubleshooting the data pipeline strategy for connecting source systems to Data Cloud — including ingestion API pattern selection (streaming vs. batch), connector type decisions, DSO-to-DLO-to-DMO pipeline lag, and lakehouse federation patterns. Triggers on: Data Cloud ingestion API setup, streaming vs batch connector decision, Data Cloud connector types, MuleSoft Direct for Data Cloud, data pipeline lag for segmentation. NOT for standard Salesforce integration patterns (use integration-patterns skill), not for querying Data Cloud once data is ingested (use data-cloud-query-api), not for configuring standard admin connectors through the UI only.