Publishing on the Salesforce AppExchange — A Checklist

Oct 19, 2018 · 2 min read

There is a lot of documentation on various aspects of the Salesforce ISV publishing process, but we realised that there wasn’t a simple list that called out all tasks across the product, engineering and commercial aspects of the process. To that end, the below will serve as exactly that hopefully making your publishing journey a little clearer.

I’ve also noted who should be responsible for driving each task.

Phase 1 — Code & Contracts

  1. Build an awesome app, wrap it in a managed package — ISV
  2. Create your package listing in the Partner Portal — ISV
  3. Complete the business plan section of your package listing — ISV
  4. Technical review meeting — Salesforce & ISV
  5. Business plan approval — Salesforce
  6. Sign-off a partner agreement — ISV & Salesforce (this can be done at any time before submitting your app for security review)

Phase 2 — Security & Documentation

  1. Prepare your managed package for review — ISV
  2. Perform various security scans:
  • Checkmarx — your ISV app
  • Chimera — any external to Salesforce application that you control
  • ZAP — any 3rd party application components you don’t own

3. Prepare application documentation — ISV

  • Key user flows
  • Technical architecture
  • Security exceptions AKA false positives that you can justify

Phase 3 — Let’s do this Thang

  1. Book an office hours meeting with the security review team
  2. Set up test environments for SF team — ISV
  3. Pay security review fee — ISV
  4. Complete security review wizard — ISV
  5. Submit for review, wait a few weeks — SF & ISV
  6. If you fail, review issues and fix. Open a case with Salesforce once done for the re-review — ISV
  7. If you pass, complete AppExchange listing and publish!

I hope that helps, best of luck 🖖🏼

We’re hiring! If you’re a Salesforce Developer that would like work alongside two Certified Technical Architects please have a look here.


The Smartest Travel & Expense Platform on Earth


Written by


Technology Executive, currently CTO @ SalesTrip.



The Smartest Travel & Expense Platform on Earth

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade