Newer Version Available
Security Review and AppExchange Listing Fees
Expect to pay a one-time, upfront total of $2,700 USD to initiate the security review process for most solutions. This payment includes a $2,550 security review fee and $150 first-year AppExchange listing fee. Also expect to pay the $150 AppExchange listing fee annually after the first year. The annual listing fee includes reviews for updates to solutions already listed on AppExchange.
Fees are refundable. Refund requests must be made within 180 days of payment.
If you have questions about security review or listing fees, contact your Partner Account Manager or log a support case in the Salesforce Partner Community.
Here’s a detailed breakdown of the fees.
| Review Type | Security Review Fee | Annual Listing Fee |
|---|---|---|
| Initial review of a paid solution | $2,550 USD |
|
| All reviews of free solutions | No charge |
|
| Follow-up review of a paid solution resubmitted after addressing issues detected in a previous security review | No extra fee—a limited number of follow-up reviews are included in the security review fee paid at original submission of solution |
|
| Periodic re-review of a previously approved, listed, paid solution | No extra fee—cost included in the security review fee paid at original submission of solution |
|
When you submit your solution for an initial review, be prepared to pay the review and first-year listing fees. There are no fees for solutions that you distribute for free on AppExchange.
When you submit a solution for a follow-up or re-review, you’re always prompted to confirm your credit card information. However, you’re not always charged.
- You resubmit a solution that fixes security issues discovered in an initial review. Your resubmission exclusively fixes issues discovered in an initial security review, and you fix the code in the existing package. We conduct a follow-up review. If you make other revisions, such as functionality changes, we require that the revised solution go through an initial security review. That’s also true if you spin up a new package for the revised code.
- You list a new version of a package that we previously approved.. You upload the new version to AppExchange and associate it with your listing. To identify security vulnerabilities, we run a source code scan. This scan is included in the annual listing fee.
- You create a managed package to upgrade your offering. You develop the new version in a package that we previously approved. The upgrade is automatically approved when you submit it for review. You can immediately associate the new version to your listing. We review the new version 6 months to 2 years after the solution is listed, depending on potential risk of the solution. The review is included in the initial security review fee.