📋 Executive Summary
Third-party AppExchange apps (DocuSign, Conga, and hundreds more) bring powerful capabilities but introduce separate licensing agreements, costs, and compliance risks. Each ISV app requires its own license on top of Salesforce — users need both a Salesforce license and the ISV license to function.
This playbook provides guidance for CIOs, enterprise architects, procurement, and ITAM teams to manage AppExchange app licenses with the same rigor as core Salesforce licenses — through clear inventory tracking, proactive governance, effective negotiation strategies, and integration into broader IT asset governance.
📑 Table of Contents
Separate Licensing for AppExchange ISV Apps
Each AppExchange application comes with its own licensing terms and fees, separate from your Salesforce licensing. Installing an ISV app means maintaining two parallel subscriptions: one with Salesforce for the core platform and one with the ISV for their product. Your Salesforce contract does not cover AppExchange app costs.
A sales rep using Salesforce, DocuSign eSignature, and Conga Composer may consume three independent licenses: Salesforce (~$150/user/month) + DocuSign (~$20/user) + Conga (~$XX/user), all billed independently. Each vendor has different usage metrics — DocuSign may license per user or documents sent; Conga typically licenses per user.
Key Point: AppExchange apps are add-ons, not inclusions. They expand capabilities but come with their own entitlements, fees, and contracts that need to be tracked.
Nearly all third-party AppExchange apps require the user to have both an underlying Salesforce license and the ISV's license to function. Plan for each AppExchange app as an additional contract on top of Salesforce, with its own terms, pricing, and support structure. The ISV bills your company directly, even though the app is accessed within your Salesforce environment.
Inventory of Apps & Subscription Terms
| App (Vendor) | Licenses / Metric | Renewal Date | Annual Spend | Notes |
|---|---|---|---|---|
| DocuSign eSignature | 50 user licenses (5,000 envelopes/yr) | Dec 31, 2025 | $XX,XXX | Requires SF user for each DocuSign user. Overage fees if envelope allotment exceeded. |
| Conga Composer | 100 user licenses (unlimited docs) | Jun 30, 2025 | $YY,YYY | Used by Sales Ops for quotes. Ensure compatibility after SF seasonal upgrades. |
| XYZ Audit Tool (SF Labs) | Site license (free) | N/A | $0 | Free app, no contract. Still requires security review. |
📋 Maintain a Centralized App Inventory
Maintain an up-to-date inventory of all AppExchange apps installed in your Salesforce orgs. Include: app name/vendor, purpose, licenses purchased, current usage levels, contract dates, renewal dates, and commercial terms (cost, payment frequency).
Task the Salesforce admin team or ITAM team with producing a report of all "installed packages" on a regular cadence. Every ISV app in use should be logged in an asset register just like any other enterprise software. This prevents "forgotten" subscriptions.
Best Practice: Align or at least be aware of how ISV renewal dates relate to your Salesforce contract renewal dates. Many organizations co-term major ISV renewals with their Salesforce annual renewal for convenience.
📊 Track Licensing Models & Metrics
Different apps use different licensing schemes: per user, by usage (documents, data volume, transactions), or by org/edition. Note tier structures and overage policies. Document renewal terms — auto-renewal vs. manual, and advance notice requirements for cancellation or adjustment.
Dependencies: Capture what each app requires — specific Salesforce editions, API access, or other features. If an app is mission-critical, note its dependency on Salesforce data. This helps assess risk if you change Salesforce features or license types.
Governance & License Tracking
🔒 Establish App Installation Governance
Require approval from IT (architecture, security, procurement) before any AppExchange managed package installation. This prevents shadow IT patterns — departments initiating free trials that convert to paid subscriptions without oversight. Enterprise architects ensure apps don't duplicate existing functionality or violate data policies.
Policy: Just as new enterprise software goes through architecture review and security assessment, AppExchange apps should require clearance. Admins must obtain written sign-off before proceeding with production installation.
👥 License Assignment & Enforcement
Control who can access each app via Salesforce's license management screen (Installed Packages → Manage Licenses). Implement processes for granting and revoking app licenses — when employees leave or change roles, remove AppExchange access along with Salesforce access to free up licenses.
Regularly compare active users per app with purchased license counts. Never exceed provisioned counts — some apps won't technically prevent over-assignment, leaving you vulnerable to compliance issues. Conduct internal audits to identify discrepancies.
Watch For: Users with app access but no corresponding paid license (compliance risk), and licenses purchased but never assigned (wasted budget). Both should be addressed proactively.
📈 Monitor Usage & Prevent Untracked Spend
Track usage metrics for apps charging based on consumption (transaction limits, document quotas). Set up alerts before hitting caps to avoid expensive overages. Identify under-utilization — if only 30 of 50 purchased licenses are in use, consider downsizing at renewal.
Ensure all AppExchange procurement goes through a centralized process. Integrate into ITAM and Finance tracking systems so "hidden" spending is visible. CIOs should insist on a single view of Salesforce ecosystem costs including core licenses and all third-party add-ons.
True-Up Planning: If a project suddenly requires 20 more seats, have a procedure in place. Negotiate volume flexibility upfront or know per-unit add-on costs. Avoid unilateral user additions beyond licensed counts.
Negotiation Strategies for ISV App Licenses
Direct with ISV
Work with the ISV's sales team directly. Allows tailored contract terms, direct support relationship, and potentially more usage flexibility as a direct customer.
Through Salesforce AE
Salesforce can resell or facilitate AppExchange apps as part of your CRM deal. AEs get quota credit for influencing partner sales, so they have incentive to broker better ISV pricing for you.
💰 Bundle for Better Pricing
Leverage Salesforce renewal timing to also negotiate ISV apps. A 3-year Salesforce renewal is an excellent time to negotiate 3-year deals for key add-ons. By bundling discussions, the Salesforce AE can advocate for competitive ISV pricing — it contributes to the overall deal success and their quota.
Customers have secured double-digit percentage discounts on AppExchange products by making purchases contingent on favorable package deals. If planning multiple ISV apps, negotiating them simultaneously creates leverage even across different vendors.
Example: A CIO negotiating a Salesforce renewal informed the AE that an attractive DocuSign offer would influence the overall CRM renewal. The AE coordinated with DocuSign, resulting in an improved enterprise plan discount — a win-win where the customer simplified negotiations and got better pricing.
📝 Key Negotiation Tactics
Research benchmark pricing — understand typical pricing tiers and know about alternative apps for leverage. Commit to longer terms (3-year subscriptions) for locked-in pricing, but ensure flexibility (adjust-down rights, carry-over for unused volume). Negotiate price increase caps (e.g., no more than 5% per year).
Co-term renewals — align ISV app renewals with your Salesforce contract end date for maximum leverage next time. Clarify support — ensure you can work directly with ISV support for technical issues, not routed through Salesforce. Use independent advisors for high-value ISV contracts to get benchmark data and negotiation support.
Key Insight: Even ISV app prices are negotiable — nothing is a fixed rate. Just as Salesforce's prices are highly negotiable based on volume and deal size, ISVs have flexibility for enterprise customers and multi-year commitments.
📋 Need help negotiating Salesforce and ISV AppExchange contracts? Our independent advisors provide benchmark data and negotiation strategies across the entire Salesforce ecosystem.
Salesforce Negotiation →Risks of Unmanaged ISV Licensing
🔴 Compliance Risk
Users accessing apps without proper licenses violates vendor terms. ISVs can audit usage through Salesforce License Management App or telemetry. Overuse may trigger retroactive purchase requirements or penalties.
🔴 Budget Overruns & Cost Creep
Small per-user costs accumulate rapidly across departments. Over-provisioning and underutilization directly translate to wasted budget. Usage-based overage fees quietly accumulate without monitoring.
🔴 Shadow IT & Security Risks
Apps adopted without governance become shadow IT. Every AppExchange app accesses your Salesforce data — unreviewed apps may expose data to third parties without due diligence on GDPR/HIPAA compliance.
🔴 Operational Dependency
Deeply embedded apps (e.g., Conga for contract generation) create operational dependency. License lapses can halt business processes. Tight integration gives ISVs leverage to raise prices — switching is painful.
Unmanaged spend can ruin ROI calculations. You might measure Salesforce ROI but not account for the fact that for every $1 on Salesforce, you're spending $0.50+ on add-ons. Taking the holistic view — a single view of total Salesforce ecosystem costs — prevents underestimation of operating costs and enables informed budgeting.
Integrating ISV Apps into IT Asset Governance
📋 Policy Integration
Integrate AppExchange oversight into your existing ITAM and governance frameworks. Policies for software asset management (CMDB, asset register, reconciliations) should explicitly include cloud marketplace apps. Publish guidelines: "All SaaS applications including third-party apps installed within platforms like Salesforce must be approved and tracked by ITAM."
Signal: This formally recognizes AppExchange apps as part of the IT portfolio. Even if a tool is obtained through a SaaS marketplace, it is not exempt from oversight.
🔄 ITAM Process Adjustments
Include AppExchange license counts and costs in regular license audits and true-up exercises. Configure SAM tools (Flexera, ServiceNow SAM) to ingest data from Salesforce APIs about installed packages and license assignments.
Renewal management: Treat each ISV app as a vendor contract to diarize. Trigger reviews 90 days before renewal — check usage vs. entitlement, confirm business value, then decide to renew, cancel, or renegotiate. This enables proactive decisions rather than last-minute renewals.
Governance Board: Include AppExchange apps in periodic IT governance board reviews. Present a dashboard of all third-party apps: what they do, cost, and any upcoming renewals or compliance flags.
👥 Training, Ownership & Vendor Management
Educate Salesforce admins, power users, and procurement on managing ISV licenses. Provide a simple intake form for new AppExchange requests covering licensing requirements, data access, and business justification.
Assign a business owner for each app (e.g., Sales Ops owns Conga; Legal owns e-signature). These owners confirm the app is still needed and usage is right-sized. For critical apps, include them in disaster recovery and continuity planning.
Vendor Management: Apply the same vendor scorecard evaluations (performance, support quality, financial stability) as larger software suppliers. Embed ISV apps into all lifecycle stages — request, procurement, deployment, monitoring, renewal, and retirement.
Recommendations & Action Plan
✅ 10-Step CIO Action Plan
- Establish ownership & inventory — Assign ITAM team or Salesforce product owner to maintain the full inventory of AppExchange apps. Start with a complete audit of all installed packages and their licensing status.
- Implement governance policy — Require approval for any new AppExchange installation. Review licensing terms, security, and overlap with existing tools before production deployment.
- Centralize contract & renewal tracking — Log all ISV contracts in a contract management system. Alert procurement 3–6 months before renewals. Conduct mini-audits of usage vs. entitlement for each app.
- Proactively manage license allocation — Quarterly or bi-annual reconciliation of AppExchange license assignments. Remove unused licenses. Report findings: "Q2 review shows 10 of 60 DocuSign seats unused — reducing at renewal."
- Integrate into IT financial planning — Include a "Salesforce AppExchange Add-ons" line item in IT budgets. Track ROI for each app. Ensure executives see the total Salesforce ecosystem cost, not just the core CRM number.
- Leverage negotiation opportunities — Treat ISV procurement with the same rigor as major software negotiations. Don't accept list prices. Time negotiations with Salesforce renewals for maximum leverage.
- Negotiate contract protections — Include price increase caps, rights to reduce license counts at renewal, clarity on overage charges, and data security/compliance clauses aligned with company standards.
- Monitor vendor performance post-deployment — Set KPIs to measure app effectiveness. Maintain regular contact with vendors for critical apps. Watch for upselling and scope creep in usage.
- Engage independent licensing experts — For complex negotiations or audits, bring in independent advisors for benchmark data, compliance gap identification, and negotiation support.
- Continuous improvement & review — After each renewal, debrief on lessons learned. Update processes. Stay informed on Salesforce ecosystem changes. Follow communities and analyst research for AppExchange trends.
Key Takeaways
Separate but Connected
AppExchange apps are separate contracts from Salesforce but deeply connected operationally. Manage them with the same rigor as core Salesforce licenses — inventory, governance, negotiation, and ongoing optimization.
Negotiate Everything
ISV app prices are negotiable. Bundle with Salesforce renewals for leverage. Commit to longer terms for better pricing. Use independent advisors for high-value contracts. Never accept list price without pushing back.
Prevent Shadow IT
Require approval for all AppExchange installations. Centralize procurement and financial tracking. Integrate into ITAM frameworks. Every app accessing your Salesforce data deserves security and compliance review.
Total Cost Visibility
CIOs need a single view of the entire Salesforce ecosystem cost — core licenses plus all third-party add-ons. Without this holistic view, ROI calculations are misleading and budget overruns are invisible.
Salesforce Advisory Services
Frequently Asked Questions
Related Salesforce Articles
Salesforce Org Strategy: Consolidation vs. Multi-Org
Strategic guide to managing multiple Salesforce orgs — licensing implications, contract consolidation, and global enterprise agreements.
Expert Guide to Negotiating Salesforce SELAs
Comprehensive guide to Salesforce Enterprise License Agreements — structure, negotiation tactics, and optimization.
Salesforce Contract Renewal: Cut Costs & Strengthen Position
Tactics for reducing renewal costs and negotiating stronger contractual terms with Salesforce.
Enterprise Salesforce Vendor Management Guide
Comprehensive guide to managing Salesforce as a strategic vendor relationship across the enterprise.
CIO Playbook for Salesforce Licensing Optimization
Strategic playbook for CIOs to optimize Salesforce licensing, reduce shelfware, and maximize ROI.
Salesforce License Negotiation: A Beginner's Guide
Foundational guide to Salesforce licensing structures, negotiation strategies, and cost optimization.
Optimize Your Salesforce Ecosystem Licensing
Our independent advisors help enterprises manage the full Salesforce ecosystem — core licenses, ISV AppExchange apps, enterprise agreements, and contract negotiations.
Fredrik Filipsson
Fredrik Filipsson brings 20+ years of enterprise software licensing expertise, including experience working directly for IBM, SAP, and Oracle. He has helped hundreds of organizations — including numerous Fortune 500 companies — optimize Salesforce licensing, negotiate ISV app contracts, and develop governance frameworks that control costs while maximizing platform value.