Step-by-Step Guide: Building and Publishing a Salesforce App on AppExchange
1. Define DevHub Org
A DevHub is the Salesforce org that allows you to create and manage scratch orgs and second-generation packages (2GP). It acts as the central hub for your Salesforce app development lifecycle.
๐ Know more about DevHub
Steps to enable DevHub:
- Go to Setup → Search for Dev Hub.
- Enable Dev Hub and Unpackaged Metadata Tracking.
2. Create Scratch Org
A scratch org is a temporary, source-driven Salesforce org for development and testing.
๐ Know more about Scratch Orgs
Steps:
- Authenticate with DevHub: sf auth:web:login -d -a DevHub
- Create org: sf org create scratch --definition-file config/project-scratch-def.json --no-namespace --duration-days 30
- Create Password for Scratch Org: sf force:user:password:generate –targetusername "Username"
๐ก Looking for expert guidance in packaging and publishing your app? ๐ Hire AppExchange Developers
3. Create Beta Version Package
Beta packages are test versions of your app.
Steps:
- Retrieve all the components using Package XML file.
- Create package: sf force:package:create --name Kitaracloud-Partner --description "Kitaracloud Partner" --path force-app --packagetype Unlocked --targetdevhubusername DevHub
- Create beta version: sf force:package:beta:version:create --package "Kitaracloud Partner" --installationkeybypass --wait 20 --codecoverage --targetdevhubusername DevHub
4. Run Force.com Code Scanner
The Force.com Code Scanner ensures code quality and security.
Link: Force.com Code Scanner portal
Link: Force.com Code Scanner portal
5. Run PMD Code Scan
PMD identifies bad practices and performance issues.
Steps:
- Install PMD.
- Run: sf plugins install @salesforce/sfdx-scanner
- 1st command: sf scanner:run --format=csv --outfile=CodeAnalyzerGeneral.csv --target="./" --category="Security"
- 2nd command: sf scanner:run:dfa --format=csv --outfile=CodeAnalyzerDFA.csv --target="./" --projectdir="./" --category="Security"
- Review and fix issues.
6. Promote Package to Managed Version
Managed packages are required for AppExchange listing.
Steps:
- Promote beta: sf force:package:version:promote -p "04tXXXXXXXXXXXX"
- Share managed package link for validation.
โก Need expert help with Salesforce setup, integration, or end-to-end rollout?
๐ Check out our Implementation Services
๐ Salesforce Development Services
๐ Check out our Implementation Services
๐ Salesforce Development Services
7. Get Security Review Passed from Salesforce
Salesforce requires apps to pass a security review before listing.
Tips:
- Follow Salesforce ISV Security Guide.
- Avoid storing sensitive data in logs.
- Implement CRUD/FLS checks.
8. List Product on AppExchange
After passing security review, create a listing on AppExchange.
๐ Want to extend your apps with communities and portals? ๐ Explore our Salesforce Experience Cloud Services
Steps:
- Login to Partner Community.
- Go to Publishing → Listings.
- Add product details, pricing, screenshots, and package link.
- Submit for Salesforce approval.
๐ก Need help building and publishing your Salesforce app? ๐ Reach out to us
๐ก Ready to build and launch your Salesforce app?
๐ Explore our AppExchange Services and AppExchange Development to get started.
๐ Explore our AppExchange Services and AppExchange Development to get started.
