Quality and evaluation framework for successful AI apps and agents in Microsoft Marketplace
Why quality in AI is different — and why it matters for Marketplace Traditional software quality spans many dimensions — from performance and reliability to correctness and fault tolerance — but once those characteristics are specified and validated, system behavior is generally stable and repeatable. Quality is assessed through correctness, reliability, performance, and adherence to specifications. AI apps and agents change this equation. Their behavior is inherently non-deterministic and context‑dependent. The same prompt can produce different responses depending on model version, retrieval context, prior interactions, or environmental conditions. For agentic systems, quality also depends on reasoning paths, tool selection, and how decisions unfold across multiple steps — not just on the final output. This means an AI app can appear functional while still falling short on quality: producing responses that are inconsistent, misleading, misaligned with intent, or unsafe in edge cases. Without a structured evaluation framework, these gaps often surface only in production — in customer environments, after trust has already been extended. For Microsoft Marketplace, this distinction matters. Buyers expect AI apps and agents to behave predictably, operate within clear boundaries, and remain fit for purpose as they scale. Quality measurement is what turns those expectations into something observable — and that visibility is what determines Marketplace readiness. This post is part of a series on building and publishing well-architected AI apps and agents on Microsoft Marketplace. How quality measurement shapes Marketplace readiness AI apps and agents that can demonstrate quality — with documented evaluation frameworks, defined release criteria, and evidence of ongoing measurement — are easier to evaluate, trust, and adopt. Quality evidence reduces friction during Marketplace review, clarifies expectations during customer onboarding, and supports long-term confidence in production. When quality is visible and traceable, the conversation shifts from "does this work?" to "how do we scale it?" — which is exactly where publishers want to be. Publishers who treat quality as a first-class discipline build the foundation for safe iteration, customer retention, and sustainable growth through Microsoft Marketplace. That foundation is built through the decisions, frameworks, and evaluation practices established long before a solution reaches review. What "quality" means for AI apps and agents Quality for AI apps and agents is not a single metric — it spans interconnected dimensions that together define whether a system is doing what it was built to do, for the people it was built to serve. The HAX Design Library — Microsoft's collection of human-AI interaction design patterns — offers practical guidance for each one. These dimensions must be defined before evaluation begins. You can only measure what you have first described. Accuracy and relevance — does the output reflect the right answer, grounded in the right context? HAX patterns Make clear what the system can do (G1) and notify users when the AI is uncertain (G10) help publishers design systems where accuracy is visible and outputs are understood in the right context — not treated as universally authoritative. Safety and alignment — does the output stay within intended use, without harmful, biased, or policy-violating content? HAX patterns Mitigate social biases (G6) and Support efficient correction (G9) help ensure outputs stay within acceptable boundaries — and that users can identify and address issues before they cause downstream harm. Consistency and reliability — does the system behave predictably across users, sessions, and environments? HAX patterns Remember recent interactions (G12) and notify users about changes (G18) keep behavior coherent within sessions and ensure updates to the model or prompts are never silently introduced. Fitness for purpose — does the system do what it was designed to do, for the people it was designed to serve, in the conditions it will actually operate in? HAX patterns make clear how well the system can do what it does (G2) and Act on the user's context and goals (G4) ensure the system responds to what users actually need — not just what they literally typed. These dimensions work together — and gaps in any one of them will surface in production, often in ways that are difficult to trace without a deliberate evaluation framework. Designing an evaluation framework before you ship Evaluation frameworks should be built alongside the solution. At the end, gaps are harder and costlier to close. The discipline mirrors the design-in approach that applies to security and governance: decisions made early shape what is measurable, what is improvable, and what is ready to ship. A well-structured evaluation framework defines five things: What to measure — the quality dimensions that matter most for this solution and its intended use cases. For AI apps and agents, this typically includes task adherence, response coherence, groundedness, and safety — alongside the fitness-for-purpose dimensions defined in the previous section. How to measure it — the methods, tools, and benchmarks used to assess quality consistently. Effective evaluation combines AI-assisted evaluators (which use a model as a judge to score outputs), rule-based evaluators (which apply deterministic logic), and human review for edge cases and safety-relevant responses that automated methods cannot fully capture. Who evaluates — the right combination of automated metrics, human review, and structured customer feedback. No single method is sufficient; the framework defines how each is applied and when human judgment takes precedence. When to evaluate — at defined milestones: during development to establish a baseline, pre-release to validate against acceptance thresholds, at rollout to catch regression, and continuously in production to detect drift as models, prompts, and data evolve. What triggers re-evaluation — model updates, prompt changes, new data sources, tool additions, or meaningful shifts in customer usage patterns. Re-evaluation should be a scheduled and triggered discipline, not an ad hoc response to visible failures. The framework becomes a shared artifact — used by the publisher to release safely, and by customers to understand what quality commitments they are adopting when they deploy the solution in their environment. Evaluate your AI agents - Microsoft Foundry | Microsoft Learn Evaluation methods for AI apps and agents Quality must be assessed across complementary approaches — each designed to surface a different category of risk, at a different stage of the solution lifecycle. Automated metric evaluation — evaluators assess agent responses against defined criteria at scale. Some use AI models as judges to score outputs like task adherence, coherence, and groundedness; others apply deterministic rules or text similarity algorithms. Automated evaluation is most effective when acceptance thresholds are defined upfront — for example, a minimum task adherence pass rate before a release proceeds. Safety evaluation — a dedicated evaluation category that identifies potential content risks, policy violations, and harmful outputs in generated responses. Safety evaluators should run alongside quality evaluators, not as a separate afterthought. Human-in-the-loop evaluation — structured expert review of edge cases, borderline outputs, and safety-relevant responses that automated metrics cannot fully capture. Human judgment remains essential for interpreting context, intent, and impact. Red-teaming and adversarial testing — probing the system with challenging, unexpected, or intentionally misused inputs (including prompt injection attempts and tool misuse) to surface failure modes before customers encounter them. Microsoft provides dedicated AI red teaming guidance for agent-based systems. Customer feedback loops — structured collection of real-world signals from users interacting with the system in production. Production feedback closes the gap between what was tested and what customers actually experience. Each method has a distinct role. The evaluation framework defines when and how each is applied — and which results are required before a release proceeds, a change is accepted, or a capability is expanded. Defining release criteria and ongoing quality gates Quality evaluation only drives improvement when it is connected to clear release criteria. In an LLMOps model, those criteria are automated gates embedded directly into the CI/CD pipeline, applied consistently at every stage of the release cycle. In continuous integration (CI), automated evaluations run with every change — whether that change is a prompt update, a model version, a new tool, or a data source modification. CI gates catch regressions early, before they reach customers, by validating outputs against predefined quality thresholds for task adherence, coherence, groundedness, and safety. In continuous deployment (CD), quality gates determine whether a build is eligible to proceed. Release criteria should define: Minimum acceptable thresholds for each quality dimension — a release does not proceed until those thresholds are met Known failure modes that block release outright versus those that are tracked, monitored, and accepted within defined risk tolerances Deployment constraints — conditions under which a release is paused, rolled back, or progressively expanded to a subset of users before full rollout Ongoing evaluation must be scheduled and triggered. As models, prompts, tools, and customer usage patterns evolve, the baseline shifts. LLMOps treats re-evaluation as a continuous discipline: run evaluations, identify weak areas, adjust, and re-evaluate before changes propagate. This connects directly to governance. Quality evidence — the record of what was measured, when, and against what criteria — is part of the audit trail that makes AI behavior accountable, explainable, and trustworthy over time. For more on the governance foundation this builds on, see Governing AI apps and agents for Marketplace readiness. Quality across the publisher-customer boundary Clear quality ownership reduces friction at onboarding, builds confidence during operation, and protects both parties when behavior deviates. In the Marketplace context, quality is a shared responsibility — but the boundaries are distinct. Publishers are responsible for: Designing and running the evaluation framework during development and release Defining quality dimensions and thresholds that reflect the solution's intended use Providing customers with transparency into what quality means for this solution — without exposing proprietary prompts or internal logic Customers are responsible for: Validating that the solution performs appropriately in their specific environment, with their data and their users Configuring feedback and monitoring mechanisms that surface quality signals in their tenant Treating quality evaluation as a shared ongoing responsibility, not a one-time publisher guarantee When both sides understand their role, quality stops being a handoff and becomes a foundation — one that supports adoption, sustains trust, and enables both parties to respond confidently when behavior shifts. What's next in the journey A strong quality framework sets the baseline — but keeping that quality visible as solutions scale is its own discipline. The next posts in this series explore what comes after the framework is in place: API resilience, performance optimization, and operational observability for AI apps and agents running in production environments. Key resources See curated, step-by-step guidance to help you build, publish, or sell your app or agent (no matter where you start) in App Advisor Quick-Start Development Toolkit can connect you with code templates for AI solution patterns Microsoft AI Envisioning Day Events How to build and publish AI apps and agents for Microsoft Marketplace Get over $126K USD in benefits and technical consultations to help you replicate and publish your app with ISV SuccessDesigning AI guardrails for apps and agents in Marketplace
Why guardrails are essential for AI apps and agents AI apps and agents introduce capabilities that go beyond traditional software. They reason over natural language, interact with data across boundaries, and—in the case of agents—can take autonomous actions using tools and APIs. Without clearly defined guardrails, these capabilities can unintentionally compromise confidentiality, integrity, and availability, the foundational pillars of information security. From a confidentiality perspective, AI systems often process sensitive prompts, contextual data, and outputs that may span customer tenants, subscriptions, or external systems. Guardrails ensure that data access is explicit, scoped, and enforced—rather than inferred through prompts or emergent model behavior. From an availability perspective, AI apps and agents can fail in ways traditional software does not — such as runaway executions, uncontrolled chains of tool calls, or usage spikes that drive up cost and degrade service. Guardrails address this by setting limits on how the system executes, how often it calls tools, and how it behaves when something goes wrong. For Marketplace-ready AI apps and agents, guardrails are foundational design elements that balance innovation with security, reliability, and responsible AI practices. By making behavioral boundaries explicit and enforceable, guardrails enable AI systems to operate safely at scale—meeting enterprise customer expectations and Marketplace requirements from day one. This post is part of a series on building and publishing well-architected AI apps and agents on Microsoft Marketplace. Using Open Worldwide Application Security Project (OWASP) GenAI Top 10 as a guardrail design lens The OWASP GenAI Top 10 provides a practical framework for reasoning about AI‑specific risks that are not fully addressed by traditional application security models. It helps teams identify where assumptions about trust, input handling, autonomy, and data access are most likely to break down in AI‑driven systems. However, not all OWASP risks apply equally to every AI app or agent. Their relevance depends on factors such as: Agent autonomy, including whether the system can take actions without human approval Data access patterns, especially cross‑tenant, cross‑subscription, or external data retrieval Integration surface area, meaning the number and type of tools, APIs, and external systems the agent connects to Because of this variability, OWASP should not be treated as a checklist to implement wholesale. Doing so can lead teams to over‑engineer controls in low‑risk areas while leaving critical gaps in places where autonomy, data movement, or tool execution create real exposure. Instead, OWASP is most effective when used as a design lens — to inform where guardrails are needed and what behaviors require explicit boundaries. Understanding risks and enforcing boundaries are two different things. OWASP tells you where to look; guardrails are what you actually build. The goal is not to eliminate all risk, but to use OWASP insights to design selective, intentional guardrails that align with the system's architecture, autonomy, and operating context. Translating AI risks into architectural guardrails OWASP GenAI Top 10 helps identify where AI systems are vulnerable, but guardrails are what make those risks enforceable in practice. Guardrails are most effective when they are implemented as architectural constraints—designed into the system—rather than as runtime patches added after risky behavior appears. In AI apps and agents, many risks emerge not from a single component, but from how prompts, tools, data, and actions interact. Architectural guardrails establish clear boundaries around these interactions, ensuring that risky behavior is prevented by design rather than detected too late. Common guardrail categories map naturally to the types of risks highlighted in OWASP: Input and prompt constraints Address risks such as prompt injection, system prompt leakage, and unintended instruction override by controlling how inputs are structured, validated, and combined with system context. Action and tool‑use boundaries Mitigate risks related to excessive agency and unintended actions by explicitly defining which tools an AI app or agent can invoke, under what conditions, and with what scope. Data access restrictions Reduce exposure to sensitive information disclosure and cross‑boundary leakage by enforcing identity‑aware, context‑aware access to data sources rather than relying on prompts to imply intent. Output validation and moderation Help contain risks such as misinformation, improper output handling, or policy violations by treating AI output as untrusted and subject to validation before it is acted on or returned to users. What matters most is where these guardrails live in the architecture. Effective guardrails sit at trust boundaries—between users and models, models and tools, agents and data sources, and control planes and data planes. When guardrails are embedded at these boundaries, they can be applied consistently across environments, updates, and evolving AI capabilities. By translating identified risks into architectural guardrails, teams move from risk awareness to behavioral enforcement. This shift is foundational for building AI apps and agents that can operate safely, predictably, and at scale in Marketplace environments. Design‑time guardrails: shaping allowed behavior before deployment The OWASP GenAI Top 10 provides a practical framework for reasoning about AI specific risks that are not fully addressed by traditional application security models. It helps teams identify where assumptions about trust, input handling, autonomy, and data access are most likely to break down in AI driven systems. However, not all OWASP risks apply equally to every AI app or agent. Their relevance depends on factors such as: Agent autonomy, including whether the system can take actions without human approval Data access patterns, especially cross-tenant, cross subscription, or external data retrieval Integration surface area, meaning the number and type of tools, APIs, and external systems the agent connects to Because of this variability, OWASP should not be treated as a checklist to implement wholesale. Doing so can lead teams to over engineer controls in low risk areas while leaving critical gaps in places where autonomy, data movement, or tool execution create real exposure. Instead, OWASP is most effective when used as a design lens — to inform where guardrails are needed and what behaviors require explicit boundaries. Understanding risks and enforcing boundaries are two different things. OWASP tells you where to look; guardrails are what you actually build. The goal is not to eliminate all risk, but to use OWASP insights to design selective, intentional guardrails that align with the system's architecture, autonomy, and operating context. Runtime guardrails: enforcing boundaries as systems operate For Marketplace publishers, the key distinction between monitoring and runtime guardrails is simple: Monitoring tells you what happened after the fact. Runtime guardrails are inline controls that can block, pause, throttle, or require approval before an action completes. If you want prevention, the control has to sit in the execution path. At runtime, guardrails should constrain three areas: Agent decision paths (prevent runaway autonomy) Cap planning and execution. Limit the agent to a maximum number of steps per request, enforce a maximum wall‑clock time, and stop repeated loops. Apply circuit breakers. Terminate execution after a specified number of tool failures or when downstream services return repeated throttling errors. Require explicit escalation. When the agent’s plan shifts from “read” to “write,” pause and require approval before continuing. Tool invocation patterns (control what gets called, how, and with what inputs) Enforce allowlists. Allow only approved tools and operations, and block any attempt to call unregistered endpoints. Validate parameters. Reject tool calls that include unexpected tenant identifiers, subscription scopes, or resource paths. Throttle and quota. Rate‑limit tool calls per tenant and per user, and cap token/tool usage to prevent cost spikes and degraded service. Cross‑system actions (constrain outbound impact at the boundary you control) Runtime guardrails cannot “reach into” external systems and stop independent agents operating elsewhere. What publishers can do is enforce policy at your solution’s outbound boundary: the tool adapter, connector, API gateway, or orchestration layer that your app or agent controls. Concrete examples include: Block high‑risk operations by default (delete, approve, transfer, send) unless a human approves. Restrict write operations to specific resources (only this resource group, only this SharePoint site, only these CRM entities). Require idempotency keys and safe retries so repeated calls do not duplicate side effects. Log every attempted cross‑system write with identity, scope, and outcome, and fail closed when policy checks cannot run. Done well, runtime guardrails produce evidence, not just intent. They show reviewers that your AI app or agent enforces least privilege, prevents runaway execution, and limits blast radius—even when the model output is unpredictable. Guardrails across data, identity, and autonomy boundaries Guardrails don't work in silos. They are only effective when they align across the three core boundaries that shape how an AI app or agent operates — identity, data, and autonomy. Guardrails must align across: Identity boundaries (who the agent acts for) — represent the credentials the agent uses, the roles it assumes, and the permissions that flow from those identities. Without clear identity boundaries, agent actions can appear legitimate while quietly exceeding the authority that was actually intended. Data boundaries (what the agent can see or retrieve) — ensuring access is governed by explicit authorization and context, not by what the model infers or assumes. A poorly scoped data boundary doesn't just create exposure — it creates exposure that is hard to detect until something goes wrong. Autonomy boundaries (what the agent can decide or execute) — defining which actions require human approval, which can proceed automatically, and which are never permitted regardless of context. Autonomy without defined limits is one of the fastest ways for behavior to drift beyond what was ever intended. When these boundaries are misaligned, the consequences are subtle but serious. An agent may act under the authority of one identity, access data scoped to another, and execute with broader autonomy than was ever granted — not because a single control failed, but because the boundaries were never reconciled with each other. This is how unintended privilege escalation happens in well-intentioned systems. Balancing safety, usefulness, and customer trust Getting guardrails right is less about adding controls and more about placing them well. Too restrictive, and legitimate workflows break down, safe autonomy shrinks, and the system becomes more burden than benefit. Too permissive, and the risks accumulate quietly — surfacing later as incidents, audit findings, or eroded customer trust. Effective guardrails share three characteristics that help strike that balance: Transparent — customers and operators understand what the system can and cannot do, and why those limits exist Context-aware — boundaries tighten or relax based on identity, environment, and risk, without blocking safe use Adjustable — guardrails evolve as models and integrations change, without compromising the protections that matter most When these characteristics are present, guardrails naturally reinforce the foundational principles of information security — protecting confidentiality through scoped data access, preserving integrity by constraining actions to authorized paths, and supporting availability by preventing runaway execution and cascading failures. How guardrails support Marketplace readiness For AI apps and agents in Microsoft Marketplace, guardrails are a practical enabler — not just of security, but of the entire Marketplace journey. They make complex AI systems easier to evaluate, certify, and operate at scale. Guardrails simplify three critical aspects of that journey: Security and compliance review — explicit, architectural guardrails give reviewers something concrete to assess. Rather than relying on documentation or promises, behavior is observable and boundaries are enforceable from day one. Customer onboarding and trust — when customers can see what an AI system can and cannot do, and how those limits are enforced, adoption decisions become easier and time to value shortens. Clarity is a competitive advantage. Long-term operation and scale — as AI apps evolve and integrate with more systems, guardrails keep the blast radius contained and prevent hidden privilege escalation paths from forming. They are what makes growth manageable. Marketplace-ready AI systems don't describe their guardrails — they demonstrate them. That shift, from assurance to evidence, is what accelerates approvals, builds lasting customer trust, and positions an AI app or agent to scale with confidence. What’s next in the journey Guardrails establish the foundation for safe, predictable AI behavior — but they are only the beginning. The next phase extends these boundaries into governance, compliance, and day‑to‑day operations through policy definition, auditing, and lifecycle controls. Together, these mechanisms ensure that guardrails remain effective as AI apps and agents evolve, scale, and operate within enterprise environments. Key resources See curated, step-by-step guidance to help you build, publish, or sell your app or agent (no matter where you start) in App Advisor, Quick-Start Development Toolkit can connect you with code templates for AI solution patterns Microsoft AI Envisioning Day Events How to build and publish AI apps and agents for Microsoft Marketplace Get over $126K USD in benefits and technical consultations to help you replicate and publish your app with ISV SuccessUsing App Advisor to build, publish, and grow in Microsoft Marketplace
In a recent partner office hour webinar, experts walked through how to build, publish, and optimize Marketplace offers using App Advisor, complete with a live demo of the platform in action. This article summarizes the key insights from that session and highlights how you can apply them to your own Marketplace journey. Navigating the path from idea to a successful Microsoft Marketplace offer can feel overwhelming. With countless resources, technical requirements, and go-to-market decisions to make, many software companies struggle to stay focused on what matters most. That’s where App Advisor comes in. App Advisor is a self-service, end-to-end guidance experience designed to help you build, publish, and grow high-performing marketplace offers, all with tailored, actionable recommendations based on your specific scenario. In this article, we break down how App Advisor supports every stage of your offer journey and how you can use it to drive better outcomes faster. What is App Advisor and why it matters App Advisor brings together curated Microsoft guidance, interactive tools, and AI-powered recommendations into a single experience. Instead of searching across scattered documentation, you get step-by-step, personalized guidance aligned to: Your app type and architecture Your chosen marketplace offer model Your current stage in the journey The result? Less guesswork, faster execution, and higher-quality marketplace offers. The four key stages of the Marketplace journey 1. Discover: Validate the opportunity Before building, it’s critical to understand the business value of Microsoft Marketplace. App Advisor helps you: Evaluate the business opportunity of building on Microsoft technology Understand the value of selling through marketplace Explore available partner benefits and incentives A standout feature here is the Marketplace Value Calculator, which allows you to: Estimate revenue potential Compare transaction costs vs. benefits Generate a business case to share with leadership 2. Build: Accelerate development with confidence In the build phase, App Advisor connects you with: Code templates and reference architectures SDKs, APIs, and technical documentation Free tools, cloud credits, and development resources A newly integrated Quick Start Development Toolkit helps you: Match your app idea to proven development patterns Access deployable code repositories Speed up time-to-market with ready-to-use solutions You also gain guidance on building secure, compliant, and well-architected applications, ensuring your solution is marketplace-ready from the start. 3. Publish: Simplify offer creation and launch Publishing in Microsoft Marketplace involves multiple steps—from selecting the right offer type to configuring listings and pricing. App Advisor simplifies this by: Helping you choose the right marketplace offer type Guiding you through pricing models and selling options Providing step-by-step Partner Center instructions Highlighting common pitfalls and certification requirements The platform dynamically adapts guidance based on your selections, ensuring you only see what’s relevant to your scenario. 4. Grow: Optimize, sell, and scale Publishing your offer is just the beginning. Growth requires continuous optimization and active selling. App Advisor supports this with: AI-powered listing optimization Receive a quality score for your marketplace listing Get actionable recommendations across key areas like value proposition, content clarity, and visual assets Improve discoverability and customer engagement by connecting to your offer so you can edit today Go-to-market and sales guidance Learn how to promote your offer effectively Use tracking tools and analytics to refine performance Access co-branded marketing assets and toolkits Advanced selling strategies Create private offers with custom pricing and terms Partner with resellers and channel partners Scale through CSP and multi-party private offers Unlock benefits and incentives Earn cloud credits and marketplace rewards Leverage co-sell opportunities with Microsoft sellers Accelerate deals with incentives and partner programs The benefits of using App Advisor throughout the journey Using App Advisor consistently across all stages delivers significant advantages: ✔ Personalized guidance- No more generic documentation, get recommendations tailored to your app, technology, and goals. ✔ Faster time to market- Reduce delays with step-by-step instructions, pre-built templates, and streamlined workflows. ✔ Higher quality listings- AI-driven insights help you create compelling, optimized marketplace listings that convert. ✔ Improved discoverability- By following best practices, you increase your chances of being found and chosen by customers. ✔ Better sales outcomes- Access tools and strategies to promote, track, and close deals more effectively. ✔ Continuous optimization- Return anytime to refine your listing, improve performance, and unlock new growth opportunities. App Advisor is valuable for everyone Whether you're: A first-time publisher exploring marketplace opportunities An experienced software development company scaling multiple offers A marketing or sales stakeholder optimizing performance App Advisor provides value at every level. Watch the full webinar 👉 Be sure to watch the complete recorded session to see a detailed demo of App Advisor, showcasing how to navigate each stage and apply best practices in real time to get the most out of your Microsoft Marketplace journey. Partner office hour: Build, publish, and optimize marketplace offers with App Advisor By integrating App Advisor into your workflow, you’re not just building marketplace offers; you’re building better, faster, and more successful ones. Get started with App Advisor App Advisor is publicly available and free to use. Partners are encouraged to explore the experience firsthand and share feedback directly within App Advisor. App Advisor: https://aka.ms/appadvisor Marketplace Community: https://aka.ms/community/marketplaceSecuring AI apps and agents on Microsoft Marketplace
Why security must be designed in—not validated later AI apps and agents expand the security surface beyond that of traditional applications. Prompt inputs, agent reasoning, tool execution, and downstream integrations introduce opportunities for misuse or unintended behavior when security assumptions are implicit. These risks surface quickly in production environments where AI systems interact with real users and data. Deferring security decisions until late in the lifecycle often exposes architectural limitations that restrict where controls can be enforced. Retrofitting security after deployment is costly and can force tradeoffs that affect reliability, performance, or customer trust. Designing security early establishes clear boundaries, enables consistent enforcement, and reduces friction during Marketplace review, onboarding, and long‑term operation. In the Marketplace context, security is a foundational requirement for trust and scale. This post is part of a series on building and publishing well-architected AI apps and Agents on Microsoft Marketplace. How AI apps and agents expand the attack surface Without a clear view of where trust boundaries exist and how behavior propagates across systems, security controls risk being applied too narrowly or too late. AI apps and agents introduce security risks that extend beyond those of traditional applications. AI systems accept open‑ended prompts, reason dynamically, and often act autonomously across systems and data sources. These interaction patterns expand the attack surface in several important ways: New trust boundaries introduced by prompts and inputs, where unstructured user input can influence reasoning and downstream actions Autonomous behavior, which increases the blast radius when authentication or authorization gaps exist Tool and integration execution, where agents interact with external APIs, plugins, and services across security domains Dynamic model responses, which can unintentionally expose sensitive data or amplify errors if guardrails are incomplete Each API, plugin, or external dependency becomes a security choke point where identity validation, audit logging, and data handling must be enforced consistently—especially when AI systems span tenants, subscriptions, or ownership boundaries. Using OWASP GenAI Top 10 as a threat lens The OWASP GenAI Top 10 provides a practical, industry‑recognized lens for identifying and categorizing AI‑specific security threats that extend beyond traditional application risks. Rather than serving as a checklist, the OWASP GenAI Top 10 helps teams ask the right questions early in the design process. It highlights where assumptions about trust, input handling, autonomy, and data access can break down in AI‑driven systems—often in ways that are difficult to detect after deployment. Common risk categories highlighted by OWASP include: Prompt injection and manipulation, where malicious input influences agent behavior or downstream actions Sensitive data exposure, including leakage through prompts, responses, logs, or tool outputs Excessive agency, where agents are granted broader permissions or action scope than intended Insecure integrations, where tools, plugins, or external systems become unintended attack paths Highly regulated industries, sensitive data domains, or mission‑critical workloads may require additional risk assessment and security considerations that extend beyond the OWASP categories. The OWASP GenAI Top 10 allows teams to connect high‑level risks to architectural decisions by creating a shared vocabulary that sets the foundation for designing guardrails that are enforceable both at design time and at runtime. Designing security guardrails into the architecture Security guardrails must be designed into the architecture, shaping where and how policies are enforced, evaluated, and monitored throughout the solution lifecycle. Guardrails operate at two complementary layers: Design time, where architectural decisions determine what is possible, permitted, or blocked by default Runtime, where controls actively govern behavior as the AI app or agent interacts with users, data, and systems When architectural boundaries are not defined early, teams often discover that critical controls—such as input validation, authorization checks, or action constraints—cannot be applied consistently without redesign: Tenancy boundaries, defining how isolation is enforced between customers, environments, or subscriptions Identity boundaries, governing how users, agents, and services authenticate and what actions they can perform Environment separation, limiting the blast radius of experimentation, updates, or failures Control planes, where configuration, policy, and behavior can be adjusted without redeploying core logic Data planes, controlling how data is accessed, processed, and moved across trust boundaries Designing security guardrails into the architecture transforms security from reactive to preventative, while also reducing friction later in the Marketplace journey. Clear enforcement boundaries simplify review, clarify risk ownership, and enable AI apps and agents to evolve safely as capabilities and integrations expand. Identity as a security boundary for AI apps and agents Identity defines who can access the system, what actions can be taken, and which resources an AI app or agent is permitted to interact with across tenants, subscriptions, and environments. Agents often act on behalf of users, invoke tools, and access downstream systems autonomously. Without clear identity boundaries, these actions can unintentionally bypass least‑privilege controls or expand access beyond what users or customers expect. Strong identity design shapes security in several key ways: Authentication and authorization, determines how users, agents, and services establish trust and what operations they are allowed to perform Delegated access, constraints agents to act with permissions tied to user intent and context Service‑to‑service trust, ensures that all interactions between components are explicitly authenticated and authorized Auditability, traces actions taken by agents back to identities, roles, and decisions A zero-trust approach is essential in this context. Every request—whether initiated by a user, an agent, or a backend service—should be treated as untrusted until proven otherwise. Identity becomes the primary control plane for enforcing least privilege, limiting blast radius, and reducing downstream integration risk. This foundation not only improves security posture, but also supports compliance, simplifies Marketplace review, and enables AI apps and agents to scale safely as integrations and capabilities evolve. Protecting data across boundaries Data may reside in customer‑owned tenants, subscriptions, or external systems, while the AI app or agent runs in a publisher‑managed environment or a separate customer environment. Protecting data across boundaries requires teams to reason about more than storage location. Several factors shape the security posture: Data ownership, including whether data is owned and controlled by the customer, the publisher, or a third party Boundary crossings, such as cross‑tenant, cross‑subscription, or cross‑environment access patterns Data sensitivity, particularly for regulated, proprietary, or personally identifiable information Access duration and scope, ensuring data access is limited to the minimum required context and time When these factors are implicit, AI systems can unintentionally broaden access through prompts, retrieval‑augmented generation, or agent‑initiated actions. This risk increases when agents autonomously select data sources or chain actions across multiple systems. To mitigate these risks, access patterns must be explicit, auditable, and revocable. Data access should be treated as a continuous security decision, evaluated on every interaction rather than trusted by default once a connection exists. This approach aligns with zero-trust principles, where no data access is implicitly trusted and every request is validated based on identity, context, and intent. Runtime protections and monitoring For AI apps and agents, security does not end at deployment. In customer environments, these systems interact continuously with users, data, and external services, making runtime visibility and control essential to a strong security posture. AI behavior is also dynamic: the same prompt, context, or integration can produce different outcomes over time as models, data sources, and agent logic evolve, so monitoring must extend beyond infrastructure health to include behavioral signals that indicate misuse, drift, or unintended actions. Effective runtime protections focus on five core capabilities: Vulnerability management, including regular scanning of the full solution to identify missing patches, insecure interfaces, and exposure points Observability, so agent decisions, actions, and outcomes can be traced and understood in production Behavioral monitoring, to detect abnormal patterns such as unexpected tool usage, unusual access paths, or excessive action frequency Containment and response, enabling rapid intervention when risky or unauthorized behavior is detected Forensics readiness, ensuring system-state replicability and chain-of-custody are retained to investigate what happened, why it happened, and what was impacted Monitoring that only tracks availability or performance is insufficient. Runtime signals must provide enough context to explain not just what happened, but why an AI app or agent behaved the way it did, and which identities, data sources, or integrations were involved. Equally important is integration with broader security event and incident management workflows. Runtime insights should flow into existing security operations so AI-related incidents can be triaged, investigated, and resolved alongside other enterprise security events—otherwise AI solutions risk becoming blind spots in a customer’s operating environment. Preparing for incidents and abuse scenarios No AI app or agent operates in a perfectly controlled environment. Once deployed, these systems are exposed to real users, unpredictable inputs, evolving data, and changing integrations. Preparing for incidents and abuse scenarios is therefore a core security requirement, not a contingency plan. AI apps and agents introduce unique incident patterns compared to traditional software. In addition to infrastructure failures, teams must be prepared for prompt abuse, unintended agent actions, data exposure, and misuse of delegated access. Because agents may act autonomously or continuously, incidents can propagate quickly if safeguards and response paths are unclear. Effective incident readiness starts with acknowledging that: Abuse is not always malicious, misuse can stem from ambiguous prompts, unexpected context, or misunderstood capabilities Agent autonomy may increase impact, especially when actions span multiple systems or data sources Security incidents may be behavioral, not just technical, requiring interpretation of intent and outcomes Preparing for these scenarios requires clearly defined response strategies that account for how AI systems behave in production. AI solutions should be designed to support pause, constrain, or revoke agent capabilities when risk is detected, and to do so without destabilizing the broader system or customer environment. Incident response must also align with customer expectations and regulatory obligations. Customers need confidence that AI‑related issues will be handled transparently, proportionately, and in accordance with applicable security and privacy standards. Clear boundaries around responsibility, communication, and remediation help preserve trust when issues arise. How security decisions shape Marketplace readiness From initial review to customer adoption and long‑term operation, security posture is a visible and consequential signal of readiness. AI apps and agents with clear boundaries—around identity, data access, autonomy, and runtime behavior—are easier to evaluate, onboard, and trust. When security assumptions are explicit, Marketplace review becomes more predictable, customer expectations are clearer, and operational risk is reduced. Ambiguous trust boundaries, implicit data access, or uncontrolled agent actions can introduce friction during review, delay onboarding, or undermine customer confidence after deployment. Marketplace‑ready security is therefore not about meeting a minimum bar. It is about enabling scale. Well-designed security allows AI apps and agents to integrate into enterprise environments, align with customer governance models, and evolve safely as capabilities expand. When security is treated as a first‑class architectural concern, it becomes an enabler rather than a blocker—supporting faster time to market, stronger customer trust, and sustainable growth through Microsoft Marketplace. What’s next in the journey Security for AI apps and agents is not a one‑time decision, but an ongoing design discipline that evolves as systems, data, and customer expectations change. By establishing clear boundaries, embedding guardrails into the architecture, and preparing for real‑world operation, publishers create a foundation that supports safe iteration, predictable behavior, and long‑term trust. This mindset enables AI apps and agents to scale confidently within enterprise environments while meeting the expectations of customers adopting solutions through Microsoft Marketplace. Key resources See curated, step-by-step guidance to help you build, publish, or sell your app or agent (no matter where you start) in App Advisor, Quick-Start Development Toolkit Microsoft AI Envisioning Day Events How to build and publish AI apps and agents for Microsoft Marketplace Get over $126K USD in benefits and technical consultations to help you replicate and publish your app with ISV SuccessAI apps and agents: choosing your Marketplace offer type
Choosing your Marketplace offer type is one of the earliest—and most consequential—decisions you’ll make when preparing an AI app for Microsoft Marketplace. It’s also one of the hardest to change later. This post is the second in our Marketplace‑ready AI app series. Its goal is not to push you toward a specific option, but to help you understand how Marketplace offer types map to different AI delivery models—so you can make an informed decision before architecture, security, and publishing work begins. This post is part of a series on building and publishing well-architected AI apps and agents on Microsoft Marketplace. Why offer type is an important Marketplace decision Offer type is more than a packaging choice. It defines the operating model of your AI app on Marketplace: How customers acquire your solution Where the AI runtime executes Determining the right security and business boundaries for the AI solution and associated contextual data Who operates and updates the system How transactions and billing are handled Once an offer type is selected, it cannot be changed without creating a new offer. Teams that choose too quickly often discover later that the decision creates friction across architecture, security boundaries, or publishing requirements. Microsoft’s Publishing guide by offer type explains the structural differences between offer types and why this decision must be made up front. How Marketplace offer types map to AI delivery models AI apps differ from traditional software in a few critical ways: Contextual data may need to remain in a specific tenant or geography Agents may operate autonomously and continuously Control over infrastructure often determines trust and compliance How the solution is charged and monetized, including whether pricing is usage‑based, metered, or subscription‑driven (for example, billing per inference, per workflow execution, or as a flat monthly fee) The buyer’s technical capability, including the level of engineering expertise required to deploy and operate the solution (for example, SaaS is generally easier to consume, while container‑based and managed application offers often require stronger cloud engineering and DevOps skills) Marketplace offer types don’t describe features. They define responsibility boundaries—who controls the AI runtime, who owns the infrastructure, and where customer data is processed. At a high level, Marketplace supports four primary delivery models for AI solutions: SaaS Azure Managed Application Azure Container Virtual Machine Each represents a different balance between publisher control and customer control. The sections below explain what each model means in practice. Check out the interactive offer selection wizard in App Advisor for decision support. Below, we unpack each of the offer types. SaaS offers for AI apps SaaS is the most common model for AI apps and agents on Marketplace—and often the default starting point. With a SaaS offer, the AI service runs in the publisher’s Azure environment and is accessed by customers through a centralized endpoint. This model works well for: Multi‑tenant AI platforms and agents Continuous model and prompt updates Rapid experimentation and iteration Usage‑based or subscription billing Because the service is centrally hosted, publishers retain full control over deployment, updates, and operational behavior. For multi-tenant AI apps, this also means making early decisions about Microsoft Entra ID configuration—such as how customers are onboarded, whether access is granted through tenant-level consent or external identities, and how user identities, roles, and data are isolated across tenants to prevent cross-tenant access or data leakage. For official guidance, see the SaaS section of the Marketplace publishing guide and the AI agent overview, which describes SaaS‑based agent deployments. Plan a SaaS offer for Microsoft Marketplace. Azure Managed Applications for AI solutions In this model, the solution is deployed into the customer’s Azure subscription, not the publisher’s. There are two variants: Managed applications, where the publisher retains permissions to operate and update the deployed resources Solution templates, where the customer fully manages the deployment after installation This model is a strong fit when AI workloads must run inside customer‑controlled environments, such as: Regulated or sensitive data scenarios Customer‑owned networking and identity boundaries Infrastructure‑heavy AI solutions that can’t be centralized Willingness or need on part of the customer or IT team to tailor the app to the needs of the end customer specific environment Managed Applications sit between SaaS and fully customer‑run deployments. They offer more customer control than SaaS, while still allowing publishers to manage lifecycle aspects when appropriate. Marketplace guidance for Azure Applications is covered in the publishing guide. For more information, see the following links: Plan an Azure managed application for an Azure application offer. Azure Container offers for AI workloads With container offers, the customer runs the AI workload—typically on AKS—using container images supplied by the publisher. This model is best suited for scenarios that require: Strict data residency Air‑gapped or tightly controlled environments Customer‑managed Kubernetes infrastructure The publisher delivers the container artifacts, but deployment, scaling, and runtime operations occur in the customer’s environment. This shifts operational responsibility, risk and compute costs away from the publisher and toward the customer. Container offer requirements are covered in the Marketplace publishing guide. Plan a Microsoft Marketplace Container offer. Virtual Machine offers for AI solutions Virtual Machine offers still play a role, particularly for specialized or legacy AI solutions. VM offers package a pre‑configured AI environment that customers deploy into their Azure subscription. Compared to other models, they offer: Updates and scaling are more tightly scoped Iteration cycles tend to be longer The solution is more closely aligned with specific OS or hardware requirements They are most commonly used for: Legacy AI stacks Fixed‑function AI appliances Solutions with specialized hardware or driver dependencies VM publishing requirements are also documented in the Marketplace publishing guide. Plan a virtual machine offer for Microsoft Marketplace. Comparing offer types across AI‑specific decision dimensions Rather than asking “which offer type is best,” it’s more useful to ask what trade‑offs you’re making. Key lenses to consider include: Who operates the AI runtime day‑to‑day Where customer data and AI prompts inputs and outputs are processed and stored How quickly models, prompts, and logic can evolve The balance between publisher control and customer control How Marketplace transactions and billing align with runtime behavior SaaS Container (AKS / ACI) Virtual Machine (VM) Azure Managed Application What it is Fully managed, externally hosted app integrated with Marketplace for billing and entitlement Containerized app deployed into customer-managed Azure container environments VM image deployed directly into the customer’s Azure subscription Azure native solution deployed into the customer’s subscription, managed by the publisher Control plane Publisher‑owned Customer owned Customer owned Customer owned (with publisher access) Operational model Centralized operations, updates, and scaling Customer operates infra; publisher provides containers Customer operates infra; publisher provides VM image Per customer deployment and lifecycle Good fit scenarios • Multi‑tenant AI apps serving many customers • Fast onboarding and trials • Frequent model or feature updates • Publisher has full runtime control • AI apps or agents built as microservices • Legacy or lift-and-shift AI workloads • Enterprise AI solutions requiring customer owned infrastructure Avoid when • Customers require deployment into their own subscription • Strict data residency mandates customer control • Offline or air‑gapped environments are required • Customers standardize on Kubernetes • Custom OS or driver dependencies • Tight integration with customer Azure resources Typical AI usage pattern Centralized inference and orchestration across tenants • Portability across environments is important • Specialized runtime requirements • Strong compliance and governance needs Different AI solutions land in different places across these dimensions. The right choice is the one that matches your operational reality—not just your product vision. Note: If your solution primarily delivers virtual machines or containerized workloads, use a Virtual Machine or Container offer instead of an Azure Managed Application. Supported sales models and pricing options by Marketplace offer type Marketplace offer types don’t just define how an AI app and agent is deployed — they also determine how it can be sold, transacted, and expanded through Microsoft Marketplace. Understanding the supported sales models early helps avoid misalignment between architecture, pricing, and go‑to‑market strategy. Supported sales models Offer type Transactable listing Public listing Private offers Resale enabled Multiparty private offers Azure IP Co‑sell eligible SaaS Yes Yes Yes Yes Yes Yes Container Yes Yes Yes No Yes Yes Virtual Machine Yes Yes Yes Yes Yes Yes Azure Managed Application Yes Yes Yes No Yes Yes What these sales models mean Transactable listing A Marketplace listing that allows customers to purchase the solution directly through Microsoft Marketplace, with billing handled through Microsoft. Public listing A listing that is discoverable by any customer browsing Microsoft Marketplace and available for self‑service acquisition. Private offers Customer‑specific offers created by the publisher with negotiated pricing, terms, or configurations, purchased through Marketplace. Resale enabled Using resale enabled offers, software companies can authorize their channel partners to sell their existing Marketplace offers on their behalf. After authorization, channel partners can independently create and sell private offers without direct involvement from the software company. Multiparty private offers Private offers that involve one or more Microsoft partners (such as resellers or system integrators) as part of the transaction. Azure IP Co‑sell eligible When all requirements are met this allows your offers to contribute toward customers' Microsoft Azure Consumption Commitments (MACC). Pricing section Marketplace offer types determine the pricing models available. Make sure you build towards a marketplace offer type that aligns with how you want to deploy and price your solution. SaaS – Subscription or flat‑rate pricing, per‑user pricing, and usage‑based (metered) pricing. Container – Kubernetes‑based offers support multiple Marketplace‑transactable pricing models aligned to how the workload runs in the customer’s environment, including per core, per core in cluster, per node, per node in cluster, per pod, or per cluster pricing, all billed on a usage basis. Container offers can also support custom metered dimensions for application‑specific usage. Alternatively, publishers may offer Bring Your Own License (BYOL) plans, where customers deploy through Marketplace but bring an existing software license. Virtual Machine – Usage-based hourly pricing (flat rate, per vCPU, or per vCPU size), with optional 1-year or 3-year reservation discounts. Publishers may also offer Bring Your Own License (BYOL) plans, where customers bring an existing software license and are billed only for Azure infrastructure. Azure Managed Application – A monthly management or service fee charged by the publisher; Azure infrastructure consumption is billed separately to the customer. Note: Azure Managed Applications are designed to charge for management and operational services, not for SaaS‑style application usage or underlying infrastructure consumption. Buyer‑side assumptions to be aware of For customers to purchase AI apps and agents through these sales models: The customer must be able to purchase through Microsoft Marketplace using their existing Microsoft procurement setup Marketplace purchases align with enterprise buying and governance controls, rather than ad‑hoc vendor contracts For private and multiparty private offers, the customer must be willing to engage in a negotiated Marketplace transaction, rather than pure self‑service checkout Important clarification Supported sales models are consistent across Marketplace offer types. What varies by offer type is how the solution is provisioned, billed, operated, and updated. Sales flexibility alone should not drive offer‑type selection — it must align with the architecture and operating model of the AI app and agent. How this decision impacts everything that follows Offer type decisions ripple through the rest of the Marketplace journey. They directly shape: Architecture design choices Security and compliance boundaries Fulfillment APIs and billing integration Publishing and certification requirements Cost, scalability, and operational responsibility Follow the series for updates on new posts. What’s next in the journey With the offer type decision in place, the focus shifts to turning that choice into a production‑ready solution. This includes designing an architecture that aligns with your delivery model, establishing clear security and compliance boundaries, and preparing the operational foundations required to run, update, and scale your AI app or agent confidently in customer environments. Getting these elements right early reduces rework and sets the stage for a smoother Marketplace journey. Key resources See curated, step-by-step guidance to help you build, publish, or sell your app or agent (no matter where you start) in App Advisor Quick-Start Development Toolkit Microsoft AI Envisioning Day Events How to build and publish AI apps and agents for Microsoft Marketplace Get over $126K USD in benefits and technical consultations with ISV SuccessDecember edition of Microsoft Marketplace Partner Digest
Microsoft Ignite 2025 - Marketplace highlights Microsoft Ignite was packed with announcements and insights for Marketplace partners. From new commerce capabilities to AI-driven innovations, here are some key takeaways: Global expansion of Microsoft Marketplace - Microsoft announced that the reimagined Microsoft Marketplace, which launched in the U.S. earlier this year, is now globally available. This expansion includes new APIs for distribution partners, enabling them to link their own cloud marketplace with Microsoft’s, opening significant opportunities for software companies in SMB and mid-market segments. 🎬 Watch a recorded webinar with TD SYNNEX on the power of distribution to accelerate SMB marketplace sales. Global availability of Resale Enabled Offers - This capability allows software development companies to and channel partners to resell software solutions directly through Marketplace, simplifying transactions, expanding reach, and scaling revenue. 👉 Read more about this announcement and get started Introducing App Accelerate - A unified offer that brings together incentives, benefits, and co-sell support across the Microsoft Cloud. App Accelerate provides end-to-end technical guidance, developer tools, and go-to-market resources so software development companies can innovate and scale. Previews are beginning now, with full availability planned for 2026. ✅ Sign up to receive updates Enhanced Partner Marketing Center - Discover, customize, and launch campaigns faster with intelligent search and AI-powered tools—all on one connected platform. The current Partner Marketing Center will remain available as the new and enhanced Marketing Center platform launches in early 2026 with 24 campaigns-in-a-box, aligned to FY26 solution plays. ✨ Get ready for the new era of partner marketing Frontier Partner badge – New customer-facing badges recognize top services, channel, and software development company partners that are driving AI transformation with customers and offer them an opportunity to differentiate themselves from the competition. 🛡️Differentiate your AI-first leadership Catch up on Microsoft Ignite sessions Ignite 2025 delivered powerful insights and announcements for Marketplace partners, and now you can catch up on the sessions you missed. Explore these recorded keynotes to learn about new capabilities, partner programs, and strategies to accelerate growth through Microsoft’s ecosystem. Ignite opening keynote Ignite partner keynote: Powering Frontier Partnerships Additionally, we’ve compiled recordings of relevant Marketplace partner and customer sessions so you can watch on-demand. Revisit Marketplace-focused sessions and resources. Just look for the ✨ icon below. Partner sessions: PBRK415 Grow your business with Microsoft AI Cloud Partner Program Find out how the Microsoft AI Cloud Partner Program helps you grow with new benefits, designations, and skilling opportunities. This session covers updates like the Frontier Partner Badge, Copilot specialization, and streamlined Marketplace engagement—all designed to accelerate your AI transformation journey. PBRK416 Accelerate Growth through Partner Incentives Explore how Microsoft is boosting partner growth with streamlined incentives, AI-first strategies, and new designations like Frontier Distributor. This session covers expanded investments in Azure Accelerate, Copilot solutions, and security practices—plus insights on how to capitalize on evolving programs and co-sell opportunities. PBRK417 Partner: Connect, Plan, Win – Enhancing Co-sell Engagement Discover how to enhance collaboration, optimize joint efforts, and drive success in shared initiatives. Gain insights into improving interactions with Microsoft sellers and leveraging opportunities, along with guidance on proactive co-selling to align your goals with Microsoft's for sustained growth. PBRK418 Partner: Benefits for Accelerating Software Company Success Learn about the resources and benefits available for software development companies across all stages of the build, publish and grow journey in MAICPP. Whether you’re developing a new agent solution or working toward a certified software designation, there are targeted skilling opportunities, technical resources, and GTM benefits to help. Tap into new investments for AI apps and agents and hear from your peers on how they’ve used rewards such as customer propensity scores and Azure sponsorship. PBRK419 SI & Advisory Partner Readiness: Accelerating the Journey to Frontier Understand how Microsoft is empowering our SI and advisory partners to accelerate frontier firm readiness for our Enterprise customers by driving AI transformation with agentic solutions and services. ✨PBRK420 Executing on the channel-led marketplace opportunity for partners See how Microsoft’s unified Marketplace drives partner growth with resale-enabled offers, creating scalable channel sales and co-sell opportunities. This session shares practical steps to build a sustainable Marketplace practice and leverage the partner ecosystem for greater reach and profitability. PBRK421 Enabling a thriving partner ecosystem: New CSP Authorization Criteria Dive into what’s new for Cloud Solution Providers, including updated authorization requirements and designations that help you stand out. This session covers steps to choose the right tier, build trust as a customer advisor, and prepare for growth with AI-driven solutions and Copilot offerings. PBRK422 The Future of Partner Support: Customer + Partner + Microsoft Discover ‘Unified for Partners,’ Microsoft’s new support model designed for CSP partners to deliver customer success at scale. This session introduces the Support Services designation, offering faster response times, financial incentives, and integrated tools to strengthen your support capabilities. PBRK423 Partner Execution at Scale with SME&C Explore growth opportunities in the high-potential SME&C segment. This session highlights investments in co-selling, AI-first strategies, and what it means to become ‘customer zero,’ with examples of frontier firms driving innovation at scale. ✨PBRK424 Marketplace Success for Partners—from SMB to Enterprise Learn how to build, publish, and monetize AI-powered solutions through Microsoft Marketplace. This session shares a proven approach to align your Marketplace strategy with your sales motion and unlock new revenue opportunities. PBRK272 Accelerate Secure AI: Microsoft’s Security Advantage for Partners Explore Microsoft’s integrated security solutions and learn how to help customers strengthen their defenses in the AI era. This session highlights partner opportunities, resources to grow your security practice, and what it takes to lead as a next-generation security partner. Customer Sessions: ✨Microsoft Marketplace: Your trusted source for cloud solutions, AI apps, and agents | STUDIO47 Hear from Cyril Belikoff, VP of Commercial Cloud & AI Marketing, sharing the reimagined Microsoft Marketplace—the gateway to thousands of AI-powered apps, agents and cloud solutions—all built to accelerate innovation and drive business outcomes. Discover how customers benefit from faster deployment, seamless integration with Microsoft tools, and trusted solutions, and how partners can scale their reach, accelerate sales, and tap into Microsoft’s global ecosystem. Azure Accelerate in action: Confidently migrate, modernize, and build faster Join Cyril Belikoff for a rapid Q&A that spotlights real-world customer success and the transformative impact of Azure Accelerate. Hear how customers like Thomson Reuters achieved breakthrough results with our powerful offering that provides access to Microsoft experts and investments throughout your Azure and AI journey. ✨BRK213 Microsoft Marketplace: Your trusted source for cloud and AI solutions Discover how the reimagined Microsoft Marketplace is reshaping the future of cloud and AI innovation. In this session, we’ll explore how Microsoft Marketplace—unifying Azure Marketplace and Microsoft AppSource—empowers organizations to become Frontier Firms by streamlining the discovery, purchase, and deployment of tens of thousands of cloud solutions, AI apps, and agents. ✨BRK215 Boost cloud and AI ROI using Microsoft Marketplace As organizations embrace an AI-first future, cloud adoption is accelerating to drive innovation and efficiency. This session explores practical strategies to optimize cloud investments—balancing performance, scalability, and cost control. Learn how Microsoft Marketplace enables rapid solution deployment while maintaining governance, compliance, and budget discipline. Build a resilient, cost-effective cloud foundation that supports AI and beyond. Community Recap Partner of the Year Award Winners Congratulations to the winners and finalists of the 2025 Microsoft Partner of the Year Awards in the Marketplace category! 🏆 Explore all winners and finalists Fivetran earned the top honor as Marketplace Partner of the Year for its innovation in automating data movement on Microsoft Azure, enabling enterprises to accelerate AI and analytics initiatives. Varonis Systems Inc. and Bytes Software Services were recognized as finalists for delivering exceptional solutions and driving customer success through Marketplace. What’s Coming Up AI-powered acceleration: Scale faster in Microsoft Marketplace 📆 Thursday, December 04, 2025, at 9:00 AM PST Microsoft Marketplace is no longer just a procurement convenience; it’s a strategic revenue engine. Dive into operational readiness, CRM-native automation, seller engagement, trust signals, and AI-enabled acceleration. Whether you're just getting started or looking to optimize your Marketplace motion, this session will provide you with information that will turn your first sale into a repeatable growth engine. Scale smarter: Discover how resale enabled offers drive growth 📆 Friday, December 05, 2025, from 11:00 - 12:00 PM GTM+1 Discover how resale enabled offers help software development companies to scale through the Microsoft Marketplace by simplifying transactions, expanding reach and accelerating co-sell opportunities. Chart your AI app and agent strategy with Microsoft Marketplace 📆 Thursday, December 11, 2025, from 8:30 - 9:30 AM PST Organizations exploring AI apps and agents face a critical choice: build, buy, or blend. There’s no one-size-fits-all—each approach offers unique benefits and trade-offs. Tune in for insights into the pros and cons of each approach and explore how the Microsoft Marketplace simplifies adoption by providing a single source for trusted AI apps, agents, and models. Office hours for partners: Marketplace resale-enabled offers 📆 Thursday, December 18, 2025, at 8:30 AM PST Tune in to explore resale enabled offers through Microsoft Marketplace. This recently announced capability enables software companies to expand into new markets globally, at scale, and without additional operational overhead. Dive deep into the workflow and requirements for these deals. Learn about reporting and best practices from those that are already selling globally with resale enabled offers. Microsoft Ignite will return to San Francisco next year 📆 November 17-20, 2026 Sign up now to join the Microsoft Ignite early-access list and be eligible to receive limited‑edition swag at the event. 💬 Share Your Feedback! We truly appreciate your feedback and want to ensure these Partner Digests deliver the information you need to succeed in the marketplace. If you have any feedback or suggestions on how we can continue to improve the content to best support you, we’d love to hear from you in the comments below!AI-powered maintenance management with Microsoft Azure
Welcome to another edition of our Partner Spotlight series, where we showcase the innovators transforming maintenance and field service operations through the Microsoft Marketplace. Each feature uncovers the unique journey of a partner leveraging the Microsoft ecosystem to deliver AI-powered solutions and transactable offers that simplify enterprise adoption and accelerate digital transformation. In this article, I connected with Benjamin Schwärzler from Workheld, a Vienna-based SaaS provider redefining maintenance management for asset-intensive industries. We explore their origin story, their evolution as a Microsoft partner, and how they’re helping organizations bridge the gap between shopfloor execution and strategic decision-making—all within a secure, Azure-powered environment. About Ben [BS]: Benjamin Schwärzler is the CEO of Workheld, a Vienna-based SaaS company redefining how industrial enterprises manage maintenance and field service operations. With a strong background in digital transformation and enterprise software strategy, Benjamin has led Workheld’s evolution from a start-up to a trusted Microsoft partner serving global industry leaders such as voestalpine. Under his leadership, Workheld has become a pioneer in digital shopfloor enablement—combining AI-driven insights with seamless execution to improve efficiency, transparency, and safety in industrial maintenance. His work focuses on bridging the gap between operational excellence and digital innovation, empowering technicians and managers alike with intuitive, data-driven tools. Benjamin is passionate about advancing smart manufacturing and asset management through technology partnerships and ecosystem collaboration. His strategic vision has positioned Workheld at the forefront of Microsoft’s Marketplace, where it now serves as a reference case for how industrial SaaS providers can accelerate enterprise adoption through transactable marketplace solutions. __________________________________________________________________________________________________________________________________________________________________ [JR]: Tell us about your organization. [BS]: Workheld is a leading SaaS provider focused on digital solutions for maintenance and field service operations. Founded in Vienna, Austria, Workheld empowers industrial enterprises to plan, execute, and analyze maintenance and asset management processes with full transparency. Our platform, from within a secure, Microsoft Azure-based environment unites digital work orders, smart scheduling, and AI-driven insights—bridging the gap between the shopfloor and strategic decision-making. [JR]: What inspired the founding? [BS]: Workheld was born from a simple observation: while industrial production processes had undergone massive digitalization, maintenance operations remained largely analog. We saw an opportunity to create a solution that not only digitizes workflows but also connects people, data, and machines in a way that drives measurable efficiency gains. [JR]: What does your app do, and who is it designed for? [BS]: Workheld serves asset-intensive industries such as manufacturing, energy, and infrastructure. Workheld Flow connects maintenance teams, planners, and managers in one unified platform—delivering visibility from the field to the executive level. We started as a digital work order system and have grown into a full-fledged maintenance and asset management platform. Today, Workheld is an ecosystem—connecting technicians, planners, and management dashboards, with seamless integration into ERP systems and industrial IoT data streams. We help companies overcome fragmented communication, manual reporting, and inefficient resource allocation. With Workheld, teams can schedule, document, and analyze maintenance tasks in real time—reducing downtime and enabling data-driven decisions. [JR]: What technologies or Microsoft services does it leverage? [BS]: Workheld is built on Microsoft Azure, leveraging services such as Azure App Services, Azure SQL Database, and Azure Active Directory for secure and scalable operations. We are also integrating Azure AI Services for intelligent recommendations and predictive maintenance insights. [JR]: Can you describe your journey in publishing a transactable offer? Why did you decide to publish transactable, and what challenges did you face? [BS]: Enterprise customers increasingly want trusted, secure, and simplified procurement. By publishing a transactable offer, we aligned with our customers’ Microsoft Azure Consumption Commitment (MACC) and eliminated procurement barriers—making it easier for enterprises to buy and deploy Workheld within their existing Microsoft ecosystem. Navigating the technical and legal aspects of the transactable setup required close collaboration with Microsoft’s partner success team. We leveraged Microsoft’s resources, including Marketplace Rewards and technical documentation, to streamline the process and ensure compliance. [JR]: What publishing advice would you give to new partners? [BS]: Invest early in making your offer transactable—it dramatically increases customer trust and speeds up enterprise sales. Collaborate closely with Microsoft’s Marketplace team and focus on aligning your solution with customer MACC priorities. [JR]: How are you using AI in your app development? [BS]: We are incorporating Azure OpenAI Service and Azure Machine Learning to power intelligent assistant features within Workheld—such as AI-guided troubleshooting, natural language work order generation, and contextual recommendations during maintenance execution. Microsoft’s AI documentation, Azure partner webinars, and early access programs have been instrumental in helping us integrate and test AI components efficiently and responsibly. [JR]: What business outcomes have you seen from integrating AI? [BS]: AI reduces reporting time for technicians by up to 60% and enhances the accuracy of maintenance insights. It also allows managers to identify recurring issues faster, improving asset availability and reducing downtime. [JR]: What business impact have you seen since publishing on the Marketplace? [BS]: The Marketplace has transformed how we approach enterprise deals. Our first six-figure transaction with voestalpine demonstrated that Marketplace deals can accelerate procurement, align with customer MACC targets, and enhance trust across IT and procurement departments. [JR]: How has transacting directly on the Marketplace influenced your strategy? [BS]: It has become a key pillar of our go-to-market approach for enterprise customers. We now plan all major deals with Marketplace alignment in mind, enabling faster approvals and improved positioning within Microsoft’s co-sell ecosystem. [JR]: What key takeaways would you share with other partners? [BS]: Success in the Marketplace is about customer alignment and ecosystem thinking. It’s not just a sales channel—it’s a trust signal. Publishing a transactable offer opens the door to larger enterprise opportunities and deeper collaboration with Microsoft. [JR]: How has your Marketplace experience shaped your roadmap? [BS]: The Marketplace is now central to our global expansion strategy. We’re extending our platform with AI and IoT capabilities to further strengthen our position as the go-to maintenance management solution within the Microsoft ecosystem. _______________________________________________________________________________________________________________________________________________________________ Resources Join ISV Success - Build and publish applications and agents faster with powerful AI developer tools, consultations, and technical guidance—then grow your sales through Microsoft Marketplace Join the marketplace community - Access resources for every stage of the journey on the Microsoft Marketplace, provide feedback, and engage with other partners and Microsoft subject-matter experts focused on your success. Microsoft Marketplace - Your trusted source for cloud solutions, AI apps, and agents Paths for partnership - Learn more about the ways you can partner with us—from building and selling solutions to differentiating your business with a Solutions Partner designation.
Boost SaaS revenue with Microsoft Marketplace: A step-by-step guide
About the author: Manesh Raveendran is the Founder and Chief Executive Officer of Spektra Systems, a partner-focused cloud solutions company that simplifies cloud sales adoption and helps cloud-based businesses accelerate their growth. He specializes in thought leadership and in building end-to-end technology solutions across cloud computing, data platforms, and DevOps, with a strong focus on hybrid workloads. Manesh works closely with CXOs to understand business problems and designs systems that drive customer success through Spektra Systems’ innovative cloud solutions and services, including SaaSify, CloudLabs and CSP Control Center. _________________________________________________________________________________________________________________________________________________________________ For SaaS companies, the Microsoft Marketplace has evolved from being a procurement convenience to becoming a strategic revenue engine. But while publishing a listing is easy, closing the first transaction quickly is what separates software development companies who scale on Marketplace from those who stall. That first transaction isn’t just revenue. It’s a signal: Your offer flows through Microsoft’s procurement rails. Your finance, legal, and operations stack is aligned. Microsoft sellers trust they can bring you into deals. Buyers trust Marketplace as their procurement path. Furthermore, transactable offers close faster because they simplify legal review, leverage committed cloud spend and integrate into enterprise procurement. Many software companies go live on Microsoft Marketplace but fail to reach their first transaction quickly. Some stall for months because of fragmented processes, delayed financial setup, or a lack of alignment with Microsoft’s co-sell engine. Others underutilize the marketplace’s full potential because they treat it as a digital storefront rather than an integrated revenue channel. This blog aims to close that gap. It goes beyond “how to list” and focuses on what really drives velocity: operational readiness, CRM-native automation, seller engagement, trust signals, and AI-enabled acceleration. In this blog, we’ll walk through: The step-by-step journey from publishing your transactable offer to your first Microsoft sale. Common pitfalls that delay the first transaction and how to avoid them How CRM-native automation can accelerate finance, legal, and operations readiness for transactable offers Why field seller alignment and partner incentives are critical to activating the Microsoft ecosystem. How AI copilots and agents are changing the game for marketplace GTM. By the end, you’ll have a clear, actionable blueprint for moving from “just listed” to “revenue in hand” and turning your first sale into a repeatable growth engine. Listing readiness and execution: Step-by-step for publishing your offer Most first-sale delays don’t happen after publishing. They happen before the offer goes live. Getting listing readiness right can cut weeks off your timeline. Get the account setup right Have a Partner Center publisher account with your company verified and enrolled in the Microsoft Marketplace. Assign the right roles in Partner Center (e.g., Owner, Marketplace Admin, and for payments Finance Contributor). These are required to configure payments and publish offers. Decide offer type and monetization strategy early Pick your offer type carefully (SaaS, VM, Managed App, Container). If your goal is to accelerate revenue, transactable SaaS offers using Microsoft’s Standard Contract tend to have the lowest procurement friction. Align your pricing model (seat-based, usage, flat, or hybrid) with enterprise buying behavior and potential private offer flexibility. Complete legal, finance, and tax setup upfront Configure and validate payout and tax accounts before creating the offer. Decide whether to use the Standard Contract (fastest buyer approval) or a custom EULA (more control, more delays). Define internal ownership between finance, legal, and GTM teams. Create the offer shell in Partner Center with listing details Create a new SaaS offer in Partner Center and provide the Offer ID and Offer alias to create the shell. Complete the offer listing details with name, description, categories, keywords, logos/screens, (optional) videos. These are what customers see in the storefront. Select markets/regions, audience, and any reseller/CSP availability where supported. (Exact toggles vary by offer type; the goal is to ensure the offer is visible where you sell.) Build the listing like a sales asset A Marketplace listing is not a product brochure, it’s the first deck Microsoft sellers and buyers see. Open with a sharp value proposition. Add pricing clarity or private offer options. Include visuals (architecture diagrams, screenshots, etc.). Add security and compliance details. Link to deployment guides and onboarding documentation. Test before you publish Run through test purchases and fulfillment callbacks. Validate offer visibility, legal terms, pricing flows, and payout readiness. Involve your finance and ops teams before pressing “Submit.” Software companies that complete listing readiness thoroughly typically reach first sale in a few days post-publish, versus weeks or months when key steps are deferred. Making an offer transactable: Speed starts here Publishing a Marketplace listing is like setting up a storefront. But a transactable offer turns that storefront into a fully operational sales channel. Technical execution: Fulfillment & integration For SaaS offers, integrate the SaaS Fulfillment API v2: Implement landing page and webhook endpoints to handle provisioning. Automate activation, change, and cancellation flows. Ensure your finance systems can reconcile Marketplace invoices and payouts. Commercial execution: Pricing & packaging for enterprise buyers Offer transparent, scalable plans buyers can commit to confidently. Design for private offers: custom pricing, terms, or multi-year deals. Ensure deployment is frictionless; buyers expect immediate activation. Aligning with seller & buyer behavior Transactable offers allow Microsoft sellers to retire quota faster which can be a huge incentive. Buyers prefer using committed cloud spend on pre-approved contracts. Simplicity wins: fewer legal redlines, faster billing, and predictable usage. Using Microsoft’s Standard Contract instead of custom terms can cut procurement timelines drastically. Co-sell readiness ensures sellers can bring you into opportunities quickly. Common pitfalls that delay first sale velocity Not every software company reaches their first sale smoothly. In fact, many delays stem from operational and technical issues, not lack of demand. Some of the most common pitfalls include: Delaying payout and tax setup: Without validated financial configuration, your offer can go live but won’t be able to transact. This is one of the biggest and most common delays. Weak or incomplete listings: If your listing doesn’t clearly communicate value, pricing, deployment, and security posture, neither sellers nor buyers will engage confidently. Fulfillment gaps: A broken or manual provisioning flow can derail the first transaction at the worst possible moment. Automation here is essential. Lack of CRM integration: Marketplace opportunities stuck in a separate portal often get ignored or delayed, leading to poor forecasting and slower deal cycles. No seller activation: Simply going live won’t bring in deals. Without proactive enablement, Microsoft field sellers won’t prioritize your offer. Legal complexity: Custom legal terms add friction for buyers and sellers. Using Microsoft’s Standard Contract accelerates procurement significantly. Over-reliance on “organic” traffic: Marketplace is not a “list and wait” channel. The first sale almost always needs to be driven intentionally. Most of these pitfalls are fully preventable with early planning, operational alignment, and a revenue-first listing strategy. Here’s how modern software companies are solving these common challenges, with AI copilots and CRM-native workflows. CRM-native automation to streamline first marketplace sale Once your offer is live, speed to first transaction depends on how efficiently you can move from buyer intent to recorded revenue. This is where CRM-native automation bridges the gap, connecting Marketplace activity with your core GTM and operational systems. When Marketplace deals don’t connect to your CRM, they fall into operational dead zones that slow execution and create unnecessary manual work: Data entry and updates are done twice, once in CRM and then again in the Partner Center Manual processes introduce errors and inconsistencies. Seller response time slows because opportunities aren’t visible. Finance teams chase payouts and reconciliation weeks after closing. GTM leadership lacks visibility into true pipeline attribution and revenue impact. In short, disconnected systems mean disconnected teams and that’s the biggest drag on first-sale velocity. But CRM-native automation streamlines the transactable offer process in more than one way, including: Automated offer creation For most software companies, the first Marketplace transaction happens through a private offer, not a public click-to-buy. CRM-native automation lets you generate, customize, and track private offers directly inside your CRM, eliminating manual Partner Center steps and accelerating deal velocity. Advanced workflows also integrate co-sell automation, so partner managers and Microsoft field sellers are looped in automatically. Real-time deal visibility As soon as a buyer initiates a transaction or engages through a private offer, the status is instantly logged in your CRM through bi-directional sync. Sellers and RevOps no longer have to check Partner Center manually. This eliminates lag between buyer intent and seller follow-up, often shaving days off deal cycles. Unified forecasting and attribution Marketplace opportunities flow directly into your primary CRM pipeline. GTM and revenue leaders can forecast Marketplace deals alongside direct sales, using the same dashboards and metrics. Marketplace revenue is no longer a black box sitting outside the funnel. Financial reconciliation without chaos Payout reports, tax records, and revenue recognition tie directly to opportunity records. Finance teams don’t need to manually match spreadsheets or chase payouts. Marketplace revenue is reconciled automatically with clean data, reducing delays and errors. Better seller incentives and co-sell alignment When Marketplace deals show up in seller dashboards and reports, they’re treated like legitimate, quota-retiring opportunities. This increases seller participation and encourages field teams to bring software companies into opportunities earlier. Co-sell notifications can be automated, ensuring partner managers, sellers, and Microsoft teams are always aligned. A fully operational CRM-native Marketplace motion typically includes: Automated private offer generation through Marketplace Streamlined co-sell opportunity signals from CRM to align Microsoft sellers and accelerate joint pipeline. Deal stage mapping aligned with GTM and RevOps workflows. Automated approval, legal, and finance processes. Integration with payout and tax reporting for real-time revenue recognition. Alerts and dashboards for sellers, RevOps, and partner managers. Direct linkage with co-sell opportunities and field seller engagement. AI agents & Copilots: Driving faster listing readiness For most software development companies, listing and selling on Microsoft Marketplace is complex because the steps are fragmented. Legal, technical, operational, and GTM readiness often move at different speeds. This is exactly where AI agents and copilots transform the motion from manual and reactive to predictable and orchestrated. AI Agents can act as a purpose-built companion for software companies, like SaaSify AI Companion can generate tailored, prioritized roadmaps based on your GTM maturity, offer type, and launch goals. Here’s how AI agents can accelerate GTM readiness: Personalized Roadmaps: AI generates a launch plan with 50+ tasks, customized to your offer type, stage, and objectives. These aren’t static lists, they adapt dynamically as you progress. Guided Execution: Every task includes step-by-step guidance, deep links to Microsoft resources, contextual recommendations, and real-time AI assistance. Dependency & Risk Management: Visual progress indicators, dependencies, and conditional logic ensure you never miss a critical step. Potential blockers are flagged early with no need for external consultants Flexible Engagement: Software companies can choose between self-service (full control) or assisted onboarding (expert + AI), allowing different team structures to move at the same velocity. AI copilots don’t just accelerate readiness; they reduce errors, compress planning cycles, and create predictability. Listing to first sale on Microsoft Marketplace: An inflection point The first Marketplace sale isn’t just a transaction. It’s the moment your GTM motion proves it can run on Microsoft’s procurement rails. It’s the point where sellers start to pull you into deals, buyers see Marketplace as a trusted procurement path, and your internal teams gain confidence in a repeatable channel. The software companies who reach this point fastest aren’t necessarily the ones with the biggest budgets or teams. They’re the ones who: Treat listing readiness as a strategic launch, not an operational checkbox. Invest early in transactability to minimize friction for buyers and sellers. Avoid common operational pitfalls that slow most launches down. Use AI copilots to orchestrate readiness instead of relying on manual project management. Implement CRM-native automation so every signal flows seamlessly into their revenue engine. Marketplace is not a “list and wait” channel. It’s a GTM motion that rewards precision, alignment, and speed. That’s where SaaSify plays a catalytic role. SaaSify AI Companion enables self-service readiness with guided, step-by-step launch roadmaps, while the SaaSify GTM Platform automates the operational backbone of transactable offers, from private offer creation to co-sell workflows and payout reconciliation. This combination helps software companies cut time-to-first-sale dramatically, reduce execution overhead, and scale Marketplace revenue motions with confidence. In today’s Marketplace-driven economy, the winners aren’t just those who list fast, they’re the ones who operationalize faster, automate smarter, and sell through Microsoft as a scalable, repeatable growth engine. To learn more and ask questions, attend the AI-powered acceleration: Scale faster in Microsoft Marketplace | Microsoft Community Hub session on December 4 th . If you are unable to attend, the session will be recorded for on demand viewing after. __________________________________________________________________________________________________________________________________________________________________ Resources Microsoft Marketplace Trusted source for cloud solutions, AI apps, and agents Microsoft Marketplace - Marketplace publisher | Microsoft Learn How to guides for working in Microsoft Marketplace ISV Success Discover offers and benefits of ISV Success to help you take your apps and agents to the next level.Lock in marketplace terms for up to five years with multiyear contract durations
Co-authored by Trevor_Yeats We’re excited to announce that the Microsoft marketplace now supports multiyear contract durations—enabling customers and partners to lock in terms and pricing for up to five years. New options include four and five-year terms for SaaS and Professional Services, and two, four, and five-year terms for Virtual Machine Software Reservations (VMSR). These contract durations are available globally across all marketplace-supported currencies. The value for your customers and for you With multiyear contract durations, customers can buy with confidence knowing they will have stability and continuity of service, making it easier to plan and forecast expenses and lock in substantial savings that often come with longer contracts. Partners benefit by supporting customers’ budget needs, strengthening customer relationships, reducing administrative burdens, and growing reliable revenue streams. “Our customers value five-year contracts for the stability and long-term value they provide. With multiyear contracts now available in Microsoft marketplace, we can better align with their operational timelines, reduce renewal cycles, and focus on building lasting relationships—while driving predictable revenue.” Sue Wilkinson, Global Director of Partners, IFS How it works To enable multiyear contract durations, software partners must take the following steps: Create a public offer with multiyear contract durations. Partners must ensure their public offers include extended contract terms before they can create private offers with those durations. Partners have two options: Update an existing public plan to support new options for extended durations (i.e., four and five-year options for SaaS offers and two, four, and five-year options for VMSR), or Create a new public plan that includes multiyear contract durations. Create private offers with multiyear contract durations. Once a public offer with multiyear contract durations is published, partners can configure private offers that leverage those durations. Notes: As of October 31, multiyear contract durations are available for CSP offers. Existing customer agreements cannot be modified mid-term to extend contract length. Customers must cancel their current plan and purchase a new one that includes the desired extended duration. Creating multiyear contracts with flexible billing schedules Partners can create private offers that combine multiyear contract durations with flexible billing options—like quarterly, semiannual, or bimonthly—making it easier to align with customer needs and streamline sales. “Microsoft’s recent launch of multiyear contracts and flexible billing has been a game changer, simplifying the buying process and enhancing the customer experience. We can now build private offers in the Microsoft marketplace in a more natural way that mirrors our contracts in the platform.” Sue Wilkinson, Global Director of Partners, IFS Learn more about flexible billing schedules and capturing the marketplace opportunity. Eligibility for multiyear contracts and how to get started Any company who is part of the Microsoft AI Cloud Partner Program can sell on the marketplace with multiyear contract durations. Details are provided in our documentation, but at a high-level: Be a member of the Microsoft AI Cloud Partner Program (it’s free to join) Sign the marketplace publisher agreement Publish your public offer with multiyear contract durations. Sell private offers with multiyear contract durations. In addition, we have many support resources for partners depending on where they are on their marketplace journey. For example, software development companies can join ISV Success, within the Partner Program, for tools and resources that help them publish their solution and maximize reach through the marketplace. Learn more by visiting: Microsoft commercial marketplace transact capabilities FAQs: https://aka.ms/multiyear-FAQsBuild smarter, publish faster: Here’s what’s new in App Advisor
App Advisor just got a major upgrade - and it’s changing the game for software development companies building apps and agents for the Microsoft Marketplace. Since its MVP launch in January 2024, App Advisor has helped thousands of partners like you streamline their journey. 💬 What partners are saying App Advisor isn’t just a tool - it’s a game-changer. Here’s what partners have shared about their experience: “I appreciate that App Advisor curates the content for the partner since the amount of data available is just so vast. It does a great job of curating for them based on their goals.” Frank Valdivieso, President & CEO, Gryphon Consulting ⚡What’s new? Smarter focus, faster execution, and scalable growth Now, with six new features launched in the US (and global availability coming soon), App Advisor is making it easier than ever to stay focused, move faster, and scale smarter with apps and agents. Here’s what’s new: 🛠️ In-app marketplace offer creation Start your marketplace journey directly within App Advisor - no context switching required. You can now initiate offer creation for popular offer types without leaving the platform. Not signed up to publish - no problem! App Advisor can get you signed up and on your way to creating your offer. 🚀 Tailored recommendations by marketplace offer type Confidently align your app with the right marketplace offer and pricing model using our interactive wizard. Get personalized recommendations based on your app profile and program membership - and fast-track publishing to launch sooner. 📁 Multi-project save with Partner Center linking Advance multiple apps and agents from a single, centralized experience. Save guidance across projects and link each to its Partner Center offer for seamless continuity. 🎯 Membership-based guidance Receive personalized guidance based on your ISV Success or Marketplace Rewards membership. App Advisor adapts its recommendations to help you make faster, smarter decisions. ✅ ISV Success sign-up integration Sign up for ISV Success and resume your workflow without disruption. Unlock benefits like cloud credits, technical consults, and go-to-market resources - all without breaking your build flow. 🎥 Embedded video playback Explore how to build, publish, and grow your apps and agents with step-by-step video guidance. Watch demos and guidance videos directly within App Advisor. Stay in flow with seamless, distraction-free learning, all while keeping the AI-powered assistant visible and ready to help. Ready to accelerate your marketplace success? Dive into App Advisor today to build, publish, and sell transactable offers with clarity, speed, and confidence. Make sure you check out the new Microsoft Marketplace - the single destination to find, try, and buy AI apps, tools, and agents. Read the blog to learn more. Ready to level up with App Advisor? Watch this quick video and unlock what’s next!
