For Admins · RevOps · Compliance

The weekly license report
your org should have had.

Connect in 60 seconds. Get a weekly ops report on inactive users, PSL waste, and integration risk — plus a history-backed evidence package when renewal or audit season arrives.

Get your first audit free See pricing

Read-only OAuth — zero write accessNo AppExchange install requiredWorks with Production & SandboxQuarterly compliance evidence pack

Live demo

This is your weekly ops report

Every user, every finding, every cost — by name.

SpendReady · Live Audit Preview

Week of May 4, 2026

This week's finding: $6,105/mo identified

User	License	Last Login	Cost	Action
Sarah Mitchell	Salesforce Enterprise	214 days ago	$175/mo	Deactivate
James Thornton	Salesforce Enterprise	189 days ago	$175/mo	Deactivate
Priya Nair	Sales Cloud Einstein	302 days ago	$75/mo	Remove PSL
Tom Bradley	Salesforce Enterprise	97 days ago	$175/mo	Review

37 users inactive 90+ days · $77,700/yr in recoverable spendRun on your org →

Four categories. Every week.

SpendReady cross-references user records, login history, PSL assignments, and OAuth surfaces — automatically.

Inactive users

Users with no interactive login in 90+ days, cross-referenced with API activity to eliminate false positives.

New hires, leave, and approved dormant accounts can be exempted

PSL waste

Permission Set Licenses assigned to users who have never activated the related features — caught by cross-referencing PSL assignments against feature usage.

Identified by name, not just count

Integration user risk

Service accounts holding interactive licenses, stale OAuth tokens (60d+ unused), and API users with UI login capability that creates a security surface.

Stale token detection + UI login flag

License pool gaps

Org-level view of purchased vs assigned vs active counts — the gap your CFO cares about and Salesforce's native views don't surface cleanly.

Available for monthly finance pack

How it works

No install. No IT ticket. No production changes.

Connect in 60 seconds

Read-only OAuth — the same mechanism as any approved Salesforce third-party app. Requires a Salesforce admin or a user with View Setup and Configuration access. No AppExchange, no IT ticket.

Admin or View Setup access required

Weekly report lands in your inbox

New inactive users, PSL anomalies, stale integration tokens, and a prioritized cleanup queue — every week, automatically. Forward to RevOps leads or your CFO without Salesforce access.

Historical baseline builds over time

Salesforce's native LoginHistory view is limited to 6 months. SpendReady captures daily snapshots from your connection date, building 12–24 months of trend history that Salesforce can't provide natively.

Coming in Release B

Quarterly Compliance Pack

When audit season hits, you need more than a weekly ops report. The Compliance Pack segments your org into admin, regular, and integration users — with privileged-user rosters, exception rationale, and reviewer sign-off fields that support access-review workflows for SOC 2, SOX, and ITGC programs.

✓ Admin vs regular vs integration user segmentation
✓ Privileged-user roster and access scope
✓ Exception registry with owner and review date
✓ Reviewer attestation and sign-off fields
✓ Immutable report hash for audit evidence

SpendReady supports access-review workflows. It is not a substitute for audit or legal judgment.

Q1 2026 Compliance Pack

Jan–Mar 2026 · Access Review

Preview

Admin usersprivileged access review

Regular usersstandard access scope

289

Integration/service accountsnon-human identities

Users on leave / exemptedsuppressed from findings

Reviewer sign-off: Pending · Due Mar 31, 2026

Admin questions, answered

What objects does SpendReady access?

Read-only access to: User, UserLicense, LoginHistory, PermissionSetLicenseAssign, PermissionSetLicense, AuthSession, and OAuthToken objects. We never read Opportunities, Accounts, Contacts, or any CRM data.

Who needs to authorize the connection?

A Salesforce admin or a user with View Setup and Configuration access. This ensures SpendReady has full visibility into user and license data across the org.

How does inactive user detection work?

We cross-reference LoginHistory with login type to distinguish interactive human logins from API/integration activity. A user with only API logins isn't flagged as inactive. New hires, leave cases, and approved dormant service accounts can be exempted via the exception registry.

How is SpendReady different from Org Check?

Org Check (Salesforce Labs, free) is an in-org static analyzer built for admins. SpendReady delivers a scheduled, formatted report to non-Salesforce stakeholders — CFO, RevOps, Procurement — with longitudinal history and renewal-date framing. Different audience, different workflow.

How does historical data work?

Salesforce's native LoginHistory is limited to 6 months. SpendReady captures daily snapshots from your connection date — building 12–24 months of trend data that Salesforce's native tools can't provide. This becomes your documented utilization evidence at renewal.

What's the Quarterly Compliance Pack?

Coming in Release B: a quarterly evidence package with admin vs regular vs integration user segmentation, privileged-user roster, exception rationale, and reviewer sign-off fields. Supports access-review workflows for SOC 2, SOX, and ITGC programs. Contact us if you need this sooner.

First audit is free. 60 seconds to connect.

Read-only OAuth. No AppExchange install. No IT ticket. Connect your org and see your inactive users, PSL waste, and integration risk in one report.

Get your first audit free →

Admin or View Setup access required to connect

The weekly license reportyour org should have had.