You integrated the software exactly the way the vendor recommended. You followed their architecture guide. You connected it to the other platforms they listed as compatible. Then a patent claim arrives. Your vendor reviews the contract and tells you their IP indemnification doesn't apply, because the claim involves the product running alongside a third-party system.
You did everything right, and the exception was there the whole time.
Most vendor IP indemnification comes with conditions that limit or remove coverage in specific situations. Those situations aren't edge cases. They're the normal way enterprise software gets deployed. This isn't a common dispute, but when it does surface, legal costs alone can reach hundreds of thousands of dollars before the underlying claim is even resolved. Knowing where your coverage stops, before you need it, is the only version of this that's cheap.
The Most Common Place Coverage Stops
The most common exception in IP indemnification clauses covers combinations with other systems. The typical language says the vendor isn't responsible for claims arising from their product being used alongside other software, hardware, or platforms they didn't provide.
That sounds reasonable in the abstract. In many enterprise environments, products routinely connect to other software, data sources, and infrastructure. Broadly written combination exceptions can therefore apply far more often than buyers expect.
Some patent claims allege infringement based on the way multiple technologies operate together, which makes combination language particularly important in those cases. When that's the theory of the claim, a vendor with broad combination language has a contractual basis to walk away from it.
The entire question is how broadly the exception is written. That one variable decides whether it's a reasonable carve-out or a way to void coverage for ordinary use.
What the Language Actually Looks Like
Two contracts can both include a combination exception and offer completely different levels of real protection.
Broad language that creates serious exposure reads something like: "Vendor shall have no obligation to indemnify Customer for claims arising from use of the product in combination with any third-party software, hardware, or services."
Under that version, almost any integrated deployment qualifies. Your CRM connects to your ERP, your security platform runs across your network, your AI tool pulls from your data warehouse. The claim doesn't need to be specifically about the combination. It just needs to involve a product running near something else. In most enterprise environments, that's always true.
Narrower language that preserves meaningful coverage reads something like: "Vendor shall have no obligation to indemnify Customer for claims arising from use of the product in combination with third-party products not approved or recommended by Vendor."
This version excludes non-standard combinations while preserving coverage for anything the vendor documented, recommended, or certified. Follow their own architecture guide, and the coverage follows you.
Same clause title. Same apparent protection. Completely different contract.
Which Vendor Relationships Deserve the Closest Look
Not every vendor carries the same exposure here. The combination exception matters most for platforms that sit at the center of complex, integrated environments.
ERP systems connected to CRM, finance tools, and reporting platforms carry meaningful exposure because the integration is deep and data flows across multiple systems. Security platforms are particularly relevant because connecting across the environment is the whole point of the product. AI tools integrated with proprietary data and other platforms are a growing area of concern as IP litigation in that space increases.
The exception matters less for standalone tools with limited integration. A survey tool or a whiteboard application is a different risk profile than a security platform running across your entire environment. Focus the review time where the exposure actually concentrates.
What You Can Actually Negotiate
In larger or more strategic deals, this exception is negotiable more often than buyers assume. The ask that gets accepted most often is narrowing the exception to combinations the vendor didn't recommend or document, rather than any third-party combination at all.
If the vendor publishes integration guides, reference architectures, or a certified partner list, ask that the indemnification track those same recommendations. It's a reasonable position. The vendor still isn't on the hook for deployments outside their own guidance, and you're covered for the ones you followed.
If You Find Broad Exception Language in Your Contract
If a renewal is approaching, raise it as a negotiating point. Ask for the exception to be narrowed to non-approved combinations. If the vendor won't touch the clause itself, ask for a side letter or addendum that explicitly preserves coverage for vendor-recommended integrations.
If you're mid-contract with no renewal in sight, check whether your current deployment falls within what the vendor actually documented. If it does, keep that documentation on file. If it's gone beyond that, flag it for your renewal strategy and check whether your insurance fills the gap in the meantime.
Accepting broad exception language isn't automatically a mistake. It's a risk decision. The problem is making that decision by accident, after a claim already landed.
Before Your Next Renewal
Find the IP indemnification section in your most critical vendor contracts. Look for language that limits coverage based on how the product is used. Search for these phrases:
- "used in combination with"
- "integrated with third-party products"
- "used other than as directed"
- "modified by customer"
When you find one, check whether it's narrow or broad. Narrow covers non-standard uses. Broad can cover your normal deployment. That distinction tells you whether the protection in the rest of the clause is real or whether it disappears the moment you actually need it.
You probably re-signed your last contract without checking this. Most people do. By the time you find the gap, you have already given up the only leverage you had.
We review IP indemnification language and map the exceptions against how you actually use the product, not how the contract assumes you do. We know which vendors write narrow, reasonable exceptions and which ones write language broad enough to void coverage for a standard deployment.
We will tell you where you are exposed before someone else does. Get Started.
No pitch. No prep. Just answers.

