Partners that use the same tenant for Partner Center and Work 365 can currently use the same account to connect to Partner Center (integration account) that they use to connect to Work 365 (service account).

Once Microsoft enforces MFA for Partner Center access, it will be required to separate these accounts; since the service account does not support MFA. Hence, we recommend creating separate accounts for each of these roles.

Creating the Integration Account

The following steps describe the process of creating the Integration account. For creating the service account, please refer to this link.

Login to Microsoft Partner Center (https://partnercenter.microsoft.com) using Global Administrator credentials and select “User Management” from the top right menu.

On the User Management screen, click the “Add User” button and type the name and login for the integration account user. In the “Assists your customers as” section, select “Admin agent”. Then click the “Add” button at the bottom of the screen.

At his point, a summary screen with a temporary password would be displayed. This password will need to be changed upon the first login. However, since this is an automation account, the password needs to be set to a permanent non-expiring one before it can be used in the configuration.

To reset a user’s password, please follow instructions in the below link. Ensure that “Make this user change their password when they first sign in” is UNCHECKED.

https://docs.microsoft.com/en-us/office365/admin/add-users/resend-user-password?view=o365-worldwide

To set a user’s password to never expire, please follow instructions in the link below.

https://docs.microsoft.com/en-us/office365/admin/add-users/set-password-to-never-expire?view=o365-worldwide

To enable Multifactor authentication for a user, please follow instructions in the link below.

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

Note

Collecting Additional Partner Center Information

From the top right menu, select “Organization profile.

Note the Microsoft ID and Default domain values. These will be required later.

Configuring the Partner Center Provider using Direct Credentials

The Work 365 partner center provider can be configured using a username/password combination for the integration account. This method works in all versions of Work 365; however, it is likely that Microsoft will disallow this method in the future. For this reason, with new installs and upgrades to v2.1 or higher, we recommend configuring the Partner Center provider using the Consent Framework.

Note 2

Additional Configuration in Partner Center

Select “Organization profile” from the top right menu, then select “App Management” from the left menu.

Scroll to the Native App section. If an existing app is available and can be used, note the App ID for that app; alternatively, create a new native app by clicking the “Add new native app” link and note the App ID for that app.

Configuring the provider in Work 365

Go to Dynamics 365 Navigation menu ▶ Work 365 ▶ Provider Management ▶ Providers.

Click and open the existing “Microsoft Partner Center” provider, or create a new provider (of type Work365.Providers.MicrosoftCspProvider) if you need to connect to multiple partner centers (Each provider connects to one Partner Center).

Complete the details on the form as given below:

Username: [as created in the previous steps]
Password: [as created in the previous steps]
End Point URL: https://api.partnercenter.microsoft.com

Additional Properties:

Domain: [default domain, noted earlier]
Client Id: [app id, noted earlier]
Country Code: [country where partner center is registered]
Currency Code: [partner center currency]
Billing Start Day: [CSP invoice day]
Reseller Relationship Authorize URL: [URL for customers to accept your reseller relationship]
Delegated Admin Authorize URL: [URL for customers to accept your delegated admin relationship]
Partner Center Tenant Id: [not-required for Direct Credentials]

Save the record.

Click on the “Verify Connectivity” button. If the settings are correct, you should receive a successful confirmation; if the connectivity fails, check your settings and try again.

Configuring the Partner Center using the Consent Framework

This method of Partner Center configuration is only available in Work 365 v2.1 or higher and is the recommended approach for connecting to Partner Center.

Note 3

Go to Dynamics 365 Navigation menu ▶ Work 365 ▶ Provider Management ▶ Providers.

Complete the details on the form as given below:

Username: [not-required]
Password: [not-required]
End Point URL: https://api.partnercenter.microsoft.com

Additional Properties:

Domain: [default domain, noted earlier]
Client Id: [not-required]
Country Code: [country where partner center is registered]
Currency Code: [partner center currency]
Billing Start Day: [CSP invoice day]
Reseller Relationship Authorize URL: [URL for customers to accept your reseller relationship]
Delegated Admin Authorize URL: [URL for customers to accept your delegated admin relationship]
Partner Center Tenant Id: [Microsoft ID, as noted earlier]

Save the record.

The “Generate Consent Link” button should now appear – click this link to open a popup window with the consent instructions.

Click the link icon to copy the consent link to the clipboard. Paste the link into a new browser window (use Incognito/InPrivate browsing mode) and follow the instructions for consent. Login with the Integration Account when prompted and accept the consent request as the integration user.

MFA enablement, if needed must be done before the consent is given; The consent process may need to be repeated if MFA is enabled after the consent was provided.

If the consent was successful, the following message should be displayed.

Work 365