The Work 365 Partner Center Integration enables Partner Center data, such as subscriptions, agreements, and provider invoices, to have a bi-directional sync with Work 365.
Setting up the Work 365 Partner Center integration is only applicable to Direct CSP Partner.
It is recommended to create a separate Partner Center integration account from the Work 365 service account.
Creating the Integration Account
The following steps describe the process of creating the Integration account. For creating the service account, please refer to this link.
Login to Microsoft Partner Center (https://partnercenter.microsoft.com) using Global Administrator credentials and select “User Management” from the top-right menu.
On the User Management screen, click the “Add User” button and type the name and login for the integration account user. In the “Assists your customers as” section, select “Admin agent”. Then click the “Add” button at the bottom of the screen.
At his point, a summary screen with a temporary password would be displayed. This password will need to be changed upon the first login. However, since this is an automation account, the password needs to be set to a permanent non-expiring one before it can be used in the configuration.
To reset a user’s password, please follow instructions in the below link. Ensure that “Make this user change their password when they first sign in” is UNCHECKED.
https://docs.microsoft.com/en-us/office365/admin/add-users/resend-user-password?view=o365-worldwide
To set a user’s password to never expire, please follow instructions in the link below.
To enable Multifactor authentication for a user, please follow instructions in the link below.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates
Collecting Additional Partner Center Information
From the top-right menu, select “Organization profile.
Note the Microsoft ID and Default domain values. These will be required later.
Additional Configuration in Partner Center
Select “Organization profile” from the top-right menu, then select “App Management” from the left menu.
Scroll to the Native App section. If an existing app is available and can be used, note the App ID for that app; alternatively, create a new native app by clicking the “Add new native app” link and note the App ID for that app.
Configuring the provider in Work 365
Go to Dynamics 365 Navigation menu ▶ Work 365 ▶ Provider Management ▶ Providers.
Click and open the existing “Microsoft Partner Center” provider, or create a new provider (of type Work365.Providers.MicrosoftCspProvider) if you need to connect to multiple partner centers (Each provider connects to one Partner Center).
Complete the details on the form as given below
- Name: Can identify Partner Center name by location (ie. Microsoft US Partner Center)
- Internal Name: Work365.Providers.MicrosoftCspProvider
- End Point URL: https://api.partnercenter.microsoft.com
Additional Properties
- Domain: [default domain, noted earlier]
- Client Id: [app id, noted earlier]
- Country Code: [country where partner center is registered]
- Currency Code: [partner center currency]
- Billing Start Day: [CSP invoice day]
- Reseller Relationship Authorize URL: [URL for customers to accept your reseller relationship]
- Delegated Admin Authorize URL: [URL for customers to accept your delegated admin relationship]
- Partner Center Tenant Id: [Microsoft Partner ID]
Save the record.
Configuring the Partner Center using the Consent Framework
This method of Partner Center configuration is only available in Work 365 v2.1 or higher and is the recommended approach for connecting to Partner Center. Note: MFA for the Partner Center Integration account MUST be enabled.
Go to Dynamics 365 Navigation menu ▶ Work 365 ▶ Provider Management ▶ Providers.
Click and open the existing “Microsoft Partner Center” provider, or create a new provider as detailed in the previous steps (of type Work365.Providers.MicrosoftCspProvider) if you need to connect to multiple partner centers (Each provider connects to one Partner Center).
The “Generate Consent Link” button should now appear – click this link to open a popup window with the consent instructions.
Click the link icon to copy the consent link to the clipboard. Paste the link into a new private browser window (use Incognito/InPrivate browsing mode) and follow the instructions for consent. Login with the Integration Account when prompted, confirm the MFA, and accept the consent request as the integration user.
MFA enablement MUST be done before the consent is given in order for the consent process to be completed. Furthermore, the MFA MUST be prompted during the consent process in order for the consent to be successful.
If the consent was successful, the following message should be displayed.
Click on the “Verify Connectivity” button. If the settings are correct, you should receive a successful confirmation; if the connectivity fails, check your settings and try again.
Once verified, Sync the Provider Accounts under the Work 365 button menu to sync the customer tenants from Partner Center to Work 365.