Microsoft is updating its billing reconciliation APIs to the new V2 version. Cloudmore Brokers should refresh their CSP Authentication token in Cloudmore to enjoy uninterrupted service to their billing data.
Partner action required
Cloudmore Brokers MUST update their authentication token manually before September 30, 2024 in the Cloudmore platform on the Microsoft 365 CSP Direct service - Microsoft CSP Authentication page. See below for instructions.
WHY? By manually updating their token, the Broker will review the permissions and provide consent to the Cloudmore app to request and download their billed invoice reconciliation data (read-only rights) so we can process and display it in the Cloudmore platform.
WHEN? Brokers can start updating their Cloudmore authentication token from August 12, 2024. The deadline is September 30, 2024. If a Broker doesn’t update the token, Cloudmore will not be able to access and surface the billing reconciliation data in the platform starting from October.
The timelines for the manual token update may change, subject to Microsoft's deadline changes. In this case, Cloudmore will immediately communicate the new timelines to our Brokers.
Step-by-step instructions
Please note that, depending on your location, you must use the eu.cloudmore.com or us.cloudmore.com URL to get or refresh the authentication token. Custom-branded URLs are not applicable to this process.
-
Log in to Cloudmore.
-
Go to Broker menu > My services > Microsoft O365 CSP Direct > Microsoft CSP Authentication.
-
On the Microsoft CSP authentication page, check the entered information is up to date.
-
Press Update, and you will be redirected to the Microsoft authentication page where you must sign in with a Global Admin account. Then, you will see a list of permissions required for the Cloudmore application (CPV production) to work and be asked to accept the request and grant consent.
Once you update the authentication token, the new permissions will be authorised, and Cloudmore will be able to process and display your billing reconciliation data.
Transition to the Microsoft NCE billed line items API V.2
Microsoft is updating its billing reconciliation APIs to the new V2 version. The new asynchronous API offers a faster and more manageable way to access billing and reconciliation data through Azure blobs compared to the old V1 version.
After September 30, 2024, all the invoice reconciliation line items created from October 2024 onwards will be available only with the v2 API.
API V1 will still be available for retrieving historical invoice line item data for invoices that were created for billing periods before February 2024.
The Microsoft portal provides more details about the benefits and limitations of the new V2 API and about using the MS Graph API to export billing data.
Cloudmore implementation of the new API
To access and display your data, Cloudmore uses a client application that acts on behalf of the authorized partner user (Delegated access).
When you are onboarded to Cloudmore and integrate your CSP tenant with us, you grant the Cloudmore client application permissions to access your partner and customer data on behalf of the user who performed the Microsoft CSP authentication and updated the Cloudmore authorisation token. It means that the application will be able to access the same amount of data as the specified user, having the same set of permissions this user has.
The new V2 billing reconciliation API is a Microsoft Graph API. Microsoft Graph is a protected web API for accessing data in Microsoft cloud services like Microsoft Entra ID and Microsoft 365. It's protected by the Microsoft identity platform, which uses OAuth access tokens to verify that an app is authorized to call Microsoft Graph.
Per Microsoft security requirements, the client application must be granted PartnerBilling.Read.All permission for using the new billed invoice line item API and exporting the reconciliation data. This is the least privileged permission required for access, so rest assured that Cloudmore will never access more data than is a minimum for the platform to function.