Microsoft has introduced a mandatory model to increase security for Partner Center API Integration calls. To facilitate this you are required to complete the stages documented below to ensure that Cloudmore services can run without interruption.
If you have any queries or require assistance with the process please mail us at firstname.lastname@example.org
1. Pre-requisites to enable the MFA token
- To enable the MFA token this must be completed through the eu.cloudmore.com address, do not use branded URLs for this process.
- The user account required for the Microsoft Partner Center must be set to have Global Administrator permissions to allow the token to authenticate correctly. This account is also required to have MFA enabled in the Partner Center
- The Global Administrator account should also have the Admin Agent role assigned in the Partner Center
- Once the token has been launched the Global Administrator account in Microsoft should not change permissions or passwords as this will cancel the tokens ability to authenticate
- If the broker has set a mandatory requirement for users to login via SSO this should be disabled
2. Enable the Cloudmore Platform
- Login to the Cloudmore platform.
- Go to My services> 0365 > Microsoft CSP Authentication.
- When presented with the screen shown below enter your Microsoft ID which you can find at My services> 0365 > Authentication keys and copy the partner tenant ID.
- Press Update, you will then be directed to the MS Partner Centre where you must sign in with a Global Admin account and you will be asked to grant consent for this process.
- This will apply a token for a period of 90 Days. At the end of the 90 days, you will receive a notification to warn that this has expired, and pressing Update will apply a new token.
- To test the token log into Cloudmore using the usual URL and run a Microsoft Billing Report, this will test the API connection to MS Partner Center
- Reset any mandatory SSO settings that had been disabled