Table of Contents | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
...
This integration involves registering two applications in the Microsoft Partner Center created using Global Admin Role. One application to pull Customers' details (Single Tenant application) and another application to pull Customers' Azure AD details (Multi-Tenant application).
...
Creating Azure Application for Microsoft Partner Center
Step 1a: Login to https://portal.azure.com/ using MFA Enabled Global Administrator Role to get Client ID, Secret ID and set permissions.
Step 1b: In the Microsoft Azure Portal, search for Azure Active Directory and select it.
...
Create an application as per the integration of a single tenant.
Once the application is created click on the "Manifest" option under Manage as shown below.
This will open a JSON file.
Replace the requiredResourceAccess key value with the JSON value given below and click on save. this will add all required API permission permissions in one go.
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "4908d5b9ebfcd32b-3fb2-4b1e-9336-1888b7937185babb-40f4-a14b-42706e83bd28",
"type": "Scope"
},
{
"id": "e4c9e354-4dc5-45b8-9e7c-e1393b0b1a20",
"type": "Scope"
},
{
"id": "e1fe6dd8314874da-ba3147d6-4d614978-89e788dc-88639da4683dcf0d37f0bb82",
"type": "Scope": "Scope"
},
{
"id": "06da0dbc-49e2-44d2-8312-53f166ab848a",
"type": "Scope"
},
{
"id": "5f8c59db-677d-491f-a6b8-5f174b11ec1d",
"type": "Scope"
},
{
"id": "bc024368-1153-4739-b217-4326f2e966d0",
"type": "Scope"
},
{
"id": "e383f46e-2787-4529-855e-0e479a3ffac0",
"type": "Scope"
},
{
"id": "4908d5b9-3fb2-4b1e-9336-1888b7937185",
"type": "Scope"
},
{
"id": "02e97553-ed7b-43d0-ab3c-f8bace0d040c",
"type": "Scope"
},
{
"id": "741c54c3-0c1e-44a1-818b-3f97ab4e8c83",
"type": "Scope"
},
{
"id": "64733abd-851e-478a-bffb-e47a14b18235",
"type": "Scope"
},
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
},
{
"id": "a154be20-db9c-4678-8ab7-66f6cc099a59",
"type": "Scope"
},
{
"id": "d07a8cc0-3d51-4b77-b3b0-32704d1f69fa",
"type": "Role"
},
{
"id": "b0afded3-3588-46d8-8b3d-9842eff778da",
"type": "Role"
},
{
"id": "2f51be20-0bb4-4fed-bf7b-db946066c75e",
"type": "Role"
},
{
"id": "7ab1d382-f21e-4acd-a863-ba3e13f7da61",
"type": "Role"
},
{
"id": "5b567255-7703-4780-807c-7be8301ae99b",
"type": "Role"
},
{
"id": "98830695-27a2-44f7-8c18-0c3ebc9698f6",
"type": "Role"
},
{
"id": "b633e1c5-b582-4048-a93e-9f11b44c7e96",
"type": "Role"
},
{
"id": "498476ce-e0fe-48b0-b801-37ba7e2685c6",
"type": "Role"
},
{
"id": "230c1aed-a721-4c5d-9cb4-a90514e508ef",
"type": "Role"
},
{
"id": "498476ce483bed4a-e0fe2ad3-48b04361-b801a73b-37ba7e2685c6c83ccdbdc53c",
"type": "Role"
}
]
},
{
"resourceAppIdid": "fa3d9a0cbf394140-3fb0e372-42cc4bf9-9193a898-47c7ecd2edbd299cfc7564e5",
"resourceAccesstype": ["Role"
},
{
"id": "1cebfa2adf021288-fb4dbdef-419e4463-b5f988db-839b4383e05a98f22de89214",
"type": "ScopeRole"
}
]
}
],
API Permissions to be set manually:
...
Step 3a: Navigate to API Permissions and select +Add a permission.
Under Request API Permissions, Select APIs my organization uses
Search for Microsoft Partner Centre (first option) and select it.
...
Step 3b: Once Microsoft Partner Centre is selected new page will open under Microsoft Partner Centre.
Under Delegated Permissions → Select permission → search Search for user_impersonation click the check box and click on Add permissions.
...
Step 3c: Under API Permissions, Click on Microsoft Graph.
Search permission for the name Organization and select the Organization.Read.All permissions.
Search permission for the name User and select the User.Read permissions.
Once done, click on Update Permissions.
...
Step 3d: Once permissions are set, on the same page, please grant admin access by clicking on the Grant admin consent for Connect Secure and click on the Yes button
...
On Granting the Consent it will redirect to the Microsoft User login screen.
Provide user email used (MFA Enabled Global Administrator)
...
Click on Accept under permissions requested.
...
This completes adding Azure Application for Microsoft Partner Center.
...
Under the select platform box select as Web.
Second box give the URL link as https://authccns.mycybercns.com/
Once all the information is entered correctly click on the Register Button.
...
Create an application as per the integration of multi-tenants.
Once the application is created click on the "Manifest" option under Manage as shown below.
...
This will open a JSON file.
Replace the requiredResourceAccess key value with the JSON value given below and click on save. this will add all required API permission in one go.
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "3de2cdbe-0ff5-47d5-bdee-7f45b4749ead",
"type": "Scope"
},
{
"id": "4908d5b9-3fb2-4b1e-9336-1888b7937185",
"type": "Scope"
},
{
"id": "ebfcd32b-babb-40f4-a14b-42706e83bd28",
"type": "Scope"
},
{
"id": "e4c9e354-4dc5-45b8-9e7c-e1393b0b1a20",
"type": "Scope"
},
{
"id": "314874da-47d6-4978-88dc-cf0d37f0bb82",
"type": "Scope"
},
{
"id": "64733abd-851e-478a-bffb-e47a14b18235",
"type": "Scope"
},
{
"id": "02e97553-ed7b-43d0-ab3c-f8bace0d040c",
"type": "Scope"
},
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
},
{
"id": "a154be20-db9c-4678-8ab7-66f6cc099a59",
"type": "Scope"
},
{
"id": "5f8c59db-677d-491f-a6b8-5f174b11ec1d",
"type": "Scope"
},
{
"id": "06da0dbc-49e2-44d2-8312-53f166ab848a",
"type": "Scope"
},
{
"id": "e383f46e-2787-4529-855e-0e479a3ffac0",
"type": "Scope"
},
{
"id": "f6a3db3e-f7e8-4ed2-a414-557c8c9830be",
"type": "Scope"
},
{
"id": "fdc4c997-9942-4479-bfcb-75a36d1138df",
"type": "Role"
},
{
"id": "5b567255-7703-4780-807c-7be8301ae99b",
"type": "Role"
},
{
"id": "498476ce-e0fe-48b0-b801-37ba7e2685c6",
"type": "Role"
},
{
"id": "658aa5d8-239f-45c4-aa12-864f4fc7e490",
"type": "Role"
},
{
"id": "2f51be20-0bb4-4fed-bf7b-db946066c75e",
"type": "Role"
},
{
"id": "bf394140-e372-4bf9-a898-299cfc7564e5",
"type": "Role"
},
{
"id": "df021288-bdef-4463-88db-98f22de89214",
"type": "Role"
},
{
"id": "b0afded3-3588-46d8-8b3d-9842eff778da",
"type": "Role"
},
{
"id": "d07a8cc0-3d51-4b77-b3b0-32704d1f69fa",
"type": "Role"
},
{
"id": "230c1aed-a721-4c5d-9cb4-a90514e508ef",
"type": "Role"
},
{
"id": "b633e1c5-b582-4048-a93e-9f11b44c7e96",
"type": "Role"
},
{
"id": "7ab1d382-f21e-4acd-a863-ba3e13f7da61",
"type": "Role"
}
]
}
],
...
Navigate to API Permissions and select +Add a permission.
Under Request API Permissions, Select Microsoft Graphs under Microsoft APIs
Click on Delegated permissions & Application permissions appropriately and search for the below permissions to add.
...
Once permissions are set, on the same page, please grant admin access by clicking on the Grant admin consent for Connect Secure and click on Yes button
Navigate to Enterprise Application> All Applications, search for the Application_name which is created & click on that Application_name.(Application created for multi tenant)
Once opened, navigate to the Security Section on the left hand side and select Permissions.
Under the Permissions, Click on Grant Admin Consent for Connect Secure.
...
On Granting the Consent it will redirect to the Microsoft User login screen.
Provide user email used (MFA Enabled Global Administrator)
...
Info |
---|
After clicking on Accept, please close the Microsoft login window.(If it again pop-ups as login to the account) |
...
Integrate in CyberCNS Portal
...