MachPanel Knowledgebase

INFO:Enable Permissions for CSP account

Mudesira Munir


This article shows what permissions are required for CSP account used by MachPanel.

Applies To

This article applies to MachPanel all versions.

Enable Permissions for 'Microsoft Partner Center' and 'Windows Azure Active Directory Portal':

  • Login to Microsoft Partner Center click on "Dashboard >> View Users", this will land you on "User Management".
  • For CSP Service Account following "roles and permissions" are required:


  • Go to: and login using your CSP Service Account, then navigate to "Azure Active Directory" >> "App Registrations".
  • Here, either use Existing Application or create "New Registration".
  • Add Redirect URI for your Web Application as: urn:ietf:wg:oauth:2.0:oob
  • Hit Register to register this application.

  • Click on your desired Application, and click the option "API Permissions".
  • Click on Add Permission button and add permissions as highlighted below. Once done, hit the "Grant admin consent for <CSP Account>" button (You will need to choose all permissions for each category one by one):


  •  Finally, click on "Certificates & Secrets" from App Registrations Menu and create "New Client Secret". Save this with you as you will need it later (this will be used as $webAppSecret in commands below).


Steps to perform on MachPanel Control Panel Server:

  • Uninstall "Microsoft Azure Active Directory Module" for Windows PowerShell v1.1.166.0, if installed.
  • Install PowerShell 5.1 if not installed.
    • To check your PowerShell version use command: $PSVersionTable.PSVersion
  • It should be like below or a latest build
  • To install:

  • ​To Install Module MSOnline using command: Open PowerShell as Administrator

    1. Run Command Get-PackageProvider
      1. See: NuGet, version should be: or latest.
        1. If version is older then run commands:
          1. [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
          2. Install-PackageProvider -Name NuGet -RequiredVersion -Force
        2. Once done, Close PowerShell and Re-open as Administator.
    2. Run commands:
      1. [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
      2. Install-Module -Name MSOnline
      3. Install-Module -Name PartnerCenter
      4. Import-Module MSOnline
      5. Get-Module
        1. MsOnline version should be >=


Execute commands below to get your - *Refresh Token: - to be inserted into MachPanel Profile settings.

  • ​​​​Replace Values in below variables (highlighted) as per your profile and run on PowerShell