Search

MachPanel Knowledgebase

HOW TO:Azure App Configuration for Partner Center Management

Rehan Waseem
MachPanel

Summary

This article provides a summary for Azure App Configuration required for Partner Center Management

    Applies To

    This article applies to MachPanel build version 7.0.41 and above.

    Important Note:

    1. [A new RefreshToken will be required after applying permissions in Microsoft Entra ID (AKA Azure) app.]
    2. Please follow below article first, If you have not reviewed it yet.

    https://kb.machsol.com/Knowledgebase/54511/CSP-Module-Configuration-Guide-for-MachPanel-Automation-Solution

    Steps Procedure
    •  You will be asked to fill following details while adding profile which can be captured using below section:

    COLLECTING DETAILS TO ADD CSP PROFILE

    Enable Permissions for 'Microsoft Partner Center' and 'Windows Azure Active Directory Portal':

    • Login to Microsoft Partner Center click on "Dashboard >> View Users", this will land you on "User Management".
    • Under User Management you can click Add User.
    • For CSP Service Account following "roles and permissions" are required:

               

    Summary of Steps to perform on Microsoft Azure Portal:
    • Go to:  https://portal.azure.com/ and login using your CSP Service Account, then navigate to "Microsoft Entra ID" >> "App Registrations".
    • Create "New Registration".

                ​​

    • Web Redirect URL shall be set as ‘localhost’ with ‘http’ protocol and any port available between 8400 and 8999 Like: ‘http://localhost:8400’
    • Hit Register to register this application.


    • Click on your desired Application, and click the option "Manifest"
    • Locate "requiredResourceAccess"

      and replace as explained in attached "API Permissions.txt".
    • One more thing, as a new user (admin agent) account and app is configured, please make sure that API Permissions are all granted admin consent by clicking on button (need super admin account impersonation/elevation) depicted below in Microsoft Entra ID (AKA Azure).
    •  
    • Finally, click on "Certificates & Secrets" from Menu and create "Client Secret" and save it with you as you will need this later (this will be used as $webAppSecret in commands below).

    ​​

    ​Summary of Steps to perform on MachPanel Control Panel Server Machine:
    • Execute commands below to get your - *Refresh Token: - to be inserted into MachPanel Profile settings.
    • ​​​​Replace Values in below variables (highlighted) as per your profile and run on PowerShell.

     

    ​​​

    $webAppId = '00000000-0000-0000-0000-00000000000'

    $webAppSecret = 'fjrnf34ffn43oif34iofj3ifjfoi34foi34fj' | ConvertTo-SecureString -AsPlainText -Force

    $tenantId = '00000000-0000-0000-0000-00000000000'

    $credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $webAppId,$webAppSecret

    $Token = New-PartnerAccessToken -Scopes 'https://api.partnercenter.microsoft.com/.default' -ServicePrincipal -ApplicationId $webAppId -Credential  $credential -Tenant $tenantId -UseAuthorizationCode

    • Enter CSP Service Account Username/Password and MFA Key when prompted during command execution to generate token.
    • To get token value write $token.refreshtoken and hit Enter. Copy value of Refresh token.​