Search Engine: Elastic

Article ID: 133595, created on Jan 14, 2019, last review on Jan 17, 2019

Table of Contents

Office 365 Application

This section describes how you can grant consent to the permissions that the Office 365 application requires, and, as a result, acquire a refresh token for the application instance that belongs to your CSP partner account. This refresh token will be used by the Office 365 application to make calls to the Partner Center and Graph APIs on behalf of your CSP partner account.

There are two procedures to grant consent and acquire a refresh token: automatic and manual. You should use the automatic procedure if you have administrative access both to your Odin Automation system and your CSP partner account. You should use the manual procedure if you have administrative access to your Odin Automation system but do not have administrative access to your CSP partner account.

Automatic Procedure

To give your consent and acquire a refresh token for the application instance that your CSP partner account belongs to, follow these steps:

  1. In the Provider Control Panel, perform the following:

    1. Go to Services > Applications. Then, click on the Office 365 application.
    2. Select the Instances tab. Then, click on the application instance that belongs to your CSP partner account.
    3. Select the Office 365 tab. Then, select the Settings subtab.
    4. Click on the Manage Refresh Token button.
    5. In the Automatic Update area, click on the Update Refresh Token button. The login page of the Microsoft Partner Center will be opened in a new browser window.
  2. In the new browser window, perform the following:

    1. Sign in using the credentials of a user that has the Global admin and Admin agent roles.

      Note: Multi-Factor Authentication (MFA) must be enabled for the user, as described at https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.

    2. Click on the Accept button to give your consent to the permissions that the Office 365 application requires. You will be redirected from the Microsoft Partner Center to a special site.
    3. On the Partner Onboarding Web Application page of the site, make sure that the acquisition of the refresh token is being performed successfully: there must be a message like The consent has been granted successfully. The authorization code has been sent ... After that, close the new browser window.
  3. In the Provider Control Panel, perform the following:

    1. Make sure that a message like Your refresh token has been successfully updated is shown.
    2. Click on the Test Connection button to validate that the Office 365 application can make calls to the Partner Center and Graph APIs on behalf of your CSP partner account using the refresh token.

Warning: A refresh token has a limited lifetime of 90 days. This means that you have to acquire a new refresh token before the current refresh token expires.

Manual Procedure

To obtain consent and acquire a refresh token for the application instance that your CSP partner account belongs to, follow these steps:

  1. (This step requires administrative access to your Odin Automation installation) In the Provider Control Panel, perform the following:

    1. Go to Services > Applications. Then, click on the Office 365 application.
    2. Select the Instances tab. Then, click on the application instance that belongs to your CSP partner account.
    3. Select the Office 365 tab. Then, select the Settings subtab.
    4. Click on the Manage Refresh Token button.
    5. In the Manual Update area, click Copy to copy the URL shown on the screen.
    6. Send the URL to a person who has administrative access to your CSP partner account.
  2. (This step requires administrative access to your CSP partner account) In a new browser window, perform the following:

    1. Navigate to the URL that you received. The login page of the Microsoft Partner Center will be opened.
    2. Sign in using the credentials of a user that has the Global admin and Admin agent roles.

      Note: Multi-Factor Authentication (MFA) must be enabled for the user, as described at https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.

    3. In the Microsoft Partner Center, click on the Accept button to give your consent to the permissions that the Office 365 application requires. You will be redirected from the Microsoft Partner Center to a special site.
    4. On the Partner Onboarding Web Application page of the site, copy and write down the authorization code. After that, close the browser window.
    5. Send the authorization code to the person who provided you with the URL.

    Note: The authorization code has a lifetime of several minutes, therefore steps 2 and 3 must be performed as fast as possible.

  3. (This step requires administrative access to your Odin Automation installation) In the Provider Control Panel, perform the following:

    1. Go to Services > Applications. Then, click on the Office 365 application.
    2. Select the Instances tab. Then, click on the application instance that belongs to your CSP partner account.
    3. Select the Office 365 tab. Then, select the Settings subtab.
    4. Click on the Manage Refresh Token button.
    5. In the Manual Update area, specify the authorization code that you received and click Update.
    6. Make sure that a message like Your refresh token has been successfully updated is shown.
    7. Click on the Test Connection button to validate that the Office 365 application can make calls to the Partner Center and Graph APIs on behalf of your CSP partner account using the refresh token.

    Note: The authorization code has a lifetime of several minutes, therefore steps 2 and 3 must be performed as fast as possible.

Warning: A refresh token has a limited lifetime of 90 days. This means that you have to acquire a new refresh token before the current refresh token expires.

Federated Credentials Provider Application

To grant consent and acquire a refresh token for an endpoint of the Federated Credentials Provider application, use the instructions provided at https://kb.cloudblue.com/en/132529.

Email subscription for changes to this article
Save as PDF