Convert Delegated Admin to Secure Application Model
In line with Microsofts new Partner Requirements, we have made Sync 365 License compliant with the new Secure Application Model.
It is an easy process to convert from the current delegated admin to granting consent to the secure application model. This will mean you will be fully compliant with MFA requirements and you do not need to whitelist any IP addresses.
This will show you how to replace your current delegated admin with the new secure application model and grant consent to automate your licensing.
When granting Sync 365 License consent, it is critical that the account you grant from, has access to your customers via the Partner Center.
The account should be able to see all your customer tenants and access them as an Admin Agent.
See here if you are unsure
Note: We will automatically update the existing Delegated Admin account that you have with the new consent so all of your currently added companies will be updated to the new model. (The account you grant consent with must use the same domain name as the current delegated admin for this to take effect i.e. Sync@s365l.com would need a user account @s365l.com to automatically replace it when not granting access from email@example.com.)
ATTN: Ensure you already have MFA enabled on the account you are using. If you do not use MFA and later enable it, you will need to repeat this process
- Log in to Sync 365 License
- Click on “Company”
- Select the “Delegated Admin” tab
- Click on “Grant Partner Center Consent”
- You will be prompted to log into Office 365 if you are not already.
- You will be presented with the required permissions which are to access the partner center and read your profile.
- Click on “Accept” to grant consent.
- This process may take a few minutes while consent is granted and we do the initial refresh.
- You will be returned to the delegated admin page and you can now continue
IMPORTANT: If you use custom licenses
If you use custom licenses for billing things like Managed Users, exclaimer, antispam etc you will also need to generate a refresh token for this function.
Please follow this guide to do so If you do not add this, your current custom licenses will fail to update.