Prerequisites:
For a successful GDAP setup, you'll need a Microsoft Standard security posture, established GDAP relationships, and a valid Microsoft Token code upon login:
Security Posture: To manage your customers in Microsoft Partner Center, Microsoft MFA enforcement is a must. If you're using third-party MFAs such as OKTA, Duo, or OneLogin, Microsoft MFA enforcement is required for the account registering the Liongard app. Ensure MFA enforcement by navigating to Conditional Access Policy under Security in Azure AD. If absent, check if Security defaults are enabled under Azure AD properties. If neither is present, consult your security officer on how to proceed. It's impossible to use Partner Center to manage your customers, either through the Partner Center or via API, without adhering to Microsoft's Security requirements.
GDAP Relationships: After setting up security per Microsoft guidelines, establish GDAP relationships with your partners. Follow our guide or assistance.
Token Authentication: To avoid issues with cached credentials, log into Liongard using an incognito window or a clean browser. When logging into Microsoft from the parent inspector config, admin -> Inspectors -> Microsoft Suites inspector -> Edit -> Open Microsoft Sign-In, ensure you receive an MFA token prompt from Microsoft. If your policy allows bypassing it within certain IPs, connect via a hotspot or similar to compel Microsoft's authentication. This step is crucial to incorporate MFA in the token we require for communicating with Microsoft's Partner Center. Once complete, initiate the Parent Inspector, followed by the Child Inspector(s).
Addressing 429 Errors from Inspectors:
429 errors, or "HTTP 429 Too Many Requests," signify that a user has sent excessive requests within a given timeframe ("rate limiting"). We've implemented functions for an "exponential back-off" when such errors occur.
Occasionally, these errors might be due to an unavailable API endpoint on Microsoft's end, caused by a variety of reasons, including incidents like a DDOS attack directed at Microsoft. You can find more details here.
โ