Managing the Refresh Token for Multi-Factor Authentication

This section describes how you can grant consent to the permissions that the Azure CSP application requires, and, as a result, acquire a refresh token for the application instance that belongs to your CSP partner account. This refresh token will be used by the Azure CSP application to make calls to the Partner Center and Graph and ARM APIs on behalf of your CSP partner account.

There are two procedures to grant consent and acquire a refresh token: automatic and manual. You should use the automatic procedure if you have administrative access to your Odin Automation system and your CSP partner account. You should use the manual procedure if you have administrative access to your Odin Automation system but do not have administrative access to your CSP partner account.

Warning: A refresh token has a limited lifetime of 90 days. You must acquire a new refresh token before the current refresh token expires.

Automatic Procedure

To give your consent and acquire a refresh token for the application instance that your CSP partner account belongs to, follow these steps:

  1. In the Provider Control Panel, carry out the following steps:

    1. Go to Services > Applications > Azure Cloud Solution Provider > instance name > Configuration tab > Manage Refresh Token.
    2. In the Automatic Update group, click Update Refresh Token. The login page of the Microsoft Partner Center will open in a new browser window.

  2. In the new browser window, carry out the following steps:

    1. Sign in using the credentials of a user that has the Global admin and Admin agent roles.

      Note: Multi-Factor Authentication (MFA) must be enabled for the user, as described at https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.

    2. Click Accept to give your consent to the permissions that the Azure CSP application requires. You will be redirected from the Microsoft Partner Center to a special site.
    3. On the Partner Onboarding Web Application page of the site, make sure that the acquisition of the refresh token is being performed successfully: there must be a message like The consent has been granted successfully. The authorization code has been sent ... After that, close the new browser window.

  3. In the Provider Control Panel, make sure that a message like Your refresh token has been successfully updated is shown.

Manual Procedure

To obtain consent and acquire a refresh token for the application instance that your CSP partner account belongs to, follow these steps:

  1. (This step requires administrative access to your Odin Automation installation) In the Provider Control Panel, perform the following:

    1. Go to Services > Applications > Azure Cloud Solution Provider > instance name > Configuration tab > Manage Refresh Token.
    2. In the Manual Update group, click Copy to copy the URL shown on the screen.
    3. Send the URL to a person who has administrative access to your CSP partner account.

  2. (This step requires administrative access to your CSP partner account) In a new browser window, perform the following:

    1. Navigate to the URL that you received. The login page of the Microsoft Partner Center will open.

    2. Sign in using the credentials of a user that has the Global admin and Admin agent roles.

      Note: Multi-Factor Authentication (MFA) must be enabled for the user, as described at https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.

    3. In the Microsoft Partner Center, click Accept to give your consent to the permissions that the Azure CSP application requires. You will be redirected from the Microsoft Partner Center to a special site.
    4. On the Partner Onboarding Web Application page of the site, copy and write down the authorization code. After that, close the browser window.
    5. Send the authorization code to the person who provided you with the URL.

  3. (This step requires administrative access to your Odin Automation installation) In the Provider Control Panel, perform the following:

    1. Go to Services > Applications > Azure Cloud Solution Provider > instance name > Configuration tab > Manage Refresh Token.
    2. In the Manual Update group, specify the authorization code that you received and click Update.
    3. Make sure that a message like Your refresh token has been successfully updated is shown.

© 2022 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal