After creating the application instance for your CSP partner account, you need to give your consent to the permissions that the Microsoft 365 application requires, and then acquire a refresh token. This refresh token will be securely stored and used by the Microsoft 365 application to make calls to the Partner Center and Graph APIs on behalf of your CSP partner account. To give your consent and acquire this refresh token, follow the instructions in this KB article.
Important: For the refresh token to function properly, the time on your Microsoft 365 endpoint host must be correct and match the current time. Otherwise, the refresh token may be considered as expired.