Scenario:

From the Integrations -> Security Integrations menu, you've deployed the MSP Process app for Authenticator into your customer's M365 tenants, but you're seeing the following failure:

Solution:

That error message comes up if your Microsoft user account hasn't yet been associated with the Privileged Role Administrator Entra role in the Microsoft Partner Center.

To address this, there are two steps to follow:

• Linking your Microsoft user account to a Security Group
• Linking that Security Group to the appropriate Entra role

Associating your Microsoft user account with a Security Group

1. Login to your Entra portal (https://entra.microsoft.com) 
2. Navigate to the Users -> All Users page
3. Search for your Microsoft user account, and then click into it
4. On the Groups tab of the the Microsoft user account, ensure that it's associated with a Security Group that will be assigned the Privileged Role Administrator Entra role (in the screenshot below I've created a group called GDAP - Priviledge Role Administrator for this purpose):
   • 

Linking that Security Group to the Entra Role in the Microsoft Partner Center

1. Login to the Microsoft Partner Center (https://login.microsoftonline.com/)
2. Click on the Customers button
   • 
3. From the list of customers, click into one customer
4. Click on the Admin Relationships tab, on the left-hand side of the web page
   • 
5. Click into an "active" Admin Relationship
6. Ensure that the Admin Relationship includes the Privileged Role Administrator Entra role (1), that the Security Group is associated with the Admin Relationship (2), and that the Privileged Role Administrator Entra role has been linked to the Security Group (3):
   • 

Save your changes, and that's it! You can now try the deployment of the MSP Process app for Authenticator again.