1. Home
  2. How to Articles
  3. Syncing Contacts with Microsoft 365 (Using Admin Relationships in the Microsoft Partner Center)

Syncing Contacts with Microsoft 365 (Using Admin Relationships in the Microsoft Partner Center)

Introduction

The MSP Process platform can sync contacts from a variety of sources, including many common PSA platforms in the MSP market. Some MSPs don't use a supported PSA though - for example, they use an uncommon PSA, or they've built their own, homegrown solution. In other cases, Microsoft 365 is the "source of truth for a Contacts", and the PSA is downstream/synching contacts from Microsoft 365, so it makes sense to directly update those contacts in Microsoft 365, instead of in the PSA.

In those scenarios, MSPs can configure the MSP Process platform to directly sync Contacts with the end-user's Microsoft 365 contacts - allowing the MSP to leverage the End-user Verifcation, Secure Data Send, and Broadcast messaging features that are built into the platform.

Prerequisites:

  • You must have Admin relationships setup in the Microsoft Partner Center to each of the M365 tenants you want to link to MSP Process
  • Those Admin Relationships must include the Application Administrator and User Administrator Entra Roles
  • Those Admin Relationships must apply the Application Administrator role to a Security Group (ideally one dedicated to this purpose, such as "GDAP - Application Administrator") and must also apply the User Administrator role to a Security Group (again, ideally one dedicated to this purpose, such as "GDAP - User Administrator")
  • The Microsoft user account you intend to use during this setup process must be a member of those aforementioned two Security Groups in M365

Linking MSP Process with Microsoft 365

  1. Login to the MSP Process UI
  2. Navigate to the Integrations -> PSA Integrations menu
  3. Click the Add button
  4. Click on the Microsoft 365 option
  5. Specify a name for the integation, and click the Submit button
  6. Click on the Microsoft 365 card that is now listed on the PSA Integrations page
  7. Click the Connect to Microsoft 365 (GDAP) button
  8. In the pop-up window that appears , click the Link for Redirect URI button:
    •  

Keep the MSP Process window open; in a separate browser tab login to https://portal.azure.com

Configuring the Integration for a M365 Cloud Solution Provider (CSP) Environment

NOTE: The Admin Relationships you've established with your client's M365 tenants must have the Application administrator and User administrator roles assigned.

  1. Login to your Microsoft Azure portal (https://portal.azure.com)
  2. Navigate to App Registrations
  3. Add a new App Registration, and configure it as follows (note that the URL will change, depending on the ID of your M365 integration):
    • Name: MSP Process GDAP Contact Sync App
    • Supported Account Types: Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant)
    • Redirect URI: Web; URI: <paste in the URI from the previous section, from MSP Process>
  4. Within the App Registration, go to Manage -> API Permissions, and assign the app the following permissions:
    • NOTE: For the user_impersonation permission for the Partner Center, there are two identically-named permissions. It's confusing. To save yourself an enormous headache, search for applicationID  fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd - that'll bring up the correct permission.  
  5. Within the App Registration, navigate to Manage -> Certificates & Secrets, and add a new Client Secret. Copy that Client Secret, as you'll need it in just a moment
  6. In MSP Process, within the M365 integration that you created earlier, click the Connect to Microsoft 365 (GDAP) button
  7. In the pop-up window that appears, enter the required information:
    • The Domain Name of your M365 CSP tenant (this is the Primary Domain that you'd see on the Home page, in Microsoft Entra)
    • The Application ID of the app you just registered; this can be found on the Overview page of the App Registration
    • The Client Secret from step #5
  8. Click Submit
  9. When prompted, enter your Microsoft credentials
  10. Once you're returned to the MSP Process UI, wait for just 1-2 minutes, and then reload the page. You'll see your GDAP-linked tenants:
  11. Click the Sync Companies button, and then the Sync Users button

Interacting with Microsoft 365 Contacts in the MSP Process UI

Once you've integrated MSP Process with one or more Microsoft 365 tenants, you can view those Contacts from the Contacts menu:

From the Contacts page, you can view the Mobile Number and E-mail address of each contact. From the Actions column, you can open the MSP Process Pod, which will allow you to perform End-user Verification, securely send your customers data, and respond to Technician Verification requests.