List the delegated admin customers of a partner
Applies to: Partner Center
Returns a list of all customers of a partner, also indicating if customers have a DAP / non-DAP relationship.
Purpose: Partners are compliant to securely manage the customer tenant and remove inactive DAP relationships that are beyond 90 days using the Remove a DAP relationship with a customer - Partner Center app developer.
Note
This API is short lived and will be supported during the DAP deprecation phase. Post the DAP Deprecation program, this API will be retired.
Prerequisites
Credentials
This scenario supports authentication with App+User credentials only.
Token exchange to receive access token
For more information, see Configure an app to access a web API.
Create a service principal for the Partner Customer Delegated Administration API app in the partner tenant by executing the following commands from a PowerShell console.
Connect to Microsoft Entra ID.
Connect-MgGraph
Opens an interactive window to sign in. Enter the credentials of the sandbox partner tenant.
Next, create a new service principal:
New-MgServicePrincipal -AppId 2832473f-ec63-45fb-976f-5d45a7d4bb91
ObjectId AppId DisplayName c1bf31da-09e5-4985-ab50-3232d4ae4f5a 2832473f-ec63-45fb-976f-5d45a7d4bb91 Partner Customer Delegated Administration Next, you create an app in the tenant by going to the Azure portal, then App registrations, then either Create a public client app or Use an existing app.
Select View API permissions > Add a permission > APIs my organization uses
Select Partner Customer Delegated Administration > Delegated permissions > Add permissions
Grant admin consent for this new permission.
You can now use an App+User token (with resource https://api.partnercustomeradministration.microsoft.com
) using this app (with a logged-in tenant admin) to call the GDAP APIs.
POST https://login.microsoftonline.com/<partner_tenant_id>/oauth2/token grant_type=client_credentials&scope:https://api.partnercustomeradministration.microsoft.com&client_id:<client_id>&client_secret:<client_secret>
REST request
Request syntax
Method | Request URI |
---|---|
GET | https://traf-pcsvcadmin-prod.trafficmanager.net/CustomerServiceAdminApi/Web/v1/delegatedAdminCustomers |
URI parameter
No URI parameters required for this API.
Request headers
Header | Description | Value |
---|---|---|
Authorization | The authorization token in the form Bearer <token> . |
String |
Request body
Don't supply a request body for this API.
Optional query parameters
This method supports the $select
, $filter
, $top
$count
, $skip
and $orderBy
(allowed fields: organizationDisplayName, dapEnabled, startDateTime, lastSignInDateTime) to help customize the response.
$top
supports up to 300 objects.
Request example
GET https://traf-pcsvcadmin-prod.trafficmanager.net/CustomerServiceAdminApi/Web/v1/delegatedAdminCustomers
HTTP/1.1
Authorization: Bearer \<token\>
Content-Type: application/json; charset=utf-8
REST response
If successful, this method returns a collection of delegatedAdminCustomers resources in the response body.
Response success and error codes
Each response comes with an HTTP status code that indicates success or failure and other debugging information. Use a network trace tool to read this code, error type, and other parameters. For the full list, see Partner Center REST error codes.
delegatedAdminCustomers resource
Represents a delegated admin customer of a partner, and the details about the partner's access to the customer's tenant.
Properties
Property | Type | Description |
---|---|---|
id | String | The unique identifier of the customer tenant. |
customerTenantId | String | The unique identifier of the customer tenant. |
OrganizationDisplayName | String | The display name of the customer's organization. |
partnerAgentCount | Int | The count of partners signed into the customer tenant in last one day. |
partnerSignInCount | Int | The number of times the partner(s) has signed into the customer tenant in last one day. |
dapEnabled | Boolean | The value indicates whether the partner has a DAP relationship for the customer. If False: DAP relationship doesn't exist for that customer. If True: DAP relationship exists for that customer |
startDateTime | String | The date time when the DAP relationship was established. |
endDateTime | String | The date time of the DAP relationship was terminated. |
lastSignInDateTime | String | The last date time of partner sign-in to this customer tenant.Null/empty: No sign-ins to customer tenant by partners. |
Response example
{
"@odata.context": "https://traf-pcsvcadmin-prod.trafficmanager.net/CustomerServiceAdminApi/Web/v1/$metadata#delegatedAdminCustomers",
"value": [
{
"id": "53018d99-ac51-4ec8-b86e-c8a61de43717",
"customerTenantId": "53018d99-ac51-4ec8-b86e-c8a61de43717",
"organizationDisplayName": "Test_Test_GAA_Partner_Account",
"partnerAgentCount": 0,
"partnerSignInCount": 0,
"globalAdminSignInCount": 0,
"dapEnabled": false,
"startDateTime": "2021-08-06T21:15:04.3461507Z",
"endDateTime": null,
"lastSignInDateTime": null
},
{
"id": "6fc468f5-b399-4e05-a6f1-da8a33da9a6c",
"customerTenantId": "6fc468f5-b399-4e05-a6f1-da8a33da9a6c",
"organizationDisplayName": "StagingTest",
"partnerAgentCount": 0,
"partnerSignInCount": 0,
"globalAdminSignInCount": 0,
"dapEnabled": true,
"startDateTime": "2022-04-20T06:11:11.7227953Z",
"endDateTime": null,
"lastSignInDateTime": "2022-04-20T06:11:11.7227953Z"
}
]
}
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for