Set up API access in Partner Center
Applies to: Partner Center | Partner Center operated by 21Vianet | Partner Center for Microsoft Cloud for US Government
This article describes the accounts you need to develop against the Partner Center SDK. This article also explains how to create an integration sandbox account and test in the integration sandbox.
Note
To get access to APIs, your tenant must be a CSP tenant and you must be either an indirect provider or a Direct bill partner.
Account definitions
To help you integrate and test your API integration, Partner Center supports two kinds of accounts:
Primary Partner account
This account is where you create real orders for real customers. If you make any changes or transactions when you're signed in to the primary account, by using either the Partner Center SDK or the Partner Dashboard UI, they'll be treated as official orders for real customers. They'll be reflected in your invoice, and your company is responsible for paying for them.
Integration sandbox account
This account is for testing your code and its integration with the Partner Center APIs before you deploy it broadly. Changes and transactions you make when you are signed into the integration sandbox account will appear in your invoice, however, you do not have to pay the invoice amount. Invoice pdf will have a disclaimer as "DO NOT PAY. THIS IS A SANDBOX INVOICE AND NO ACTION IS REQUIRED."
The integration sandbox account and the primary account act independently, and do not share admin accounts, user accounts, customers, orders, subscriptions, or other data.
The integration sandbox supports transactions with a limited number of customers, orders, subscriptions, licenses, etc.
By policy, integration sandbox accounts are for integration testing purposes only.
By default, there is no integration sandbox account. You must create one yourself if you plan to use the Partner Center SDK.
Set up your accounts
This section describes how to set up a primary Partner account and an integration sandbox account for the Partner Center SDK.
Create an integration sandbox
Sign in to Partner Center with a Global admin account and select Settings (gear).
Note
Creating a Sandbox requires that the partner Global Admin be logged into Partner Center with their onmicrosoft.com domain alias (for example, alias@domain.onmicrosoft.com). Sandbox creation will fail if the user is logged in with their custom domain.
Select Account settings, then Integration sandbox.
Note
If you don't see an Integration sandbox option, you might not have a global admin account. You also might be using an integration sandbox account and an integration sandbox has already been set up.
Enter the contact information for the integration sandbox admin account. Then, choose Create account. Wait a few minutes for a confirmation message that the account has been created.
After you see the confirmation message, sign out of Partner Dashboard.
Sign back in with your new integration sandbox admin account. Be sure to use the format username@domain for your credentials along with the password that you specified.
Choose Set up account on the Integration Sandbox page to complete the sandbox account setup.
Enable API access
After your account is set up, you must enable API access before you can use the Partner Center SDK with the integration sandbox. You need to enable access to the API separately for both your primary Partner account and your integration sandbox account.
Sign in to Partner Center with a Global admin account and select Settings (gear).
Select Account settings, then App management.
If you do not already have an existing app, add a new web app. If you have an existing web app, choose the Add key button.
Copy the app registration information, especially the Key if you're creating a web app, and store it in a safe place.
Sign out of Partner Dashboard.
Sign back in with your integration sandbox account. Repeat steps 2-5 to enable API access in the integration sandbox.
Write and test code
You can write code and test code in the integration sandbox. You'll need the following information to set up Partner Center authentication with Microsoft Entra ID.
| Item name | Item location |
|---|---|
| App ID / Client ID | From Settings (gear), select Account settings, then App Management. The App ID/Client ID is listed as the Registered application App ID. |
| Key | If you created a web app in the section Enable API access, this is the key that you saved in step 5. |
| Domain | The domain for the integration sandbox. |
Run tested code
To use your solution with real customer data, you must change from your integration sandbox credentials to your primary Partner account credentials.
When you're ready to use your tested code in your primary Partner account, you must get a Microsoft Entra security token. This security token is based on your Partner Center app, key, and domain (instead of your integration sandbox app, key, and domain).
Follow the steps in Partner Center authentication to get a Microsoft Entra security token using your primary Partner Center credentials. (You previously followed these steps to get a Microsoft Entra security token for your integration sandbox.)
Replace the integration security token in your code with the new security token for your primary Partner account.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for