Marketplace blog

5 MIN READ

Design tenant linking to scale selling on Microsoft Marketplace

Julio_Colon

Microsoft

Apr 21, 2026

Tenant linking and consent are foundational to how AI apps and agents earn trust, activate securely, and operate across customer environments in Microsoft Marketplace. Designing these identity flows early helps ensure smooth onboarding, predictable authorization, and enterprise‑ready operations at scale.

Designing tenant linking and Open Authorization (OAuth) directly shapes how customers onboard, grant trust, and operate your AI app or agent through Microsoft Marketplace. In this context, consent refers to the explicit authorization a customer tenant grants—via OAuth—for a publisher’s application or agent to access specific resources and perform defined actions within that tenant. This post explains how to design scalable, review‑ready identity patterns that support secure activation, clear authorization boundaries, and enterprise trust from day one.

Guidance for multi‑tenant AI apps

Identity decisions are rarely visible in architecture diagrams, but they are immediately visible to customers. In Microsoft Marketplace, tenant linking and OAuth consent are not background implementation details. They shape activation, onboarding, certification, and long‑term trust with enterprise buyers.

When identity decisions are made late, the impact is predictable. Onboarding breaks. Permissions feel misaligned. Reviews stall. Customers hesitate. When identity is designed intentionally from the start, Marketplace experiences feel coherent, secure, and enterprise‑ready.

This article focuses on how to design tenant linking and consent patterns that scale across customers, offer types, and Marketplace review—without rework later.

You can always get a curated step-by-step guidance through building, publishing and selling apps for Marketplace through App Advisor.

This post is part of a series on building and publishing well-architected AI apps and agents in Microsoft Marketplace. The series focuses on AI apps and agents that are architected, hosted, and operated on Azure, with guidance aligned to building and selling solutions through Microsoft Marketplace.

Why identity across tenants is a first‑class design decision

Designing identity is not just about authentication. It is about how trust is established between your solution and a customer tenant, and how that trust evolves over time.

When identity decisions are deferred, failure modes surface quickly:

Activation flows that cannot complete cleanly
Consent requests that do not match declared functionality
Over‑privileged apps that fail security review
Customers who cannot confidently revoke access

These are not edge cases. They are some of the most common reasons Marketplace onboarding slows or certifications are delayed.

A good identity and access management design ensures that trust, consent, provisioning, and operation follow a predictable and reviewable path—one that customers understand and administrators can approve.

Marketplace tenant linking requirements

A key mental model simplifies everything that follows, separate trust establishment from authorization.

Tenant linking and OAuth consent solve different problems.

Tenant linking establishes trust between tenants
OAuth consent grants permission within that trust

Tenant linking answers:

Which customer tenant does this solution trust?

OAuth consent answers:

What is this solution allowed to do once trusted?

AI solutions published in Microsoft Marketplace should enforce this separation intentionally. Trust must be established before meaningful permissions are granted, and permission scope must align to declared functionality. Making this explicit distinction early prevents architectural shortcuts that later block certification.

Throughout the rest of this post, tenant linking refers to trust establishment, not permission scope.

Microsoft Entra ID as the identity foundation

Microsoft Entra ID provides the primitives for identity-based access control, but the concepts only become useful when translated into publisher decisions.

Each core concept maps to a choice you make early:

Home tenant vs resource tenant
Determines where operational control lives and how cross‑tenant trust is anchored.

App registrations
Define the maximum permission boundary your solution can ever request.

Service principals
Determine how your app appears, is governed, and is managed inside customer tenants.

Managed identities
Reduce long‑term credential risk and operational overhead.

Understanding these decisions early prevents redesigning consent flows, re‑certifying offers, or re‑provisioning customers later. Marketplace policies reinforce this by allowing only limited consent during activation, with broader permissions granted incrementally after onboarding.

Importantly, activation consent is not operational consent. Activation establishes the commercial and identity relationship. Operational permissions come later, when customers understand what your solution will actually do.

OAuth consent patterns for multi‑tenant AI apps

OAuth consent is not an implementation detail in Marketplace. It directly determines whether your AI app can be certified, deployed smoothly, and governed by enterprise customers.

Common consent patterns map closely to AI behavior:

User consent
Supports read‑only or user‑initiated interactions with no autonomous actions.

Admin consent
Enables agents, background jobs, cross‑user access, and cross‑resource operations.

Pre‑authorized consent
Enables predictable, enterprise‑grade onboarding with known and approved scopes.

While some AI experiences begin with user‑driven interactions, most AI solutions in Marketplace ultimately require admin consent. They operate asynchronously, act across resources, or persist beyond a single user session. Aligning expectations early avoids friction during review and deployment.

Designing consent flows customers can trust

Consent dialogs are part of your product experience. They are not just Microsoft‑provided UI.

Marketplace reviewers evaluate whether requested permissions are proportional to declared functionality. Over‑scoped consent remains one of the most common causes of delayed or failed certification.

Strong consent design:

Requests only what is necessary for declared behavior
Explains why permissions are needed in plain language
Aligns timing with customer understanding

Poor explanations increase admin rejection rates, even when permissions are technically valid. Clear consent copy builds trust and accelerates approvals.

Tenant linking across offer types

Identity design must align with offer type; a helpful framing is ownership:

SaaS offers
The publisher owns identity orchestration and tenant linking. Microsoft Marketplace reviewers expect this alignment, and mismatches surface quickly during certification.

Containers and virtual machines
The customer owns runtime identity; the publisher integrates with it.

Managed applications
Responsibility is shared, but the publisher defines the trust boundary.

Each model carries different expectations for control, consent, and revocation. Designing tenant linking that matches the offer type reduces customer confusion.

When consent happens in Marketplace lifecycle

Many identity issues stem from unclear timing. A simple lifecycle helps anchor expectations:

Buy – The customer purchases the offer
Activate – Tenant trust is established
Consent – Limited activation consent is granted
Provision – Resources and configurations are created
Operate – Incremental operational consent may be requested
Revoke – Access and trust can be cleanly removed

Making this sequence explicit in your design—and in your documentation—dramatically reduces confusion for customers and reviewers alike.

How tenant linking shapes Marketplace readiness

Identity tends to leave a lasting impression as it is one of the first architectural design choices encountered by customers.

Strong tenant linking and consent design lead to:

Faster certification (applies to SaaS offer only)
Fewer conditional approvals
Lower onboarding drop‑off
Easier enterprise security reviews

These outcomes are not accidental. They reflect intentional design choices made early.

What’s next in the journey

Tenant identity sets the foundation, but it is only one part of Marketplace readiness. In upcoming guidance, we’ll connect identity decisions to commerce, SaaS Fulfillment APIs, and operational lifecycle management—so buy, activate, provision, operate, and revoke will work together as a single, coherent system.