Forum Discussion

BenB675's avatar
BenB675
Copper Contributor
Jul 24, 2024

MCA Bulk Attestation Tool question

I am having issues authenticating with this tool, I setup as per https://learn.microsoft.com/en-us/partner-center/customers/microsoft-customer-agreement-bulk-attestation-tool

 

 

The thing I am confused by the "app" being http://localhost in the pre reqs

 

I use if https:

 

if i use http:

 

 

I think I am missing something though

 

settings are:

 

 

5 Replies

  • MartijnElfers's avatar
    MartijnElfers
    Bronze Contributor
    Jul 26, 2024
    Unfortunately I have no experiences with Partner Center APIs and Apps. Hope someone more technical is able to assist
  • JillArmourMicrosoft's avatar
    JillArmourMicrosoft
    Icon for Community Manager rankCommunity Manager
    Jul 24, 2024

    BenB675 I'm moving your post to our partner-led discussion board in hopes someone there will be able to help. Tagging a few of my superusers in case they have knowledge around it.

     

    blakecheek MartijnElfers ahart3 sansbacher any of you have any advice here? Not sure this is your neck of the woods but thought I would give it a shot. 😉

     

     

    Thank you all for being part of the community -jill

      • sansbacher's avatar
        sansbacher
        Brass Contributor
        Jul 30, 2024

        BenB675 ,

         

        I've never used the MCA Bulk tool, but it looks very similar to the GDAP Bulk Migration tool, so I can only offer some general advice:

         

        Yes, it should be http://localhost, not https. It's just the allowable addresses the app can submit for the callback when authenticating. (it's specified in the code, in TokenProvider.cs) Probably wouldn't hurt to remove and re-create the Partner Center Native App (or just make a new one, and use the new App ID) if you are concerned you don't have it configured correctly.

         

        The resource mentioned, 00000003-0000-0000-c000-000000000000, is the MS Graph API. I couldn't see any mention of it on the setup page, but that could imply that some API permissions are missing. They can be added under API Permissions on the App Registration in AAD/Entra. I don't know what would be needed. 

         

        That same file (TokenProvider.cs) references a scope for https://graph.windows.net/.default, which is the old AzureAD Graph (the new MS Graph end point is https://graph.microsoft.com) But the AAD Graph is deprecated (and it's old GUID is 00000002-0000-0000-c000-000000000000) so I wonder if something needs to be updated?

         

        You could try posting an Issue for the package here: https://github.com/microsoft/Partner-Center-DotNet-Samples/issues

        (or search to see if any open Issues are relevant)

         

        There's some troubleshooting info on the FAQ for the tool: https://learn.microsoft.com/en-us/partner-center/customers/microsoft-customer-agreement-bulk-attestation-tool-faq

        But it doesn't list your error, AADSTS650057. That error again implies missing permissions, likely for MS Graph.

         

        That's about all I can offer, sorry.

           --Saul

         

         

Resources