MCA Bulk Attestation Tool question

Copper Contributor

I am having issues authenticating with this tool, I setup as per https://learn.microsoft.com/en-us/partner-center/customers/microsoft-customer-agreement-bulk-attesta...

 

 

The thing I am confused by the "app" being http://localhost in the pre reqs

 

I use if https:

BenB675_0-1721845471065.png

 

if i use http:

BenB675_1-1721845663800.png

 

 

I think I am missing something though

 

settings are:

 

BenB675_2-1721845718161.png

 

5 Replies

@BenB675 I'm moving your post to our partner-led discussion board in hopes someone there will be able to help. Tagging a few of my superusers in case they have knowledge around it.

 

@blakecheek @MartijnElfers @ahart3 @sansbacher any of you have any advice here? Not sure this is your neck of the woods but thought I would give it a shot. 😉

 

 

Thank you all for being part of the community -jill

Thank you
Unfortunately I have no experiences with Partner Center APIs and Apps. Hope someone more technical is able to assist

@BenB675 ,

 

I've never used the MCA Bulk tool, but it looks very similar to the GDAP Bulk Migration tool, so I can only offer some general advice:

 

Yes, it should be http://localhost, not https. It's just the allowable addresses the app can submit for the callback when authenticating. (it's specified in the code, in TokenProvider.cs) Probably wouldn't hurt to remove and re-create the Partner Center Native App (or just make a new one, and use the new App ID) if you are concerned you don't have it configured correctly.

 

The resource mentioned, 00000003-0000-0000-c000-000000000000, is the MS Graph API. I couldn't see any mention of it on the setup page, but that could imply that some API permissions are missing. They can be added under API Permissions on the App Registration in AAD/Entra. I don't know what would be needed. 

 

That same file (TokenProvider.cs) references a scope for https://graph.windows.net/.default, which is the old AzureAD Graph (the new MS Graph end point is https://graph.microsoft.com) But the AAD Graph is deprecated (and it's old GUID is 00000002-0000-0000-c000-000000000000) so I wonder if something needs to be updated?

 

You could try posting an Issue for the package here: https://github.com/microsoft/Partner-Center-DotNet-Samples/issues

(or search to see if any open Issues are relevant)

 

There's some troubleshooting info on the FAQ for the tool: https://learn.microsoft.com/en-us/partner-center/customers/microsoft-customer-agreement-bulk-attesta...

But it doesn't list your error, AADSTS650057. That error again implies missing permissions, likely for MS Graph.

 

That's about all I can offer, sorry.

   --Saul

 

 

Thank you @sansbacher and @MartijnElfers!