Enrollment blocked by trust verification - cannot publish Excel add-in
Hello, I am trying to enroll in the Microsoft 365 and Copilot program to publish an Excel add-in on AppSource. My enrollment is being blocked by the automated trust check immediately after submitting company information. Reference number: 715-123160 Transaction ID: 9c3fc538-f972-4ea3-bdd1-9056cc9ea9f2 Correlation ID: eb079fa4-1be5-4eca-8458-ac7eb738eacd Because the enrollment was blocked at this stage, no Partner Center workspace was created, so I cannot open a support ticket through the normal method. Please escalate this to the Partner Trust & Safety / Vetting team for manual review. Thank you.
Partner Center Enrollment Blocked – Trust Code 715-123160 – Requesting Manual Review
Hello Microsoft Support Team, Our company in Kuwait is attempting to enroll as a Cloud Solution Provider (CSP), but our registration has been hard-blocked by the automated trust check system.Because our enrollment is blocked at this preliminary stage, no Partner Center workspace has been created. As a result, we are caught in a loop and cannot submit an internal support request.Please escalate this case to the Partner Vetting / Trust & Safety team so they can allow us to submit our official company registration documents manually. Reference Number: 715-123160 Transaction ID: 85680e64-06b9-42cd-89d5-1af827650d40 Correlation ID: c738e2f9-c142-4fd3-8ef5-178c2381e60a Thank you.
Urgent: Enrollment Blocked for Sorted Keys LLC (Error 715-123160) - No Workspace Access
Hello Microsoft Partner Community Team, I am reaching out here because I am currently stuck in a Support Loop while trying to enroll my business, Sorted Keys LLC, into the Microsoft AI Cloud Partner Program. While entering my company information, I encountered the Error Code: 715-123160 stating that the request was blocked. Because the enrollment was halted at this stage, a Partner Center Workspace has not been created for my account. This prevents me from logging in to the portal to raise a standard support ticket. I am an authorized representative of the business and have all legal documentation ready for manual verification. Application Details: Legal Business Name: Sorted Keys LLC Transaction ID: 348fc4c3-6b8a-45de-97ea-5a51a7517ac3 Reference Number: 715-123160 Correlation ID: 1cbc853b-9496-47d3-80b1-55cbfa92d60a Requested Action: Could a community manager please escalate this to the Vetting/Identity team to manually review my entity details or reset the enrollment block so I can proceed with the CSP Indirect Reseller application? Thank you for your time and assistance.
Partner center account removed suddenly!!
Hello. I’m an individual developer for Microsoft apps since the old days of Windows Mobile 6.5 , Windows Phone, Windows 8,8.1 , 10 and now 11. I’m a registered individual developer since 2008 (yeah, that’s correct, 16 years). I have published over 50+ different applications for different platforms. Windows desktop, MS Edge extension developer, Azure dev etc… Since last month, I received some app removal of some old apps I had in MS Store (all of them 100%). After a communication with the report app team they explained what I must don’t do and I started updating the problematic apps according their instructions. But, suddenly, yesterday a got an email that my account is removed and to read the ADA (application developer agreement). I already contact by email the reportapp Team to try to fix this and to restore my account. Can someone from MS explain to me this “behavior “ . Is this something personal against me? I don’t make any problems, I just dev apps , focus only on MS products, and provide them almost always for free, without any subscriptions or costs. I have build a personal ecosystem around my partnership with MS . Developing but using also Azure monthly subscriptions (heavily costed). My developer name: Mobility in life applicationsPartner Center Enrollment Blocked – Trust Code 715-123160 – Requesting Manual Review
Hello Microsoft Partner Community Team, We are attempting to enroll our company in the Microsoft AI Cloud Partner Program, but our registration is being blocked by the automated trust verification system. We are a legitimate, legally registered business operating in the cloud connectivity industry. Our DUNS number and all company information entered during enrollment are accurate and match our official government records. Error details: Reference Number: 715-123160 Transaction ID: 0e136d6b-9164-41c3-be26-9b301c9aac24 Correlation ID: f8085e89-17fd-4b2a-8b47-40aea3030d82 Due to this block, our Partner Center account has no active workspaces, which means we are completely unable to create a support ticket through the standard Partner Center portal. We have also tried the partner.microsoft.com/support page, but it redirects us back to Partner Center — creating a loop with no resolution. We are kindly requesting: Escalation to the Partner Center Vetting / Trust & Safety team for manual review A reset or unblock of our enrollment so we can complete registration Guidance on any documentation required (business registration, address proof, domain ownership, etc.) — we are ready to provide everything immediately for email contact, please contact the email address we leave on the request (format as: email address removed for privacy reasons) Thank you in advance for your assistance.Employment Verification Rejected — No Resolve Button Available
Company: DealTriage Inc. Tenant: demodealtriagedoutlook.onmicrosoft.com Partner Center account: mailto:email address removed for privacy reasons Primary contact: mailto:email address removed for privacy reasons My Employment Verification was rejected. Our domain (dealtriage.ai) is registered through Cloudflare Registrar, which enforces WHOIS privacy with no opt-out — this is why the automated domain check failed. I have documentation ready to upload: an Assignment Letter confirming domain ownership, a Cloudflare domain registration invoice for dealtriage.ai, and our federal Certificate of Incorporation. However, the Resolve/Fix Now button is not visible on my Verification Summary page, and I am unable to create a support ticket through the portal. Requesting the Employment Verification be reopened so I can submit these documents.
URGENT: Blocked from Partner Center Enrollment ("Runs on trust") - Support portals inaccessible
Hello Microsoft Partner Community Team, I am urgently seeking assistance with an automated enrollment block. We are trying to register our business, Connect In Cloud Ltd (UK Companies House: 09550508), for the Microsoft AI Cloud Partner Program, but we have triggered the "Microsoft runs on trust" security block. I am completely unable to raise a standard support ticket because my Partner Center dashboard shows no active workspaces, meaning the support form will not allow me to submit a request. Furthermore, the standard business phone support lines drop the call after instructing me to use the broken portal. I need a moderator to please escalate this directly to the Vetting and Enrollment team so I can provide my business documentation, verify my identity, and have this block cleared. Here are my exact error details from the blocked screen: Error: Microsoft runs on trust... your request was blocked. Reference Number: 715-123160 Transaction ID: 4b89b272-50fe-4f37-8f5f-15f539cbaed0 Correlation ID: f13ebdd3-5d9d-4b45-a31d-0049e3489a11 Thank you in advance for your help in getting an internal support ticket opened for usBusiness account vetting
Hello, My business account was already fully vetted and suddenly it went again to "Non-compliant". I've opened a support ticket a month ago (#2602260040002250) but so far I only got generic "we are looking into it" replies. This is now severely impacting my business because I can't publish my product on the Microsoft Store, which means I'm actively losing revenue. Can someone please look into it and tell me at least what the status is and a rough timeline for the solution? If no solution can be found any time soon, I'll have to move away from the Microsoft Store and find other means of distribution. Thank you and kind regards, Martin
Microsoft runs on trust - renewal blocked – order fails before payment (error 715-123160)
Hi, My context is the following, I have a US based LLC because my work is centered around Dynamics 365F&O and my customers are not in Colombia, but in the US. I am an ISV and have a marketplace offer in AppSource. I am an SMB. I can survive thanks to my consulting income. I'm trying to sell my ISVs as an MS partner but I haven't been able to land a deal yet. But I run my business from Colombia. But I have US Banks, US Customers, US Invoices, etc. This is a completely legal and compliant setup. I made the mistake when I enrolled as a Microsoft Partner of giving my US details instead of my Colombian details. I thought it made perfect sense, I had no idea I would be flagged for this. I have had problems with my partner center ever since, I can't get approved as a Developer. When I try to renew my Partner Success Core Benefits I get this: https://www.microsoft.com/en-us/legal/compliance/integrityIf you require further information please https://partner.microsoft.com/partner/support with reference number: XXX-XXXXX and transaction ID: XXXX. I opened up a support ticket, because my renewal is up. And at the very end of a week of back and forth I get this: Microsoft runs on trust, and therefore we engage in a rigorous set of evaluation and certification processes across third party individuals and organizations. As a result of our internal processes, we are unable to proceed with your request. Please note that this decision cannot be changed by opening a new support case. Thank you for your understanding What can I do? I know other people are facing the same issue.Azure Government or Azure Commercial for CJIS 6.0: Choosing Your Compliance Path
Since 2014, United States criminal justice agencies have trusted Microsoft Azure Government to manage Criminal Justice Information (CJI). Built exclusively for regulated government data, it provides datacenters with physical, network, and logical isolation and is operated by CJIS-screened U.S. persons—the "gold standard" for compliance. However, we understand that flexibility is critical for modern agencies. As first announced with the release of CJIS Security Policy (CJISSECPOL) v5.9.1, agencies have the option to utilize Azure Commercial for CJIS workloads by leveraging advanced technical controls in place of traditional personnel screening. With the release of CJIS Security Policy 6.0, this hybrid landscape has evolved. The new policy moves beyond simple access control toward a "Zero Trust" framework which minimizes implicit trust, verifies all requests, and requires continuous monitoring. What’s New in CJIS 6.0? The 6.0 update (released late 2024) is a modernization overhaul. Key changes include: Phishing-Resistant MFA: Strict requirements for FIDO2 or certificate-based authentication for all privileged access. Continuous Monitoring: A shift from point-in-time audits to real-time threat detection and automated logging. Supply Chain Risk Management: Enhanced vetting of third-party software and vendors. The Choice: Azure Government or Azure Commercial: Criminal Justice Agencies can still choose between our two distinct offerings, but the "How" of compliance differs: Azure Government: The path of personnel screening. Microsoft executes CJIS Management Agreements with state CJIS Systems Agencies that include their screening of Microsoft personnel. This offers the broadest feature set with the simplest compliance burden. Azure Commercial: The path of technical controls. Because Azure Commercial support staff are not CJIS-screened, compliance relies on an agency implementing Customer Managed Keys (CMK) encryption. This way, Microsoft cannot access unencrypted criminal justice information, effectively removing Microsoft staff from the scope of trust. Our Commitment Whether you choose the physically secure location of Azure Government or the global scale of Azure Commercial, Microsoft provides the tools—Entra ID, Azure Key Vault, and Microsoft Sentinel—to meet the rigorous demands of CJIS 6.0. Step-by-Step Walkthrough for CJIS 6.0 in Azure Commercial Managing CJI in Azure Commercial requires you to bridge the gap between "standard commercial security" and "CJIS compliance" using your own configurations. Because Microsoft Commercial staff are not CJIS-screened, you must ensure they can never see unencrypted data. Phase 1: Foundation & Residency Step 1: Restrict Data Residency CJIS 6.0 mandates that CJI must not leave the United States. Action: Deploy all Azure resources (compute, storage, disks, networking, monitoring, logging, backups, etc.) exclusively in US regions (e.g., East US, West US, Central US). Policy: Use Azure Policy to deny the creation of resources in non-US regions to prevent accidental drift. o Documentation: Tutorial: Manage tag governance with Azure Policy (See the concept of "Allowed Locations" built-in policy). o Documentation: Azure Policy built-in definitions and assignment (Allowed locations) o Documentation: Details of the "Allowed locations" policy definition. Phase 2: The "Technical Control" (Encryption) This is the most critical step for Azure Commercial. Step 2: Implement Customer Managed Keys (CMK) To meet CJIS requirements in Azure Commercial, which is operated by Microsoft personnel who aren’t CJIS-screened, you must use encryption where you hold the keys, and Microsoft has no access. Action: Provision Azure Key Vault (Premium) or Managed HSM for FIPS 140-2 Level 2/3 compliance. o Documentation: About Azure Key Vault Premium and HSMs. o Documentation: Secure your Azure Managed HSM deployment. Action: Generate your encryption keys within your HSM or import them from on-premises. o Documentation: How to generate and transfer HSM-protected keys (BYOK). Action: Configure Disk Encryption Sets and Storage Account Encryption to use these keys. Do not use the default "Microsoft Managed Key" setting. o Documentation: Server-side encryption of Azure Disk Storage (CMK). o Documentation: Configure customer-managed keys for Azure Storage. o Documentation: Services that support customer-managed keys (CMKs) Step 3: Client-Side Encryption (For SaaS/PaaS) For data processing, encryption should happen before data reaches Azure. Action: Ensure applications encrypt CJI at the application layer before writing to databases (SQL Azure, Cosmos DB). This ensures that even a database admin with platform access sees only ciphertext. Step 3b: Protecting CJI While In Use (Confidential Compute) - Azure Commercial and Customer Managed Key (CMK) encryption satisfy the requirements of the CJIS Security Policy but customers can choose to add an additional control through a Confidential Computing enclave CJIS Security Policy 6.0 requires that Criminal Justice Information be protected while at rest, in transit, and in use. In Azure Commercial, once CJI is decrypted for processing by an application, traditional encryption controls (including CMK) no longer protect the data from platform-level access risks such as memory inspection, diagnostics, or hypervisor operations. To address this risk, agencies may implement Azure Confidential Computing, which uses hardware-backed Trusted Execution Environments (TEEs) to cryptographically isolate data in memory and prevent access by cloud provider personnel—even at the infrastructure layer. o Documentation: Always Encrypted for Azure SQL Database. o Documentation: Client-side encryption for Azure Cosmos DB. o Documentation: Confidential Computing o Documentation: Confidential Compute Offerings Phase 3: Identity & Access (CJIS 6.0 Focus) Step 4: Phishing-Resistant MFA CJIS 6.0 raises the bar for Multi-Factor Authentication (MFA). SMS and simple push notifications may no longer suffice for privileged roles. Action: Deploy Microsoft Entra ID (formerly Azure AD). o Documentation: What is Microsoft Entra ID?. Action: Enforce FIDO2 security keys (like YubiKeys) or Certificate-Based Authentication (CBA) for all users accessing CJI. o Documentation: Enable passkeys (FIDO2) for your organization. o Documentation: How to configure Certificate-Based Authentication in Entra ID. Phase 4: Continuous Monitoring Step 5: Unified Audit Logging You must retain audit logs for at least one year (or longer depending on state rules) and review them weekly. Action: Enable Diagnostic Settings on all CJIS resources to stream logs to an Azure Log Analytics Workspace. o Documentation: Create diagnostic settings in Azure Monitor. Action: Deploy Microsoft Sentinel on top of Log Analytics. o Documentation: Quickstart: Onboard Microsoft Sentinel. Action: Configure Sentinel analytic rules to detect anomalies (e.g., "Mass download of CJI," "Access from foreign IP"). o Documentation: Detect threats out-of-the-box with Sentinel analytics rules. Phase 5: Endpoint & Mobile Step 6: Mobile Device Management (MDM) If CJI is accessed on mobile devices (MDTs, tablets), CJIS 6.0 requires remote wipe and encryption capability. Action: Enroll devices in Microsoft Intune. o Documentation: Enroll Windows devices in Intune. o Documentation: Enroll iOS/iPadOS devices in Intune. Action: Create a Compliance Policy requiring BitLocker/FileVault encryption and complex PINs. o Documentation: Create a compliance policy in Microsoft Intune. o Documentation: Manage BitLocker policy for Windows devices with Intune. Action: Configure "App Protection Policies" to ensure CJI cannot be copied/pasted into unmanaged apps (like personal email). o Documentation: App protection policies overview. Phase 6: Personnel & Documentation Step 7: Update your SEIP/SSP Since you are using Azure Commercial, your System Security Plan (SSP) must explicitly state that you are using encryption as the compensating control for the lack of vendor personnel screening. Action: Document the CMK architecture in your CJIS audit packet. Action: Ensure your agency's "CJI Administrators" (who manage the Azure keys) have met the policy’s personnel screening requirements o Documentation: Microsoft CJIS Audit Scope & Personnel Screening (Reference).
