Issues with Support
Hi we have been a partner for years, but lately there has been some issues with our account we have a few support tickets and the tickets stay open with no activity, we also tried to get our partner manager to help, (we got a new one this Jan) and they could/did not do anything either, just wanted to check with the community if y'all had any advice on this and how we can get this escalated since some of the tickets do have some business impact to our day to day businessHow do you actually unlock growth from Microsoft Teams Marketplace?
Hey folks đ Looking for some real-world advice from people whoâve been through this. Context: Weâve been listed as a Microsoft Teams app for several years now. The app is stable, actively used, and well-maintained - but for a long time, Teams Marketplace wasnât a meaningful acquisition channel for us. Things changed a bit last year. We started seeing organic growth without running any dedicated campaigns, plus more mid-market and enterprise teams installing the app, running trials, and even using it in production. That was encouraging - but it also raised a bigger question. How do you actually systematize this and get real, repeatable benefits from the Teams Marketplace? I know there are Microsoft Partner programs, co-sell motions, marketplace benefits, etc. - but honestly, itâs been very hard to figure out: - where exactly to start - what applies to ISVs building Teams apps - how to apply correctly - and what actually moves the needle vs. whatâs just ânice to haveâ On top of that, itâs unclear how (or if) you can interact directly with the Teams/Marketplace team. From our perspective, this should be a win-win: we invest heavily into the platform, build for Teams users, and want to make that experience better. Questions to the community: If youâre a Teams app developer: what actually worked for you in terms of marketplace growth? Which Partner programs or motions are worth the effort, and which can be safely ignored early on? Is there a realistic way to engage with the Teams Marketplace team (feedback loops, programs, office hours, etc.)? How do you go from âorganic installs happenâ to a structured channel? Would really appreciate any practical advice, lessons learned, or even âwhat not to doâ stories đ Thanks in advance!Migrating your AWS offer to Microsoft Marketplace - Identity and Access Management (IAM)
As a software development company, expanding your marketplace presence beyond AWS Marketplace to include Microsoft Marketplace can open new doors to grow your customer base. Azureâs broad ecosystem and diverse user base offer a dynamic platform to enhance your applicationâs reach and potential. This post is part of a series on replicating apps from AWS to Azure. View all posts in this series. Expand your reach and accelerate growth by bringing your AWS-based app to Azure and selling through Microsoft Marketplace. This guide will break down key IAM differences between AWS and Microsoft Entra ID, helping you replicate your appâs identity management quickly and securely. Future posts will dive deeper into specific IAM configurations and best practices. You can also join ISV Success to get access to over $126K USD in cloud credits, AI services, developer tools, and 1:1 technical consults to help you replicate your app and publish to Marketplace. To ensure a smooth app replication, start by understanding the key differences between AWS IAM and Microsoft Entra ID. A clear grasp of these distinctions will help you transition identity management effectively while optimizing security and performance on Azure. This guide will highlight these differences, map comparable services, and provide actionable steps for a seamless IAM replication. This article addresses Identity and Access Management (IAM) and select Identity Services: Amazon Cognito vs. Microsoft Entra ID. Identity and Access management (IAM) Identity and Access Management (IAM) is essential for securing and managing who can access resources, under what conditions, and with what specific permissions. AWS and Azure both offer robust IAM solutions to manage identities, roles, and policies, but they differ significantly in architecture, integration capabilities, and ease of use, particularly for software companies building SaaS solutions migrating from AWS to Azure. Users, Groups, and Roles AWS IAM creates users within an AWS account, grouping them into IAM User Groups, while Azure IAM manages users as directory objects in Microsoft Entra ID, assigning permissions via Azure RBAC. Both support MFA and identity federation through SAML, Azure enforcing Conditional Access based on location, device state, and user risk. AWS IAM grants permissions using JSON-based policies, allowing roles to be assumed by users, AWS services, or external identities without permanent credentials. Azure IAM assigns permissions via RBAC to users, groups, and service principals, offering predefined and customizable roles. Azure supports federated identity for hybrid environments, while Azure integrates with on-premises Microsoft Entra ID. Permissions and Policies AWS IAM employs JSON-based policies for granular permissions across AWS services. Policies can be identity-based, directly attached to users or roles, or resource-based, applied directly to resources such as S3 buckets or DynamoDB tables. AWS supports temporary credentials via roles, which can be assumed by users, AWS services, or external federated identities. Azure RBAC leverages predefined roles (e.g., Global Administrator, Contributor, Reader) or custom roles, offering clear hierarchical permissions management across resource, resource group, subscription, or management group levels. AWS also allows conditional permissions through advanced policy conditions (e.g., IP address, MFA status, tags). Azure IAM employs Conditional Access Policies, adjusting access based on location, device state, and user risk. AWS IAM grants access only when explicitly allowed, whereas Azure IAM evaluates role assignments and conditions before permitting actions. For multi-account and cross-tenant access, AWS IAM enables secure cross-account roles, while Azure IAM supports External Identities for inter-tenant collaboration. AWS IAM delegates administrative rights using roles and policies, whereas Azure IAM assigns administrative roles within organizations for delegated management. AWS IAM enables controlled, temporary access to S3 objects using pre-signed URLs, which grant time-limited access to specific resources without modifying IAM policies. These URLs are often used for secure file sharing and API integrations. In Azure, a similar concept exists with Shared Access Signatures (SAS) Keys, which provide scoped and time-limited access to Azure Storage resources like Blob Storage, Table Storage, and Queues. Unlike pre-signed URLs, SAS keys allow granular control over permissions, such as read, write, delete, or list operations, making them more flexible for temporary access Integration with External Identities Both platforms provide Single Sign-On (SSO). AWS IAM uses AWS SSO. Microsoft Entra ID also supports SSO with SAML, OAuth, and OIDC. For federated identities, AWS IAM allows external users to assume roles, while Microsoft Entra ID assigns roles based on its access model. Hybrid environments are supported through on-premises directory integration. AWS IAM connects to Active Directory via AWS Directory Service, while Microsoft Entra ID integrates with on-prem AD using Microsoft Entra ID Connect, enabling hybrid identity management and SSO for cloud and on-prem resources. Both support automated user provisioning: AWS IAM utilizes AWS SSO and federation services, while Microsoft Entra ID supports SCIM 2.0 for third-party applications and syncs on-prem AD via Entra ID Connect. AWS IAM enables ECS, EKS, and Lambda workloads to pull container images from Amazon Elastic Container Registry (ECR) using IAM roles. These roles grant temporary permissions to fetch container images without requiring long-term credentials. In Azure, Azure Container Registry (ACR) authentication is managed through Service Principals and Managed Identities. Instead of IAM roles, Azure applications authenticate using Entra ID, allowing containers to securely pull images from ACR without embedding credentials. Access Control Models AWS IAM uses a policy-based access model, where permissions are defined in JSON policies attached to users, groups, or roles. In contrast, Azure separate's identity management via Microsoft Entra ID from access management via Azure RBAC, which assigns roles to users, groups, service principals, or managed identities to control access to Azure resources. Both provide fine-grained access control. AWS IAM sets permissions at the resource level (e.g., EC2, S3), while Azure uses Azure RBAC to assign Microsoft Entra ID identities roles that apply hierarchically at the resource, subscription, or management group levels. Both follow a default "deny" model, granting access only when explicitly allowed. For multi-account and multi-tenant support, AWS IAM enables cross-account roles. Microsoft Entra organizations can use External ID cross-tenant access settings to manage collaboration with other Microsoft Entra organizations and Microsoft Azure clouds through B2B collaboration and B2B direct connect. Delegation is managed through IAM roles in AWS and RBAC role assignments in Azure. Conditional access is supportedâAWS uses policy-based conditions (e.g., time-based, IP restrictions), while Microsoft Entra ID relies on Conditional Access Policies (e.g., location, device health, risk level). AWS allows cross-account policy sharing, while Microsoft Entra ID enables role-based delegation at different organizational levels. Both support cross-service permissions, AWS IAM policies can define access across multiple AWS services, while Azure uses Azure RBAC to assign Microsoft Entra ID identities permissions across Azure services such as Blob Storage, SQL Database, and Key Vault. For workload authentication, AWS IAM roles provide temporary credentials for EC2, Lambda, and ECS, eliminating hardcoded secrets. In Azure, Microsoft Entra ID enables Managed Identities, allowing applications running on Azure services to authenticate securely to other Azure resources without managing credentials. Additionally, Microsoft Entra Workload Identities allow Kubernetes workloadsâespecially on AKSâto authenticate using Entra ID via OpenID Connect (OIDC), streamlining access to Azure services in containerized and multi-tenant environments. In AWS, containerized workloads such as ECS, EKS, and Lambda use IAM roles to securely authenticate and pull images from Amazon ECR, avoiding hardcoded credentials. In Azure, containerized applications authenticate to Azure Container Registry (ACR) using Microsoft Entra ID identitiesâeither Managed Identities or Service Principals. Permissions such as AcrPull are granted via Azure RBAC, enabling secure image access. Azureâs model supports cross-tenant authentication, making it particularly useful for ISVs with multi-tenant containerized SaaS deployments. Cross-account storage access in AWS uses IAM roles and bucket policies for Amazon S3, allowing external AWS accounts to securely share data. In Azure, Microsoft Entra ID B2B and RBAC assignments. This model avoids the need to share credentials or manage access via SAS tokens, streamlining collaborations in multi-tenant environments. Audit and Monitoring AWS IAM and Microsoft Entra ID both provide robust audit logging and monitoring. AWS CloudTrail logs IAM and AWS API calls for 90 days by default, with extended retention via CloudTrail Lake or Amazon S3. Microsoft Entra ID logs sign-ins, including failed attempts, retaining data for 7 days in the free tier and up to 30 to 90 days in Premium tiers. For longer retention, Log Analytics or Sentinel should be used. For real-time monitoring, AWS CloudWatch tracks IAM activities like logins and policy changes, while Microsoft Entra ID Premium does so via Azure AD Identity Protection. AWS uses CloudWatch Alarms for alerts on permission changes, whereas Microsoft Entra ID alerts on suspicious sign-ins and risky users. AWS GuardDuty detects IAM threats like unusual API calls or credential misuse, while Microsoft Entra IDâs Identity Protection identifies risky sign-ins (Premium P2 required). AWS Security Hub aggregates findings from CloudTrail and GuardDuty, while Microsoft Entra ID integrates with Azure Sentinel for advanced security analytics. For IAM configuration tracking, AWS Config monitors policies and permissions, while Microsoft Entra IDâs Audit Log track's role, group, and user changes. AWS Artifact provides downloadable compliance reports. Microsoft Purview Compliance Manager enables customers to assess and manage their compliance across services like Entra ID and Azure using built-in control assessments. AWS CloudTrail logs IAM activity across AWS Organizations, and Microsoft Entra ID Premium supports cross-tenant access monitoring. Azure Lighthouse enables cross-tenant management for service providers, integrating with Microsoft Entra ID for delegated access without guest accounts. It applies RBAC across tenants and manages shared resources like Azure Blob Storage and virtual machines, streamlining ISV operations in marketplace scenarios. Pricing AWS IAM and Microsoft Entra ID provide core IAM services for free, with advanced features available in paid tiers. Both platforms support unlimited users for basic IAM functions, with AWS offering free user, role, and policy creation, while Microsoft Entra ID allows up to 500,000 objects (users/groups) at no cost. Additional users can be added for free, though advanced features require a paid plan. MFA is free on both platforms, but Microsoft Entra ID includes advanced MFA options in Premium tiers. AWS does not have risk based Conditional Access for free. Microsoft Entra ID includes it in Premium P1/P2 tiers (starting at $6 per user/month) Custom policies for fine-grained access control are free in AWS and Azure. Identity federation is free in AWS IAM, while Microsoft Entra ID requires a Premium P1/P2 plan. Microsoft Entra ID includes Self-Service Password Reset (SSPR) in Premium P1/P2, whereas AWS IAM does not offer it for free. Both platforms support RBAC at no extra cost. Directory synchronization is available via Microsoft Entra ID Premium P1/P2. AWS Directory Service is a paid managed AD service, not part of IAM. AWS IAM doesnât have a direct âguest userâ concept; instead, you configure federated access or cross-account roles, but Microsoft Entra ID requires a Premium tier for Azure AD External Identities. Full API and CLI access for user, policy, and role management is free on both platforms. Advanced security monitoring is available through AWS GuardDuty and Security Hub at an extra cost. Microsoft Entra ID provides advanced security monitoring, such as risk-based conditional access, within Premium P1/P2 tiers. Both platforms offer free support for service principals, enabling secure application access and role assignments. Amazon Cognito vs. Microsoft Entra ID Amazon Cognito provides identity and access management for applications in AWS, while Azure offers this through Microsoft Entra ID, centralizing IAM tools for ISVs. Both differ in authentication, integration, and target audiences. User management Amazon Cognito uses User Pools for authentication and Identity Pools for federated identities. Microsoft Entra ID serves as a central identity directory for Azure, Microsoft 365, and third-party apps, integrating with on-prem AD. Authentication methods Both support password-based login, MFA, passwordless authentication, and social sign-in. Amazon Cognito can be extended to support passwordless authentication with magic links, OTPs, and FIDO2 using AWS Lambda. Microsoft Entra ID supports native passwordless options like FIDO2, Windows Hello, and OTPs, plus risk-based conditional authentication. Identity Federation & SSO Amazon Cognito supports SAML, OAuth 2.0, and OIDC. Microsoft Entra ID offers enterprise SSO with SAML, OAuth, and WS-Federation, plus cross-tenant federation via Entra ID B2B. Access Control & Security Policies AWS relies on AWS IAM and custom logic for built-in RBAC or Attribute Based Access Control (ABAC). Microsoft Entra ID includes RBAC, ABAC, and Conditional Access Policies for granular security control. Self-Service & User Management Amazon Cognito allows self-registration and password resets, with workflow customization via AWS Lambda. Microsoft Entra ID offers SSPR, access reviews, and an enterprise portal for account management. Security & Compliance Amazon Cognito provides monitoring via AWS CloudTrail and GuardDuty, compliant with HIPAA, GDPR, and ISO 27001. Microsoft Entra ID integrates with Microsoft Defender for Identity for threat detection, with compliance for HIPAA, GDPR, ISO 27001, and FedRAMP, plus risk-based authentication in premium tiers. Migration best practices tips When migrating IAM from AWS to Azure, organizations should: Assess existing AWS IAM policies and roles, mapping them carefully to Azure RBAC roles. Leverage Microsoft Entra Connect for seamless integration with existing on-premises Active Directory environments. Use Azure's Managed Identities and SAS tokens strategically to minimize credential management complexity. Implement Conditional Access Policies in Azure to dynamically secure and simplify access management. Key Resources: Microsoft Azure Migration Hub | Microsoft Learn Publishing to commercial marketplace documentation Pricing Calculator | Microsoft Azure Azure IAM best practices Configure SAML/WS-Fed identity provider - Microsoft Entra External ID Maximize your momentum with step-by-step guidance to publish and grow your app with App Advisor Accelerate your development with cloud ready deployable code through the Quick-start Development ToolkitSharePoint Embedded security features: A comprehensive Q&A guide
đ Authentication & identity management Q: How does SharePoint Embedded integrate with Microsoft Entra ID? A: SharePoint Embedded requires all users to authenticate through Microsoft Entra ID Single sign-on (SSO): Seamless authentication across Microsoft 365 services Multi-factor authentication (MFA): Configurable per-organization security policies Guest access: Secure B2B collaboration using Entra ID B2B guest accounts Key requirement: All users accessing SharePoint Embedded containers must exist as either: Member users in your Entra ID tenant Guest users invited through Entra ID B2B collaboration Q: What's the difference between delegated and application permissions? A: Understanding these permission models is critical for security and auditability: Delegated permissions (recommended): Application acts on behalf of an authenticated user User context preserved in audit logs Users must authenticate before accessing containers Enables file search capabilities within containers Use case: Interactive applications where user identity matters Application-only permissions (restricted Use): Application acts without user context No user tracking in audit logs (shows as application) Search capabilities are limited Use case: Background jobs, system integrations, automated processes Best practice: Use delegated permissions whenever possible to maintain proper audit trails and security accountability. Q: How do we secure service principals and application secrets? A: SharePoint Embedded supports multiple secure authentication methods: Managed identities (Most Secure): No secrets or certificates to manage Identity tied to Azure resources Cannot be used outside your Azure environment Eliminates credential exposure risk Certificate-based authentication: More secure than client secrets Longer validity periods Can be stored in Azure Key Vault Client secrets (use with caution): Store in Azure Key Vault, never in code or config files Enable automatic rotation (recommended: 90-day rotation) Configure expiration alerts Security hardening: Apply Conditional Access policies to service principals Restrict to corporate IP ranges using Named Locations Implement Privileged Identity Management (PIM) for credential access Enable Azure Policy to enforce certificate-based authentication Domain limitations if applicable đĄď¸ Container-level security features Q: What security controls are available at the container level? A: SharePoint Embedded provides granular security controls for each container: Sensitivity labels: Enforce encryption and access policies Automatically applied to all content in container Integrated with Microsoft Purview Information Protection Block download policy: View-only access for high-sensitivity content Prevents data exfiltration Supports watermarking in Office web apps Container permissions: Four permission levels available: Owners: Full control including container deletion Managers: Manage content and permissions (cannot delete container) Writers: Add, update, and delete content Readers: View-only access Q: How does SharePoint Embedded handle external user collaboration? A: SharePoint Embedded supports secure external collaboration through multiple mechanisms: Authentication options: Entra ID guest users: External users invited as B2B guests Email-based sharing: Send secure access links with expiration Anonymous links: View-only or edit links without authentication (configurable) Security controls: Container-level sharing policies may supersede tenant default settings; however, they do not impact other configurations within the tenant. Link expiration dates and access revocation Audit trail for all external user activities Integration with Data Loss Prevention (DLP) policies Sharing configuration best practices: Enable guest sharing only for required applications Require email verification for sensitive content Monitor external access through Microsoft Purview audit logs Real-world scenarios: Legal firms: Share case documents with external counsel using time-limited guest access Construction projects: Collaborate with subcontractors while maintaining security boundaries Financial services: Enable secure document exchange with clients using DLP policies đ Compliance & data governance Q: What Microsoft Purview features are supported? A: SharePoint Embedded integrates with the full Microsoft Purview compliance suite: Audit logging: All user and admin operations captured in unified audit log Enhanced with ContainerTypeId for filtering Search and export capabilities through Microsoft Purview Retention up to 10 years (with E5 license) eDiscovery: Search across all SharePoint Embedded containers Place legal holds on container content Review content to determine if it should be tagged and included in the case Export content for litigation or investigation Data lifecycle management (DLM): Apply retention policies to containers Automatic deletion after retention period Hold policies for litigation or investigation Label-based retention rules Implementation: Retention policies apply to "All Sites" automatically to include SPE containers Selective enforcement using container URLs Graph API for programmatic label application Data loss prevention (DLP): Identify and protect sensitive information Prevent external sharing of classified content Policy tips and user notifications Automatic encryption and access restrictions DLP policy enforcement: Real-time scanning of uploaded content Block external sharing based on content type Business justification workflows (app-dependent) Integration with sensitivity labels Q: How are DLP policies enforced in SharePoint Embedded? A: DLP works similarly to SharePoint Online with some considerations: Supported scenarios: Automatic detection of sensitive information (PII, financial data, etc.) Policy enforcement on upload, download, and sharing Alert generation for policy violations Integration with Microsoft Purview compliance center Application responsibilities: Since SharePoint Embedded has no built-in UI, applications must: Display policy tips to users when DLP flags content Handle business justification workflows for policy overrides Implement sharing restrictions when DLP blocks external access Use Graph APIs to retrieve DLP policy status Best practice: Test DLP policies on pilot containers before organization-wide deployment. đ Advanced security scenarios Q: How do we implement least-privilege access for SharePoint Embedded? A: Follow these principles for robust security architecture: Q: What are common security misconfigurations to avoid? A: Learn from real customer experiences: â Common Mistake 1: Assigning application permissions to user activities Problem: No audit trail, all actions appear as "application" Solution: Use delegated permissions for interactive scenarios â Common Mistake 2: Storing secrets in application code Problem: Credential exposure in version control Solution: Use Azure Key Vault with managed identities â Common Mistake 3: Ignoring conditional access configuration Problem: Service principals accessible from any network Solution: Configure named locations and conditional access policies â Common Mistake 4: Not testing admin consent flow Problem: Consuming tenant onboarding failures Solution: Use admin consent URL method: https://login.microsoftonline.com/{tenant-id}/v2.0/adminconsent?client_id={client-id}&redirect_uri={redirect-uri} đ˘ Enterprise security best practices Q: What security hardening steps should we implement? A: Follow this layered security approach: Level 1: Basic hardening Access controls: [ ] Implement least privilege principles [ ] Use delegated permissions for user-facing operations [ ] Regular permission audits (quarterly) [ ] Remove unused API permissions Authentication: [ ] Enable certificate-based authentication [ ] Configure MFA for all admin accounts [ ] Implement password-less authentication where possible [ ] Use managed identities for Azure-hosted apps Network security: [ ] Configure Conditional Access policies [ ] Define trusted IP ranges (Named Locations) [ ] Block legacy authentication protocols [ ] Enable sign-in risk policies Level 2: Advanced hardening Monitoring & alerting: [ ] Enable Microsoft Defender for Cloud Apps [ ] Configure alerts for suspicious activities: Unusual download volumes Access from unexpected locations Permission changes Guest user additions [ ] Integrate audit logs with SIEM (Sentinel, Splunk) [ ] Establish baseline for normal activity Compliance: [ ] Apply sensitivity labels to containers [ ] Implement DLP policies for sensitive data [ ] Configure retention policies [ ] Regular compliance assessments Incident response: [ ] Document container emergency access procedures [ ] Define escalation paths for security incidents [ ] Test access revocation processes [ ] Maintain audit log retention for forensics Level 3: Zero trust architecture Continuous verification: [ ] Device compliance requirements [ ] Session-based access controls [ ] Real-time risk assessment [ ] Automated response to anomalies đ Additional resources Official documentation Security and Compliance Overview Container Permissions API Microsoft Purview DLP Conditional Access Policies Security best practices SharePoint Embedded Admin Guide Entra ID Application Security Zero Trust Security Model Have more questions or want to talk to the team, contact us: SharePointEmbedded@microsoft.comMicrosoft Ignite- Meaningful Announcements That Create Real Movement
Now that we are officially in 2026, I want to reflect back on Microsoft Ignite as it was more energized than ever. There is real momentum right now across Microsoft Marketplace, and the most meaningful shift I am seeing is around REO( Reseller Enabled Offer )capability. This is opening the door for partners to take Marketplace offers and bring them directly into new regions, new customer segments, and new routes to market without adding operational friction for either side. A true channel selling motion! For ISVs, REO means you can authorize trusted partners to resell your Marketplace offer in the way that works best for the customer. You no longer need to manage every deal yourself. For partners, it means instant access to in demand AI and security solutions that customers are already asking for. It removes barriers, it speeds up the process, and it connects the ecosystem in a much more natural way. If anyone in the community is exploring REO, private offers, multiparty models, or Marketplace strategy in general, it would be great to hear from you or reach out and would love to discuss. Looking forward to connecting with everyone in the new year. justinroyalâ
'Unknown Error' while completing Microsoft ISV Success Sign Up
While completing my ISV Success signup, after pressing 'Agree and Continue' and verifying all input fields, it shows me "An unknown error occurred, please try again later". Why is it showing this error? All the fields have been filled correctly. Can someone assist me with this? Has anyone else faced and resolved this error? I have attached the screenshot of the error as well. Thanks.December edition of Microsoft Marketplace Partner Digest
Microsoft Ignite 2025 - Marketplace highlights Microsoft Ignite was packed with announcements and insights for Marketplace partners. From new commerce capabilities to AI-driven innovations, here are some key takeaways: Global expansion of Microsoft Marketplace - Microsoft announced that the reimagined Microsoft Marketplace, which launched in the U.S. earlier this year, is now globally available. This expansion includes new APIs for distribution partners, enabling them to link their own cloud marketplace with Microsoftâs, opening significant opportunities for software companies in SMB and mid-market segments. đŹ Watch a recorded webinar with TD SYNNEX on the power of distribution to accelerate SMB marketplace sales. Global availability of Resale Enabled Offers - This capability allows software development companies to and channel partners to resell software solutions directly through Marketplace, simplifying transactions, expanding reach, and scaling revenue. đ Read more about this announcement and get started Introducing App Accelerate - A unified offer that brings together incentives, benefits, and co-sell support across the Microsoft Cloud. App Accelerate provides end-to-end technical guidance, developer tools, and go-to-market resources so software development companies can innovate and scale. Previews are beginning now, with full availability planned for 2026. â Sign up to receive updates Enhanced Partner Marketing Center - Discover, customize, and launch campaigns faster with intelligent search and AI-powered toolsâall on one connected platform. The current Partner Marketing Center will remain available as the new and enhanced Marketing Center platform launches in early 2026 with 24 campaigns-in-a-box, aligned to FY26 solution plays. ⨠Get ready for the new era of partner marketing Frontier Partner badge â New customer-facing badges recognize top services, channel, and software development company partners that are driving AI transformation with customers and offer them an opportunity to differentiate themselves from the competition. đĄď¸Differentiate your AI-first leadership Catch up on Microsoft Ignite sessions Ignite 2025 delivered powerful insights and announcements for Marketplace partners, and now you can catch up on the sessions you missed. Explore these recorded keynotes to learn about new capabilities, partner programs, and strategies to accelerate growth through Microsoftâs ecosystem. Ignite opening keynote Ignite partner keynote: Powering Frontier Partnerships Additionally, weâve compiled recordings of relevant Marketplace partner and customer sessions so you can watch on-demand. Revisit Marketplace-focused sessions and resources. Just look for the ⨠icon below. Partner sessions: PBRK415 Grow your business with Microsoft AI Cloud Partner Program Find out how the Microsoft AI Cloud Partner Program helps you grow with new benefits, designations, and skilling opportunities. This session covers updates like the Frontier Partner Badge, Copilot specialization, and streamlined Marketplace engagementâall designed to accelerate your AI transformation journey. PBRK416 Accelerate Growth through Partner Incentives Explore how Microsoft is boosting partner growth with streamlined incentives, AI-first strategies, and new designations like Frontier Distributor. This session covers expanded investments in Azure Accelerate, Copilot solutions, and security practicesâplus insights on how to capitalize on evolving programs and co-sell opportunities. PBRK417 Partner: Connect, Plan, Win â Enhancing Co-sell Engagement Discover how to enhance collaboration, optimize joint efforts, and drive success in shared initiatives. Gain insights into improving interactions with Microsoft sellers and leveraging opportunities, along with guidance on proactive co-selling to align your goals with Microsoft's for sustained growth. PBRK418 Partner: Benefits for Accelerating Software Company Success Learn about the resources and benefits available for software development companies across all stages of the build, publish and grow journey in MAICPP. Whether youâre developing a new agent solution or working toward a certified software designation, there are targeted skilling opportunities, technical resources, and GTM benefits to help. Tap into new investments for AI apps and agents and hear from your peers on how theyâve used rewards such as customer propensity scores and Azure sponsorship. PBRK419 SI & Advisory Partner Readiness: Accelerating the Journey to Frontier Understand how Microsoft is empowering our SI and advisory partners to accelerate frontier firm readiness for our Enterprise customers by driving AI transformation with agentic solutions and services. â¨PBRK420 Executing on the channel-led marketplace opportunity for partners See how Microsoftâs unified Marketplace drives partner growth with resale-enabled offers, creating scalable channel sales and co-sell opportunities. This session shares practical steps to build a sustainable Marketplace practice and leverage the partner ecosystem for greater reach and profitability. PBRK421 Enabling a thriving partner ecosystem: New CSP Authorization Criteria Dive into whatâs new for Cloud Solution Providers, including updated authorization requirements and designations that help you stand out. This session covers steps to choose the right tier, build trust as a customer advisor, and prepare for growth with AI-driven solutions and Copilot offerings. PBRK422 The Future of Partner Support: Customer + Partner + Microsoft Discover âUnified for Partners,â Microsoftâs new support model designed for CSP partners to deliver customer success at scale. This session introduces the Support Services designation, offering faster response times, financial incentives, and integrated tools to strengthen your support capabilities. PBRK423 Partner Execution at Scale with SME&C Explore growth opportunities in the high-potential SME&C segment. This session highlights investments in co-selling, AI-first strategies, and what it means to become âcustomer zero,â with examples of frontier firms driving innovation at scale. â¨PBRK424 Marketplace Success for Partnersâfrom SMB to Enterprise Learn how to build, publish, and monetize AI-powered solutions through Microsoft Marketplace. This session shares a proven approach to align your Marketplace strategy with your sales motion and unlock new revenue opportunities. PBRK272 Accelerate Secure AI: Microsoftâs Security Advantage for Partners Explore Microsoftâs integrated security solutions and learn how to help customers strengthen their defenses in the AI era. This session highlights partner opportunities, resources to grow your security practice, and what it takes to lead as a next-generation security partner. Customer Sessions: â¨Microsoft Marketplace: Your trusted source for cloud solutions, AI apps, and agentsâ | STUDIO47 Hear from Cyril Belikoff, VP of Commercial Cloud & AI Marketing, sharing the reimagined Microsoft Marketplaceâthe gateway to thousands of AI-powered apps, agents and cloud solutionsâall built to accelerate innovation and drive business outcomes. Discover how customers benefit from faster deployment, seamless integration with Microsoft tools, and trusted solutions, and how partners can scale their reach, accelerate sales, and tap into Microsoftâs global ecosystem. Azure Accelerate in action: Confidently migrate, modernize, and build faster Join Cyril Belikoff for a rapid Q&A that spotlights real-world customer success and the transformative impact of Azure Accelerate. Hear how customers like Thomson Reuters achieved breakthrough results with our powerful offering that provides access to Microsoft experts and investments throughout your Azure and AI journey. â¨BRK213 Microsoft Marketplace: Your trusted source for cloud and AI solutions Discover how the reimagined Microsoft Marketplace is reshaping the future of cloud and AI innovation. In this session, weâll explore how Microsoft Marketplaceâunifying Azure Marketplace and Microsoft AppSourceâempowers organizations to become Frontier Firms by streamlining the discovery, purchase, and deployment of tens of thousands of cloud solutions, AI apps, and agents. â¨BRK215 Boost cloud and AI ROI using Microsoft Marketplace As organizations embrace an AI-first future, cloud adoption is accelerating to drive innovation and efficiency. This session explores practical strategies to optimize cloud investmentsâbalancing performance, scalability, and cost control. Learn how Microsoft Marketplace enables rapid solution deployment while maintaining governance, compliance, and budget discipline. Build a resilient, cost-effective cloud foundation that supports AI and beyond. Community Recap Partner of the Year Award Winners Congratulations to the winners and finalists of the 2025 Microsoft Partner of the Year Awards in the Marketplace category! đ Explore all winners and finalists Fivetran earned the top honor as Marketplace Partner of the Year for its innovation in automating data movement on Microsoft Azure, enabling enterprises to accelerate AI and analytics initiatives. Varonis Systems Inc. and Bytes Software Services were recognized as finalists for delivering exceptional solutions and driving customer success through Marketplace. Whatâs Coming Up AI-powered acceleration: Scale faster in Microsoft Marketplace đ Thursday, December 04, 2025, at 9:00 AM PST Microsoft Marketplace is no longer just a procurement convenience; itâs a strategic revenue engine. Dive into operational readiness, CRM-native automation, seller engagement, trust signals, and AI-enabled acceleration. Whether you're just getting started or looking to optimize your Marketplace motion, this session will provide you with information that will turn your first sale into a repeatable growth engine. Scale smarter: Discover how resale enabled offers drive growth đ Friday, December 05, 2025, from 11:00 - 12:00 PM GTM+1 Discover how resale enabled offers help software development companies to scale through the Microsoft Marketplace by simplifying transactions, expanding reach and accelerating co-sell opportunities. Chart your AI app and agent strategy with Microsoft Marketplace đ Thursday, December 11, 2025, from 8:30 - 9:30 AM PST Organizations exploring AI apps and agents face a critical choice: build, buy, or blend. Thereâs no one-size-fits-allâeach approach offers unique benefits and trade-offs. Tune in for insights into the pros and cons of each approach and explore how the Microsoft Marketplace simplifies adoption by providing a single source for trusted AI apps, agents, and models. Office hours for partners: Marketplace resale-enabled offers đ Thursday, December 18, 2025, at 8:30 AM PST Tune in to explore resale enabled offers through Microsoft Marketplace. This recently announced capability enables software companies to expand into new markets globally, at scale, and without additional operational overhead. Dive deep into the workflow and requirements for these deals. Learn about reporting and best practices from those that are already selling globally with resale enabled offers. Microsoft Ignite will return to San Francisco next year đ November 17-20, 2026 Sign up now to join the Microsoft Ignite early-access list and be eligible to receive limitedâedition swag at the event. đŹ Share Your Feedback! We truly appreciate your feedback and want to ensure these Partner Digests deliver the information you need to succeed in the marketplace. If you have any feedback or suggestions on how we can continue to improve the content to best support you, weâd love to hear from you in the comments below!Transitioning SaaS Offers with Multi-Year Pricing from AppSource to Azure Marketplace
When a SaaS transactable offer on Microsoft AppSource includes a pricing plan for more than 1 year, the offer is delisted from AppSource and becomes available on Azure Marketplace. This is due to the platform's structure: AppSource primarily supports monthly or annual subscription models for SaaS offers. Any pricing model that exceeds 1 year (e.g., 2-year, 3-year plans) is outside the scope of AppSourceâs transaction capabilities. When a SaaS solution introduces https://learn.microsoft.com/en-us/partner-center/marketplace-offers/marketplace-commercial-transaction-capabilities-and-considerations, it is automatically transitioned to Azure Marketplace, which can accommodate longer-term contracts and subscription models (such as 2-year, 3-year, or longer terms). Azure Marketplace is designed for more complex transactions, including multi-year deals, and supports deeper infrastructure integration and contract management features compared to AppSource. Thus, any SaaS offer that requires multi-year pricing terms will shift from AppSource to Azure Marketplace, where such transactions can be handled effectively.Scale smarter: Discover how resale enabled offers drive growth
Friday, December 5 | 11:00 12:00 PM GTM+1 online event Discover how resale enabled offers (REO) help software development companies scale through the Microsoft Marketplace by simplifying transactions, expanding reach and accelerating co-sell opportunities. Why attend? Simplify multi-party transactions Expand your global reach through resellers Accelerate co-sell opportunities and close more deals Reserve your spot now to start unlocking new growth opportunitiesđ¤Finding alignment with Channel partners as an ISV?
Hi all! We're new to the MS ecosystem. Spent the last 15 years developing products for the Salesforce ecosystem, which is very direct sales heavy. We've launched our app https://marketplace.microsoft.com/en-us/product/Office365/WA200008222 which is a native and robust integration between Salesforce and Microsoft Teams. We listed just this year in March 2025. We're attending Microsoft Ignite for the first time, and it's clear we need to have a channel partner strategy. Microsoft claims there are over 500k partners - my question to the group (especially ISV partners): how do you find channel partners effectively that align to your product and strategy? Where do we even start? We obviously have an affinity towards partners that serve Saleforce and MS Teams customers. Thanks in advance!!
