Skip to main content

Integration

Grant Suger the necessary access to manage your Azure Marketplace on hour behalf, no more no less.

Overview

Selling on Azure Marketplace is managed through Microsoft Partner Center. Your business is required to enroll and get a verifed Microsoft Partner Network (MPN) ID. More details can be found here.

Prerequisite

Once your Microsoft Partner Network (MPN) get verified, follow the steps below to prepare resources required for Suger integration.

Connect Azure AD Tenant

Associate one Azure AD Tenant with your Microsoft Partner Center tenants.

Register Azure AD Application

Register an Azure AD Application in the previous Azure AD Tenant, ensure that:

  1. Add Web Redirect URL in the Application. The Redirect URL should be https://api.suger.cloud/public/integration/azure/authCode.

  2. Under Implicit grant and hybrid flows, check both:

    • Access tokens (used for implicit flows)

    • ID tokens (used for implicit and hybrid flows)

  3. Add the required API permissions. Go to API permissions+ Add a permissionAPIs my organization uses, and search for Microsoft Partner. The following APIs should appear:

    • MicrosoftPartner (App ID: 4990cffe-04e8-4e8b-808a-1175604b879f)
    • Microsoft Partner Center (App ID: fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd)
    • Microsoft Partner Center (App ID: fabfbdc4-5751-471c-ac43-3826fa1afc31)

    For each of the three APIs, click on the API name, select the user_impersonation permission, and click Add permissions.

    azure_portal_permission

    warning

    The MicrosoftPartner API may not always appear by name. If you don't see it in the search results, try searching directly using the App ID: 4990cffe-04e8-4e8b-808a-1175604b879f.

    If the application is still not appearing, open PowerShell from the Azure Portal and run the following commands, then try again:

    $Tenantid = '<your_tenant_id>'
    $Appid = '4990cffe-04e8-4e8b-808a-1175604b879f'

    Connect-AzureAD -TenantId $Tenantid

    New-AzADServicePrincipal -ApplicationId $Appid

    After running the commands, you can verify the service principal was created successfully:

    Get-AzADServicePrincipal -ApplicationId $Appid

Add Azure AD Application

Add the Azure AD Application created in the previous step to your Microsoft Partner Center User Management with all roles (Manager, Developer, Business Contributor, Finance Contributor, Marketer) assigned.

Enroll Partner Programs

There are two programs Commercial Marketplace and Microsoft AI Cloud Partner Program to enroll before we can start the marketplace listing and offers, as shown below in Microsoft Partner Center.

Create Integration

Now all required resources are ready from upper steps, then click the button CONNECT and fill the dialog of Azure integration on Suger Console with info below.

azure_integration_form.jpg

  • Tenant ID: The ID of the Azure AD Tenant associated with your Microsoft Partner Center.

  • Client ID: It is also called Application ID, It is the ID of the Azure AD Application created & added to your Microsoft Partner Center.

  • Client Secret: It is also called Application Secret or Secret Key or Application Key. Get it from the Azure AD Application. Here is the reference you can follow.

  • User ID: The email address to log in to Microsoft Azure and Microsoft Partner Center.

  • User Secret: The password to log in to Microsoft Azure and Microsoft Partner Center.

    tip
    • To enable App + User authentication through Suger for connecting to Azure Marketplace APIs, it is required to provide the User ID (the email address you use to log in to Microsoft Partner Center) and User Secret (the password you use to log in to Microsoft Partner Center), so we can securely verify your identity and complete the process.

Once clicked the button CREATE, you are redirected to Azure auth portal to grant OAuth code for the Application & Suger service.

Complete Integration — Product Technical Configuration

Important

Creating the Azure integration in Suger alone is not sufficient. You must list at least one product (Public Offer) in Microsoft Partner Center, and ensure its Technical Configuration exactly matches the Suger integration settings. If they are inconsistent, Suger will not be able to retrieve entitlements, even though the integration itself appears to be successfully created.

When listing your product in Microsoft Partner Center, verify the following in the Technical Configuration section:

  • The Azure AD Tenant ID is the same one used in the Suger integration.
  • The Azure AD Application (Client) ID is the same one used in the Suger integration.
  • The Landing Page URL is set to the Suger-provided endpoint.
  • The Connection Webhook is set to the Suger-provided endpoint.
tip

For the exact values of Landing Page URL, Connection Webhook, and other Technical Configuration fields, refer to the List Product — Technical Configuration page.

Edit Integration

You can edit the integration to update the following fields:

  • Enable Entitlement End Soon Notification: When enabled, specify the number of days (10-60) before an entitlement ends to trigger notifications. Suger will send an initial notification when Azure Marketplace entitlements approach ending, followed by reminders every 5 days. To configure recipients, follow the email notification configuration guide and add the scope END_SOON.ENTITLEMENT.

Delete Integration

The Azure integration can be deleted like all other integrations. Once the deletion is triggered, all integration info including the Application Key will be deleted immediately & permanently from Suger. No time window or methods to recover.