0

I have created an application in Azure AD and already have verified MPN ID to associate with this application.

When I add MPN ID I get the error:

This capability is not supported in an email-verified tenant.

There is a custom domain in the tenant, and it shows as "verified". The verification was done by uploading a json file to a .well-known folder.

Please clarify, how can I properly proceed with this and correctly associate MPN ID. I am sure it is something simple, but after hours of looking I cannot find anything related to this.

The only thing similar I found is this post: https://learn.microsoft.com/en-us/answers/questions/289672/34email-verified-tenant34-error-when-attempting-to.html?childToView=1084329

But it doesn't clarify where to actually continue verification using the TXT record (I know how to add a TXT record). But I don't even think that is needed, because the domain verification was done with the JSON file and the code in it - TXT record from all that I found could have been the old verification method for the domain.

Any thoughts?

Coder12345
  • 119
  • 4

2 Answers2

1

I solved the problem myself.

Under the page - partner.microsoft.com where the MPN ID is approved, I had to go to User Management tab in the left side, and then click a link to become administrator and owner which is shown there. By default, when the account is created, it is only email-authorized, but in order for it to become domain-verified, you also have to make it as administrator, after it is created initially.

Once I clicked that link, it presented a screen with the TXT value for DNS entry which I added it to my domain and after clicking the "Verify" button, it worked and it converted my account into Account admin, Referrals admin, MPN partner admin, Owner. Some of the steps and button names are from memory as I didn't document them along the way but this is very much how the process went.

Then I was able to add verified MPN ID to the application created in the portal.azure.com (Branding & properties section) and now it shows the verified blue badge.

One pitfall I had is that also under the partner.microsoft.com - User management tab - Azure AD Applications sub-tab, I added my application. That was a mistake - don't do that. When I tried to add MPN ID under portal.azure.com it warned me that I was not the owner. After removing the app from Azure AD Applications in the partner.microsoft.com it worked then and I was able to add MPN ID under the portal.azure.com.

This process could certainly be much easier than it is, it is very unintuitive as it is IMHO. There are many ways to fail, many unnecessary steps like linking the partner account with azure AD portal account, it is not clearly explained and I spent days to locate what basically took 2 minutes once I knew where to look. A good video tutorial by Microsoft would be more helpful.

Coder12345
  • 119
  • 4
0

https://learn.microsoft.com/en-us/azure/active-directory/develop/publisher-verification-overview

I believe you needed this article.

isaac
  • 1