question

ErwinSinniah-9717 avatar image
0 Votes"
ErwinSinniah-9717 asked ErwinSinniah-9717 edited

How to enter MPN ID for App Registration?

I am in the process of App Registering, Branding and properties, Publisher Verification. When I try to enter my MPN ID, I keep getting an error "You must use multi-factor authentication to proceed. Please ensure MFA is enforced for your account, and then sign in again using MFA. Click for additional information." I have tried to sign in with MFA and yet it still does not work. How do I enter the MPN ID, with MFA or how do I ensure I have MFA?

azure-ad-multi-factor-authenticationazure-ad-app-registration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered ErwinSinniah-9717 edited

Hi @ErwinSinniah-9717,

There are a few things to check:

Make sure that MFA is enabled on the account. If you are the admin of the account, you can follow the steps to enable MFA or make sure that security defaults are enabled. You can then go to aka.ms/mfasetup to configure your MFA methods.

Then, I would double check that your MPN associated with Azure AD and the current directory are same. You cannot associate an MPN with different directory other than one approved.

As long as you created the App Registration where the domain is primary domain (used to verify MPN ID in the Partner Center), and enabled MFA for the user who is trying to add MPN ID to Application, you should be able to resolve this issue.

I don't think this applies to your situation based on the error message you included, but I will also note that you can get blocked if your account has been identified as a "risky user." If the user is on the “risky users” list, you or your admin may need to perform remediation steps to eliminate user risk. Reference: Remediate risks and unblock users in Azure AD Identity Protection | Microsoft Docs. After remediating, it will take several hours to invoke dismiss process in our backend, and then you can try adding the MPN ID again.

Let me know if these steps help.

Marilee


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I think you identified the possible problem. On my Azure Profile, I seem to have multiple Directories. The App Registration is on "Default Directory" instead of the named directory. When I switch to the named directory, I cannot see any of the apps I could see from the "Default Directory". The named directory is the directory that my account is associated with the MPN ID. All this said, I don't know how to fix this. Do I need to just created a new App Registration in the named directory or can I merge the 2 directories some how?

The solution that solved my problem was making sure I created the App Registration on the same directory as the MPN directory.

0 Votes 0 ·

Apologies for the delayed reply! If you plan to have users from both tenants accessing the app, you can register the app as a multi-tenant app in the named directory. https://docs.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps

If you plan to keep all of your resources in one directory you could also merge them, but doing so usually involves recreating most of your resources and is a pretty long and complicated process, and it seems like in your case the multi-tenant app registration would be sufficient.


0 Votes 0 ·