Get Started in Partner Center for Microsoft 365, Teams, SaaS, and SharePoint apps
| Phase | Title |
|---|---|
| Phase 1 | Publisher Attestation |
| Phase 2 | Microsoft 365 Certification |
1. Overview
This document acts as a step-by-step user guide for our partners enrolled in the Microsoft 365 App Compliance program aiming to undergo Publisher Attestation and Certification though the Partner Center portal.
Important
SaaS apps require pre-approval by the Microsoft 365 App Compliance team. If you app is not pre-approved you will not be able to proceed within partner center. To get your SaaS pre-approved please contact appcert@microsoft.com.
2. Acronyms & Definitions
| Acronym | Definition |
|---|---|
| PC (Partner Center) | A portal for all Microsoft partners. A partner logs in to Partner Center and submits self-assessment questionnaire. Partner Center for Microsoft 365 App Compliance |
| ISV | Independent Software Vendor. Also known as partner or developer |
| App Source | Catalog of apps |
| Example | Now virtual agent |
3. Publisher Attestation Workflow
Home Page : This is the landing page once a partner logs in to Partner Center.
Step 1 : Select Marketplace Offers.
Step 2: After selecting 'Marketplace Offers', toggle to 'Office Store'. Select an app from the list to begin the Publisher Attestation process.
On selecting an app, another navigation bar will pop up with the option 'Additional certification info' then select ‘App Compliance’.
Step 3: Select 'App Compliance’
Step 4: Fill out the self-assessment questionnaire for Publisher Attestation
Note If you have another office app with a published attestation you can clone the answers for other apps and update as needed. Click dropdown for ‘Choose the product’, select the app and click ‘Clone.’
You can also use the Import/Export feature to complete the form offline and import it once completed.
Step 5: Once completed, select on ‘Submit’, the assessment will now be ‘Under Review.'
Approve/Reject Scenarios:
A. Publisher Attestation Rejection
- In case of rejection at this stage, a partner can:
- View failure report
- Partner will be notified via email, and they can view the failure report in Partner Center
- Update and resubmit Publisher Attestation
- View failure report
B. Publisher Attestation Approval
- Upon approval partner can:
- Update and resubmit attestation
- View and share completed Publisher Attestation
- Start Microsoft 365 Certification process
Post Publisher Attestation Approval: Example of link in AppSource for publisher attested apps
4. Microsoft 365 Certification Workflow
A partner can begin the Certification process by selecting the checkbox and clicking ‘Submit’
Step 1: Initial Document Submission Fill out all the details, upload relevant documents and select ‘Submit’
On clicking submit, the attestation submission will be under review.
An analyst requests a revision in case the initial documents aren't sufficient or relevant. The analyst will work with the partner to help get the right documents for approval.
Once the analyst approves the initial document submission, the partner needs to submit the control requirements.
Step 2: Control Requirement Submission Fill out all the details, upload relevant documents and select ‘Submit’
On clicking Submit, the certification submission will be under review.
An analyst requests a revision in case the control requirement documents aren't sufficient or relevant. The analyst will work with the partner to help get the right documents for approval.
In case the submission doesn't satisfy the approval standards, the analyst will reject the submission. The partner can work with the analyst to provide the relevant information and documents.
Once all the security standards have been met, the analyst will approve the submission, and the partner will be Microsoft 365 Certified.
Post Certification Approval: Example of Microsoft 365 certification badge in AppSource
5. Microsoft 365 Renewal Workflow:
Microsoft 365 Publisher Attestation and Certification Renewal Workflow: Microsoft 365 App Compliance Program now offers an annual renewal process. During this process, app developers can update their existing Publisher Attestation questionnaire and documents required for Microsoft 365 Certification.
Benefits:
- Maintain your certification badge in AppSource, the Teams Store, the Office Store and other storefronts to differentiate the app.
- Increase customer confidence in using your certified app.
- Help IT admins make informed decisions with updated certification information.
The renewal process is available in Partner Center to provide a seamless experience. A renewal reminder will be shown in Partner Center starting 90 days before the expiration date. Periodic reminders will also be sent via email at 90, 60 and 30 days before expiration.
Phase 1: Publisher Attestation Renewal:
The new renewal process is available in Partner Center to provide a seamless experience. A renewal reminder will be shown in Partner Center starting 90 days before the expiration date. Periodic reminders will also be sent via email at 90, 60 and 30 days before expiration.
Step 1: Select Renew to renew the Publisher Attestation.
Step 2: Review the previous Publisher Attestation answers and update with the latest information as needed. Submit Publisher Attestation for renewal when ready. It will be reviewed by a Microsoft 365 app compliance analyst.
Publisher Attestation Renewal Approved
Publisher Attestation Expired: The app’s information needs to be renewed before the expiration date to maintain the app’s Publisher Attestation page on the Microsoft docs. Timely renewal will also ensure continued badging and icons for the app in AppSource, Teams Store, Office Store and other storefronts.
Note: Once expired, Publisher Attestation renewal process can be started anytime by clicking ‘Renew’.
Phase 2: Microsoft 365 Certification Renewal
The app’s certification information needs to be resubmitted on an annual basis. This will require revalidation of the in-scope controls of your current environment. When the Certification nears 1-year mark an email notification will be sent encouraging a resubmission of the documents and evidence.
Certification Renewal Approve/Reject Scenarios:
Scenario 1:
Certification renewal has started and is under review.
Scenario 1A:
Certification renewal rejection: Certification may be rejected if:
- The app doesn't have the required tooling, processes, or configurations in place and won't be able to implement required changes within the certification window.
- The app has outstanding vulnerabilities in place and can't be fixed within the certification window.
Scenario 1B:
Certification renewal is approved
Certification Expiration:
The app’s information needs to be renewed before the expiration date to maintain app’s Certification page on the Microsoft docs. Timely renewal will also ensure continued badging and icons for the app in AppSource, Teams Store, Office Store and other storefronts.
Note: Once expired, Publisher Attestation and Certification process can be started anytime by clicking ‘Renew’.