Upcoming API changes for Microsoft partners: What you need to know

Professional headshot of Andrew Smith
Andrew Smith

General Manager, Worldwide Partner Programs

Apr 14, 2025

3 min read

Sell with Microsoft

Two colleagues looking at a computer screen.

Trust is the foundation of our business at Microsoft, and that’s why we keep security and compliance top of mind in everything we do. We can’t do it alone, though. Our partners play a crucial role in maintaining trust with customers and improving the way they do business with us—while elevating the security baseline of our ecosystem. 

As we continue working toward a safer and more secure future together, your ongoing support and cooperation are essential to keeping our products, solutions, and processes secure and compliant—and we’re committed to providing updates and resources to improve the partner experience so you can drive efficiency and grow your business.  

So far in FY25, we’ve introduced end-of-sale (EOS) scheduling for billing frequency changes in Partner Center UI and API, started to block unused Microsoft Azure subscriptions, and released the Security requirements API (available in Beta) that gives partners direct access to essential security data. 

To continue improving the experience for both partners and customers, over the next few months, we’re making changes to several application programming interfaces (APIs) you regularly interact with. 

This blog post will help you understand the upcoming changes and what your team needs to do to avoid disruption to business operations and sales. Be sure to share these details, launch dates, and readiness resources with your technical teams so they can prepare and implement the necessary updates. 
 

Upcoming API changes and resources 

April 14: Change to Partner of Record (POR) assignment for CSP resellers 
Starting April 14, 2025, we are updating the Partner Location Account (PLA) API and UI in Partner Center to ensure compliance with Cloud Solution Provider (CSP) Partner of Record (POR) policies. This update will make it easier for indirect providers to assign active, compliant indirect resellers as POR for new subscription orders. 

April 21: CSP billing reconciliation v1 APIs
CSP billing reconciliation v1 APIs will retire on April 21, 2025. After this date, access to reconciliation line items for billing periods will be unavailable. CSP direct bill partners and indirect providers using billing APIs in Partner Center to retrieve invoices and usage reconciliation will need to migrate to the new asynchronous v2 APIs before April 21, 2025, to avoid service disruption.  

August 31: Deprecation of the Azure AD graph token 
We’re deprecating graph.windows.net audience tokens, which means we’re updating the process for calling Partner Center APIs. The new version of the generateToken API is now available and accepts only api.partnercenter.microsoft.com audience tokens for both usertoken and app-only scenarios. If you are using the generateToken API, you must implement this change by August 31, 2025

October 7: Upcoming changes to MCA attestation methods 
Currently, partners can attest for their customers in three ways: using an API, the Partner Center UX, or the Microsoft Customer Agreement (MCA) bulk attestation tool. Beginning October 7, 2025, the current API and Partner Center UX will be retired, and there will be two methods for accepting the MCA:  

  1. The new, enhanced partner attestation API 
  2. Direct customer acceptance 

Additionally, after May 7, 2025, the MCA bulk attestation tool will have read-only capability and will no longer support bulk attestations. Review implementation details to learn more. 
 

Additional technical changes 

Multifactor authentication (MFA) on Azure, Microsoft 365, and Partner Center 
The vast majority of cyberattacks can be prevented by basic cybersecurity hygiene practices, starting with MFA—which reduces the risk of compromise by over 99%.1 That’s why we’re enforcing mandatory MFA across our portals, including Azure and Microsoft 365. This update will also take effect in Partner Center soon. Learn more about implementing MFA, as well as the complete list of best practices regarding identity, devices, and monitoring to better protect your organization and your customers.  

A secure future starts with us 
To avoid technical and business disruptions, it’s critical that your organization implements these changes by their respective dates.  

Comprehensive security among organizations presents a significant opportunity for every partner to grow their business and reach more customers. We deeply appreciate your help in making this transition as smooth as possible so we can continue to build a secure partner ecosystem—and safer solutions for customers—together.

 

 

1 Microsoft, How effective is multifactor authentication at deterring cyberattacks? (Redmond, WA: Microsoft, 2023). 

image

Related blogs


Share article

More from category

Maximizing partner success with marketplace changes_blog-image_standard_620x465

Mason McCoy

Oct 01, 2024

Maximizing partner success with marketplace changes

5 min read

A businesswoman carries a smart phone and laptop on her commute to work in central business district.

Regina Johnson

Jul 30, 2024

Thriving together: the power of Microsoft partner communities

6 min read

Office employee wearing a wireless headset while working at his computer in the office.

Guest contributor

Jul 23, 2024

Activating the ecosystem: marketplace multiparty private offers expand to new regions

3 min read

Group of business people having a meeting at a round conference table in a creative office.

Microsoft AI Cloud Partner Program team

Jul 18, 2024

What's new for Microsoft partners: July 2024 edition

7 min read

People in a glass-walled conference room

Julie Sanford

Feb 07, 2024

Announcing 2024 Microsoft Partner of the Year Awards nominations

2 min read

Copilot_blog

Nicole Dezen

Jan 15, 2024

Copilot for Microsoft 365: expanded partner opportunity

7 min read