Microsoft has announced a series of critical security-first and API-driven technical updates across Partner Center to help Cloud Solution Provider (CSP) partners strengthen security posture, streamline operations, and maintain business continuity through 2026.

Recent Enhancements Now in Effect

Several important changes have already rolled out to improve partner security and operational reliability:

Security Workspace for CSP Indirect Resellers (November 15, 2025): The new Security workspace provides visibility into multifactor authentication (MFA) status, security scores, and compliance gaps with AI-powered guidance to help resellers meet CSP authorization requirements.

Partner of Record Enforcement (December 1, 2025): Partner Center now enforces Partner of Record (POR) validation for all CSP subscriptions. The Partner Location Account (PLA) API validates reseller compliance before transactions proceed, affecting new orders, seat adjustments, billing changes, and migrations.

MFA Enforcement in Volume Licensing Central (January 5, 2026): Mandatory MFA is now required for all partners accessing Volume Licensing Central. Partner tenants without MFA enabled for admin users will be blocked from signing in.

MCA Attestation API-Only (January 5, 2026): The Microsoft Customer Agreement (MCA) attestation UI and legacy API have been retired. All attestation workflows must now use the enhanced API. Partners who attested customers before April 1, 2023, must re-attest using the new API to avoid blocked transactions.

Marketplace Purchase Intent Field (January 5, 2026): Co-sell referral integrations must now include the Marketplace Purchase Intent field to signal customer transaction intent through Microsoft Marketplace. Missing this field may cause validation failures or processing delays.

Azure Active Directory Graph Retirement (January 15, 2026): The graph.windows.net audience tokens have been retired. All Partner Center services must migrate to api.partnercenter.microsoft.com and use the new generateToken API.

Critical Upcoming Changes

Partners should prepare for several high-impact updates coming in the next few months:

Billing Reconciliation API Migration (March 15, 2026): Microsoft is retiring the legacy Billing Usage API v1. All CSP partners must migrate to the asynchronous Billing Usage API v2 before this date to avoid error states and billing workflow disruptions.

Mandatory MFA for Partner Center API Access (April 1, 2026): Starting April 1, Microsoft will require mandatory MFA for all Partner Center API access, including both user-based and app-only authentication flows. API calls that don't meet MFA requirements will fail after enforcement begins.

Extended Service Terms in CSP (May 4, 2026): The free grace period for accessing services on non-renewed subscriptions will be discontinued. After subscription expiration, partners and customers will have three options: renew, cancel, or move to a paid Extended Service Term (EST) to maintain service continuity.

Recommended Actions

Microsoft recommends partners prioritize work starting with security and access continuity, then move to API and lifecycle changes:

  1. Confirm mandatory security requirements are complete - Ensure MFA is in place, security contacts are set, and alerts are being addressed
  2. Update API integrations - Complete Graph migration, add Marketplace Purchase Intent, update billing APIs, and prepare for MFA claims
  3. Use the Security workspace - Identify gaps and track progress toward compliance
  4. Plan for EST lifecycle changes - Review revised timelines with customers ahead of renewal dates
These updates are designed to protect customers and strengthen the reliability of systems partners depend on daily. Taking action now reduces the risk of disruption and keeps operations ready for what's next.

Sources:

Microsoft Partner Blog: Simplify and scale operations with the latest technical and API enhancements