#Create Admin Relationships in Partner Center

To create an admin relationship with a customer’s Microsoft 365 tenant, complete the following steps in order:

1. [Partner’s Action] Create an admin relationship for a Microsoft 365 tenant.

   You can specify which tenant this relationship is for, the duration, and the appropriate Microsoft Entra roles.

   The following table lists the Microsoft Entra roles that are requested in the admin relationship.

   Name	Description
   Application Administrator	Full access to enterprise applications, application registrations, and application proxy settings.
   Cloud Device Administrator	Full access to manage devices in Microsoft Entra.
   Compliance Administrator	Users with this role have management permissions within in the Office 365 Security & Compliance Center and Exchange Admin Center.
   Directory Writer	Can read and write basic directory information. For granting access to applications, not intended for users.
   Exchange Administrator	Users with this role have global permissions within Microsoft Exchange Online.
   Groups Administrator	Can manage all aspects of groups and group settings like naming and expiration policies.
   Intune Administrator	Users with this role have global permissions within Microsoft Intune Online.
   Power Platform Administrator	Can create and manage all aspects of Microsoft Dynamics 365, PowerApps and Microsoft Flow.
   Privileged Role Administrator	Can manage role assignments in Microsoft Entra lD, and all aspects of Privileged Identity Management.
   SharePoint Administrator	Can manage all aspects of the SharePoint service.
   Teams Administrator	Can manage the Microsoft Teams service.
   User Administrator	Can manage all aspects of users and groups, including resetting passwords for limited admins.

2. [Customer’s Action] Approve requested permissions.

   Once you finalize the request, the Microsoft cloud platform will automatically send an invitation email to the customer’s Global Administrator. The customer's Global Administrator must complete the following steps to grant permissions:

   1. Sign in to the Microsoft 365 Admin Center (admin.microsoft.com).

   2. Navigate to Settings > Partner relationships.

   3. Locate the Granular delegated admin privileges (GDAP) section.

   4. Review the pending request from the partner’s company, including the specified roles and duration.

   5. Click Accept to grant these permissions.

3. [Partner’s action] Add security groups to the relationship.

   Under the Security groups section, click Add security groups. Search for the AdminAgents group and then add it to the relationship.