Create a partner service account

Cloud User Hub uses a service account with the least privileged access in all customer tenants to connect to the Microsoft Partner Center.

Create a dedicated Cloud User Hub service account

Sign in to the Azure Active Directory Admin Center
Choose Users
Click New user > Create new user
Populate the required User name and Name fields.
We recommend using a username that easily identifies this user as the Cloud User Hub service account.
Click on the n groups selected link next to "Groups"
Select AdminAgents from the "Groups" list, then click Select
Click on the User link next to "Roles"
Select Global Admin from the "Directory Roles" list for the initial service account setup
After setting up the service account in Cloud User Hub, you can lower the account's role from Global Admin to Billing Administrator if required.
Set a Usage location
Click Create to add the service account

Verify your Cloud User Hub service account settings

Sign in to the Azure Active Directory Admin Center with the newly created Cloud User Hub service account
Update your password when prompted
Ensure MFA is configured
MFA is a requirement both for Microsoft Partner Center and Cloud User Hub.
Once MFA is configured, it directs you to the Microsoft Partner Center portal
Select Users
Choose your Cloud User Hub service account
Click Groups
Ensure the user is a member of AdminAgents
Click Assigned roles
Ensure the user is assigned the Global administrator role

Now that you have configured your service account, you can begin the Cloud User Hub onboarding process.