Starting in February 2022, you can request access to your customer’s tenant with granular delegated access privileges (GDAP). This way you set up security groups in your own Azure Active directory (Azure AD) tenant to specify which users in your own organisation must have access to a specific customer as a Dynamic 365 administrator, or any role you prefer. This way your consultants and technicians are no longer to be required to be Global admin in the Azure AD tenant.
We recommend that you switch off any existing relationship and request granular delegated admin privileges instead. Basically, Microsoft have added a new permission which ensure that only administer Business Central is administered and not the rest of their Azure Infrastructure.
For more information, please visit the Partner Centre or contact us directly here at Sci-Net.