Executing the Setup Wizard

This guide walks you through the process of executing the Setup Wizard inside CIPP for the first time. The Setup Wizard presents you with multiple options. If this is your first setup, choose the "First Setup" option.

Getting Started with the CIPP Setup Wizard

Begin Setup

Click on "First Setup" to start the configuration process.

Application Registration

On this page, you’ll create the necessary Application Registration in your Microsoft 365 environment. This application is used to manage tenant connections.

Click Authenticate and follow the on-screen instructions to register the application.
Important: Use the dedicated CIPP service account created during the preparation steps.

Tenant Configuration

Choose how you want to connect your tenants. Even if you’re not a Microsoft Partner, we strongly recommend selecting "Connect to Partner Tenant" first. This allows CIPP to manage credentials and application permissions effectively.

You can also add tenants individually, outside your partner relationship.
For these separate tenants, use a service account with equivalent permissions as the partner tenant. More information on these roles can be found under Recommended Roles

Select Baselines

Choose from a list of available configuration baselines. These presets help you quickly apply best practices and policies.

We recommend selecting the CyberDrain Templates for the most optimized standard configurations and receiving templates and examples on how to utilize standards.

Configure Notifications

Set up email notifications on the next page.

Ensure your service account has a mailbox enabled to support email alerts. This can either be a shared mailbox
You can test notification delivery directly from this screen.

Optional Features

The final step presents a list of optional features you can enable to further enhance CIPP’s functionality. Review and configure these as needed. Many of these features are quite powerful and CIPP users often find they greatly enhance their experience and ease the burden of tenant administration.

Common Errors

"Response status code does not indicate success" during Step 2

We have seen Microsoft implement some new secure by design initiatives that are impacting the ability for tenants, especially newly created tenants, from successfully completing the authentication. By default, Microsoft has disabled the ability for Enterprise Applications to add passwords in new tenants. Open up the Entra portal for your tenant. Navigate to Enterprise Applications > Application Policies. View the "Password addition restriction" policy. To remain most secure, leave the policy enabled but set an exclusion for the CIPP-SAM app by selecting "All applications with exclusions" and adding the CIPP-SAM app to the excluded apps list. Wait a bit for the policy to update to apply and then try the Setup Wizard again.

PreviousAdding Users and Managing Roles NextTenant Onboarding

Last updated 3 days ago

Was this helpful?

hashtagGetting Started with the CIPP Setup Wizard

hashtagBegin Setup

hashtagApplication Registration

hashtagTenant Configuration

hashtagSelect Baselines

hashtagConfigure Notifications

hashtagOptional Features

hashtagCommon Errors