# How Do I Migrate My CSP to a New Tenant In CIPP? On certain occasions, you will have a need to move your CSP designation from one tenant to another. This most frequently occurs when you are following Microsoft guidance to split your CSP and everyday domains into different tenants or through a merger/acquisition. ## Migration Steps {% stepper %} {% step %} ### Create the CIPP Service Account in New CSP Tenant Be sure to follow all of the account setup steps in [Creating the CIPP Service Account](/setup/installation/creating-the-cipp-service-account-gdap-ready.md) and [Conditional Access Configuration](/setup/installation/conditionalaccess.md) to ensure the service account has the correct permissions and ability to access your tenant and your clients' tenants. {% hint style="warning" %} If you still have trouble accessing client tenants, be sure to add the new partner tenant as a service provider exclusion to their Conditional Access policies. See the bottom of [Conditional Access Configuration](/setup/installation/conditionalaccess.md) for further guidance. {% endhint %} {% endstep %} {% step %} ### Consent to CIPP Permissions Go to the [Setup Wizard](/user-documentation/cipp/sam-setup-wizard.md) and select the option for "First Setup". Click "Authenticate with Code" and authenticate using your new CIPP service account created in Step 1 {% endstep %} {% step %} ### Recreate all GDAP Role Mappings and Templates 1. Go to [Role Mappings](/user-documentation/tenant/gdap-management/roles.md), select all mapped roles, and select "Delete Mappings" from the Bulk Actions dropdown. 2. Click "Map GDAP Roles", select the 15 GDAP roles from the "Select GDAP Roles" dropdown or click "Add CIPP Default Roles" and ensure all 15 are selected. 3. Go to [Role Templates](/user-documentation/tenant/gdap-management/role-templates.md), select all templates, and select "Delete Template" from the Bulk Actions dropdown. 4. Click on the newly surfaced "Create CIPP Defaults" button at the top of the page. Review the created group to ensure it contains all 15 role mappings done previously. 5. Set up any additional role templates you would like to make available to tenant onboarding. {% endstep %} {% step %} ### Onboard Clients to New CSP Tenant 1. If you were previously using [Automated Onboarding](/user-documentation/cipp/settings/partner-webhooks.md), you will need to reset this to function with your new tenant. Navigate to the settings page and click "Submit". This will pull in the new Webhook URL. Optionally enable "Exclude onboarded tenants from top-level standards" if you have additional cleanup to do after migration. 2. Create [Invites](/user-documentation/tenant/gdap-management/invites.md) for each client tenant. You can do one by one or bulk create these links. 3. Have your client's Global Administrator consent to the new GDAP contract. 4. If you have [Automated Onboarding](/user-documentation/cipp/settings/partner-webhooks.md) enabled, CIPP will automatically detect the new contractual relationship and onboard the tenant. If you have this disabled, use the Onboarding Url from the "Invites" table to start the tenant onboarding to CIPP. {% endstep %} {% step %} ### Additional Items to Review 1. Tenant Groups - Any statically assigned tenant groups will need membership created again. Dynamic groups may take a cycle or two of CIPP running to gather all of the necessary features, etc. to properly assign tenants to the groups. 2. Standards & Drift Management - Any statically assigned templates will need to be linked to the newly re-onboarded tenants. 3. Alerts - Any statically assigned alerts will need to be linked to the newly re-onboarded tenants. 4. Scheduled Tasks - Any scheduled tasks that you may have previously created will need to be reviewed to ensure they are targeting the newly re-onboarded tenants. 5. Integration Mappings - Review the mappings table for any configured integrations to ensure they are targeting the newly re-onboarded tenants. {% endstep %} {% step %} ### (Optional) Terminate GDAP Relationships with Old CSP Tenant While no longer tied to CIPP, these relationships may no longer be required. They can safely be terminated manually from the old CSP tenant's Partner Portal as they will no longer appear in CIPP. {% endstep %} {% endstepper %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cipp.app/troubleshooting/frequently-asked-questions/how-do-i-migrate-my-csp-to-a-new-tenant-in-cipp.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.