Public/Initialize-CustomerTenant.ps1

function Initialize-CustomerTenant {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory)]
        [string]$CustomerTenantId
    )

    try {
        # Step 1: Connect to partner tenant
        Write-ModuleLog -Message "Connecting to partner tenant..." -Level Info -Component 'CustomerInitialization'
        Connect-CustomerGraph -CustomerTenantId $script:Config.PartnerTenantId

        # Step 2: Get customer info and show instructions
        $customer = Get-PartnerCustomer -CustomerTenantId $CustomerTenantId
        if (!$customer) {
            Write-ModuleLog "Customer with tenant ID $CustomerTenantId not found" -Level Error -Component 'CustomerInitialization' -ThrowError
            return
        }
        Write-ModuleLog -Message "Setting up application consent for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
        Write-Host "`nInstructions:" -ForegroundColor Yellow
        Write-Host "1. Log in using the Curanet-provided admin credentials in a Microsoft Edge inPrivate window (admin@$($customer.DefaultDomainName))" -ForegroundColor Cyan
        Write-Host "2. You will be asked to change the password - change it to something random, it does not matter" -ForegroundColor Cyan
        Write-Host "3. Consent to their GDAP invitation from the Curanet control panel" -ForegroundColor Cyan
        Write-Host "4. When logged in and ready, continue here" -ForegroundColor Cyan
        Read-Host "`nPress Enter to continue"


        # Step 3: Create GDAP relationship
        Write-ModuleLog -Message "Creating GDAP relationship for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
        $relationship = New-GDAPRelationship -CustomerTenantId $CustomerTenantId

        # Step 4: Show invitation link
        $InvitationLink = "https://admin.microsoft.com/AdminPortal/Home#/partners/invitation/granularAdminRelationships/$($relationship.Id)"
        Write-ModuleLog -Message "GDAP relationship created." -Level Info -Component 'CustomerInitialization'
        Write-ModuleLog -Message "Invitation link: $($InvitationLink)" -Level Info -Component 'CustomerInitialization'
        Write-ModuleLog -Message "Please accept the invitation link to grant access to the customer" -Level Info -Component 'CustomerInitialization'

        # Step 5: Wait for approval
        if (Wait-GDAPApproval -RelationshipId $relationship.Id) {
            # Step 6: Set GDAP permissions
            Write-ModuleLog -Message "Setting up GDAP permissions for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
            Set-GDAPPermissions -RelationshipId $relationship.Id

            # Step 7: Set up application consent
            Write-ModuleLog -Message "Setting up application consent for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
            Set-ApplicationConsent -CustomerTenantId $CustomerTenantId -Force

            # Step 8: Connect to customer tenant and set up admin user
            Write-ModuleLog -Message "Setting up administrator account for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
            New-AdminUser -TenantId $CustomerTenantId

            # Step 9: Set up company branding
            Write-ModuleLog -Message "Setting up company branding for $($customer.DisplayName)" -Level Info -Component 'CustomerInitialization'
            Add-CompanyBranding -TenantId $CustomerTenantId

            Write-ModuleLog -Message "Tenant initialization completed successfully!" -Level Info -Component 'CustomerInitialization'
        }
    }
    catch {
        Write-ModuleLog -Message "Failed to initialize tenant: $_" -Level Error -Component 'CustomerInitialization'
    }
    finally {
        Write-ModuleLog -Message "Disconnecting from partner tenant..." -Level Info -Component 'CustomerInitialization'
        Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
    }
}