MFA is required by CSP.
Do accounts that do not use Partner Center at all need not be MFA?
The account is not registered only in Partner Center, and is registered on the AzureAD side.
If this tenant is used for CSP and DAP, yes all users need MFA enforced.
One recommended architecture is to create a dedicated tenant for CSP and DAP users. It will be part of your MPN Global Partnership.
This approach is included in my support offer `` eCoaching Partner Center ''
Christian FUMEY | OnLineO | Consultant & Founder | eCoaching Partner Center
This clear cut answer would be extremely helpful.
We have the majority of users in our tenant irrelevant to the partner portal but appears to use that as the basis for securing it.
Can this be cleared up please?
To add to @ChristianFUMEY 's correct answer - the source for this is in both the Microsoft Partner Agreement (where simply no exception is mentioned) and in the official FAQ: https://docs.microsoft.com/en-us/partner-center/partner-security-requirements-faq#does-each-user-account-in-my-partner-tenant-need-to-have-mfa-enforced
btw - "all user accounts" also mean guest accounts and user account not used by specific person (service accounts, shared accounts)
Get consultations form Technical Presales & Deployment services team via https://aka.ms/technicalservices