Skip to main content

CIPP is a M365 Multi-tenant solution by MSPs for MSPS

Central user management

Featuring a simple user management interface, CIPP makes it easy to add, edit, and delete users. Including offboarding users, changing calendar permissions, shared mailboxes and more!

Easy standardisation

Deploy standards across all of your clientbase, making tenants always be in the state you want them to be in. Thanks to alerting and best practices you are able to give your clients the best experience.

Secure and Report

Packing industry best-practice standards and integrations allowing you to report on everything in your M365 tenants, CIPP gives you the tools you need to help secure your customer environments.

What Is CIPP?

CIPP (pronounced "sip") along with being a good thing to do with tea, coffee or whisky is the acronym used to refer to the CyberDrain Improved Partner Portal.

CIPP gives you the ability to administer your customers' Microsoft 365 tenants, manage users, deploy standard policies, and more. CIPP assists you by removing the headaches from current options for Microsoft 365 multi-tenant management and should save you several hours each month at the least!

CIPP comes in two parts - the CIPP UI and the CIPP API.

There are also two aspects to the documentation site - the CIPP Docs and the Swagger information.

Under The Hood

CIPP uses Azure to be as fast as it can be; It's built on top of Azure Functions and Azure Static Web Apps.

The CIPP frontend is built using React and Core UI, it's lightweight and responsive.

The CIPP API is built with PowerShell making it maintainable, making contributions accessible and understandable to the average MSP.

Why Does CIPP Exist?

In 2021, increasingly frustrated at Microsoft's multi-tenant management offerings and vendor inaction, Kelvin Tegelaar created the CyberDrain Improved Partner Portal showing that it isn't hard to do this well.

A quote from our original readme:

I'm kind of done waiting for vendors to catch up to what we actually need. All RMM vendors are proving slow to embrace cloud management features. Microsoft themselves don't understand the Managed Services market, there are vendors that have tried jumping into the gap but either have unreasonable fees, weird constructions, require Global Admins without MFA, or just don't innovate at a pace that's required of cloud services right now.

I'm also annoyed the opaque behaviour that many companies in our market are showing. Most are claiming that working with the Microsoft Partner APIs is difficult, and requires significant development effort. I'm a guy that had no web design knowledge before this and created the first release of this app in 3 weekends. Vendors that claim high difficulty or issues with integration are simply not giving this any priority.

I was recently on a call with one of my friends and he said he was changing the world. That inspired me to change the world just a little bit too. :) I'm hoping that this is one of the tools that make you smile.

Got Questions?

You have questions? That's okay! We're here to help, here are the answers to some common questions about CIPP below and answers to more technical or specific questions in the FAQ.

Who are the developers?

CIPP works with open source contributors, but the project is led and owned by Kelvin Tegelaar. CIPP can have many contributors that supply small corrections to code or major new features. The CIPP project uses a feature and bug-bounty program to develop features with the community.

Check the contributors page for details on all contributors.

How much does it cost?

CIPP is free, open-source software and is available under the AGPLv3 license. Hosting CIPP requires Azure Static Web Apps and Azure Functions at your own cost. Hosting on your own servers or using anything other than Azure isn't supported.

You can, if you wish, donate to support CIPP on GitHub, sponsors at certain levels can have CIPP hosted for them by Kelvin.

Is this secure?

We built CIPP from the ground up with security in mind. It's built with Azure Functions and Azure Static Web Apps and relies on the security provided by Azure Static Web Apps to handle authorization and authentication.

CIPP uses several automated code scanning tools to check for vulnerabilities and make sure that the code is as safe and secure as possible. You are free to audit the code (which you can find in the GitHub repositories linked in the NavBar) and report any issues you find. This is strongly encouraged, as you should never deploy something that you do not understand what it is doing which is why the backend was built on PowerShell.

Paid code security audits may be undertaken as allowed by funding. If you think you've found a security issue please see the security policy for information on how to report these.

How's CIPP funded?

Funding for CIPP comes from the sponsors. CIPP also relies on time and effort from contributors.