Starting your trial

This is the Upkip Trial request page! You can create your Upkip Trial* experience at any time with no help from our side! Just follow the instructions below.

Support is everything!
So, let’s begin!

Before you start:

You need to sign in your Azure AD Tenant at and select the Directory where Upkip resources will be installed
Prepare an Azure Subscription. All Upkip resources will be installed in a single Resource Group within that subscription
Optionally, prepare also an Azure Resource Group for the Upkip services to be installed in


This deployment must be done by a non-guest account in the customer’s tenant who has a role with write permission, such as Owner, for the subscription being onboarded.

More details here:

Step 1.
Delegate resource management access

To be able to properly support, configure and update your Upkip system we would need access to the Upkip resources within your Azure Subscription. For this purpose, we will onboard you as our customer to Azure Lighthouse.

When we do so, the delegated resources (subscription or resource group) in your Azure Active Directory (Azure AD) tenant will be managed by our customer support team through Azure delegated resource management. ICB will be the Upkip Service Provider for you.
You will be able to manage this access Delegation via the “Service Providers” menu in Azure Portal:

There are two options to proceed:

Delegate access to the target Subscription.

  • To do this, you need to have Owner role assigned on the target Subscription

Delegate access to the target Resource Group.

  • To do this, you need to have Owner role assigned on the target Resource Group 
  • Make sure you have prepared the target Resource Group

By clicking on either of the buttons above you will be redirected to the Custom deployment page in Azure Portal:

Preview the Delegated Access deployment page. Pay special attention to:

  • Subscription
  • Region
  • Resource Group Name
  • Authorizations


Input and/or change required parameters (e.g. Subscription and/or Resource Group)

  • Follow and complete the delegation wizard as prompted
  • A new Deployment entry will be created under Deployments for the target Subscription or Resource Group accordingly


After the deployment has finished successfully:

  • Click on the Outputs view from the Deployment Overview page (this can be also be accessed from the Subscription/Deployments blade)

Locate the upkipSetupToolURL output parameter and follow the link to download the package
Unarchive the package in a local folder

Step 2.
Setup configuration

Run the PowerShell script file “Setup.ps1” as Administrator
The script may be carefully examined by the customer. It will perform the following activities:

  • Validate customer input
  • Install any unavailable required Azure PowerShell modules
  • Prompt the user to authorize against the target tenant
  • Create Resource Group, if necessary
    Create App Registrations required by the Upkip system:
  • Some applications will be assigned with access to the target Resource Group
  • Admin Consent will be granted for some applications API permissions
  • Create local certificates for some AAD App credentials (these certificates can be deleted safely later)
  • Configure AAD users and groups to serve system needs
  • Upon completion, will send a request for a new environment to the Upkip installation services


The script requires the executing user to provide values for the following parameters:

  • “companyName”: The free-form name of the customer’s company;
  • “companyShortName”: The unique code of customer’s company. The code can be composed of maximum 5 characters. The code can be composed of only letters or digits;
  • “tenantId”: The unique identifier of your Azure Active Directory tenant;
  • “subscriptionId”: The unique identifier of the target Azure Subscription;
  • “resourceGroupName”: The name of resource group which will be used to accommodate Upkip related resources;
  • “resourceGroupLocation”: The desired Azure location for Upkip related resources (e.g. West Europe);
  • “basePlatformGroupName”: The desired name of root Upkip system Azure Active Directory group;
  • “contactPersonEmail”: The email of customer’s primary contact;
  • “contactPersonFirstName”: The first name of customer’s primary contact;
  • “contactPersonLastName”: The last name of customer’s primary contact;


For the purposes described the following access is required for the user executing the script:

Subscription Contributor:

  • Create resource group
  • Create roles assignments on the resource group for the system applications


AAD Global Administrator:

  • Create/update apps and their permissions
  • Create/update user groups and memberships
  • Create system internal Notifier user
  • Grant admin consents for some API application permissions

Step 3.

  • If you have completed the steps above successfully, your request will be processed shortly (typically 2h)
  • You can monitor the progress by observing the Deployments blade of the target Resource Group that you have selected for the Upkip services
  • Once the deployment is complete, an email with basic introductions will be sent to the provided contact person


If you experience any issues, feel free to get in contact with us.

* Upkip Trial will put some minimal costs to your subscription