...
This configuration includes specific AIP labels and their corresponding classifications, defining how the agent translates its internal categorizations into a format that AIP can recognize.
How to get MIP labels from Azure
We can get the labels configured in customer’s Azure using the Fetch MIP labels from Azure in power tools.
...
It accepts all the required details from the user (tenantId, appName, clinetId, clientSecret, emailId) as inputs and prints out the available MIP labels as output.
...
The output format:
| Code Block |
|---|
{
"siteId": "tenant_id",
"labels": [
{
"id": "label_id",
"name": "label_name",
"method": "label_assignment_method", // always Priviledged
"contentBits": type of content marking applied // always 3
}
]
} |
| Info |
|---|
Reference: https://learn.microsoft.com/en-us/information-protection/develop/concept-mip-metadata |
This utility will use application permissions in azure app and the following API permissions need to be provided to it (with admin consent):
Microsoft Graph → InformationProtectionPolicy.Read.All
Microsoft Information Protection Sync Service → UnifiedPolicy.Tenant.Read
Configurable Tags
The agent also provides the functionality to write fully customized metadata entries.
...