Azure Information Protection Developer's Guide
This guide will orient you to tools for extending and integrating with Azure Information Protection’s rights management service.
The current Azure Information Protection SDK has the rights management component. A classification and labeling component are under development.
Service applications provide capabilities to protect information when exporting from an enterprise content management system, a business application, or a cloud-based business solution. Data Loss Prevention (DLP) and Cloud Application Security (CAS) applications are examples of service applications. Our SDK for developing service applications is available through two programming models.
Examples of service applications
- IpcDlp is a sample RMS-enabled DLP application that takes you through the basic steps that a DLP RMS-enabled application should perform by using the RMS File API for protecting and consuming restricted content.
- IpcAzureApp is a sample that demonstrates how to use RMS SDK in Azure applications to protect data in an Azure Blob Storage.
- RmsFileWatcher is a sample that demonstrates how to build a Windows application that watches directories in the file system and applies RMS protection policies on every change, for example file added or file modified.
- ProtectFilesInDir is a simple console application sample that takes a directory as input and protects all the files in that directory only, no recursion.
Used by Azure Rights management administrators, PowerShell cmdlets are also useful for developing and testing your service applications. For more information, see Using PowerShell with the Azure Information Protection client.
User applications can be built with either the RMS SDK 2.1 or the RMS SDK 4.2. The 4.2 version is REST client based with operating system specific APIs for several popular OSs; iOS/OSX, Android, Linux, Windows. The 2.1 version is used for building native Windows-based applications.
User application development guides
User application samples
- AzureIP Test is a sample console application that allows you to encrypt documents with an Azure template or an ad-hoc policy.
- IPCNotepad is a sample RMS-enabled application that takes you through the basic steps each RMS-enabled application should perform when protecting and consuming restricted content.
- RmsDocumentInspector is a tool can give information about any RMS protected file such as content-id or user rights.
Development environment setup
The following guides lead you through OS specific setup steps for an application development environment using common tools.
Each of the following topics presents specific guidance for an aspect of implementing your application. Service applications are built using the RMS SDK 2.x. User applications are built using RMS SDK 4.x. The article link is attributed with the application type; service, user.
- How to enable document tracking and revocation (service)
- How to deploy your client
- How to deploy your service app into a different tenant
- How to install and configure an RMS Server (service)
- How to use document tracking (user)
- How to renew a symmetric key in Azure Information Protection
Security and authentication
- How to configure your app service application to use Azure Active Directory login
- How to use Azure Active Directory Authentication (ADAL) authentication
- Configuring Azure RMS for authentication (service)
- How to set the API security mode (service)
- Enable your applications to use Azure RMS (service)
- How to register and RMS enable your app with Azure AD (user)
Configuration and performance management
- How to add explicit owner rights (service)
- File API configuration (service)
- How to use built in rights (user)
- How to enable error and performance logging (user)
These videos are from the Microsoft 2016 Ignite conference
- Email security inside your org
- Adopt a comprehensive identity-driven solution for protecting and sharing data securely
- Learn how classification, labeling and, protection delivers persistent data protection
- Security best practice guide
- RMS Developer's Corner (blog)
- Frequently Asked Questions for Azure Information Protection
Message protocol and file formats
Rights Managed email message
- Windows API Reference
- Windows Phone and Windows Store API reference
- iOS/OSX API reference
- Android API reference
- Linux API reference
- AD RMS SDK is the first version of the RMS SDK.
- AD RMS Scripting Tool is an administrative tool for an AD RMS installation.
Before commenting, we ask that you review our House rules.