Reputation: 1
Unable to open docx from SharePoint document library in browser after applying confidential encrypted sensitivity label to it using MIP SDK
I've created a C# console application that downloads a document e.g. in .doc format from SharePoint Online. It then converts the document to .docx format before ascertaining the sensitivity label to be applied and then sets the label using the Microsoft Information Protection SDK v1.10.97. Then it uploads the document to SharePoint.
There are no errors when the sensitivity label is applied by the program and both restricted and confidential labels are applied. The problem is I am unable to open the documents with confidential (encrypted) labels in the browser afterwards. This works for the restricted (unencrypted) documents, however.
The error pops up: "Sorry, Word can't open this document in a browser because it's protected by Information Rights Management (IRM). To view this document, please open it in the desktop version of Microsoft Word."
Opening the document in the desktop application is undesirable because the customer wants to open it in the browser.
Using the same user account that the program was running as I can log in and create a new document in the browser, add the confidential (encrypted) sensitivity label to it, save and exit the document and then re-open the document again successfully in the browser.
Is this a limitation of the MIP SDK or am I doing something wrong here when I apply the label? Or does the sensitivity label itself need to be set up in a particular way? Any advice greatly appreciated.
Upvotes: 0
Views: 2139
Answers (1)
Reputation: 786
This behavior is expected. Office web apps don't support IRM protected content hosted in SharePoint or OneDrive.
We've shipped a feature to address this, but it must be enabled: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/co-authoring-on-microsoft-information-protection-encrypted/ba-p/2693718
The content isn't encrypted at rest in the service. When the files are downloaded to an endpoint, the service applies protection. This enables full protected co-authoring and provides Office web apps with access to the content.
Upvotes: 0
Related Questions
- Exception decrypting .msg files using MIP SDK: NoPolicyException: Label policy did not contain data
- Problem when trying to read EXCEL after implementing OFFICE 365 "Confidentiality Label"
- Open protected word document with OpenXML
- to save docx as pdf in c# (.net) with policy label
- Decrypting an encrypted office 365 email from MS 365 Personal account using MIP SDK
- How can we encrypt a PDF file using MIP SDK?
- How do I use encryption when calling GetDocument from the DocuSign Rest API
- Open a document in Office via HTTPS
- How to run docpad over ssl?
- Cannot open docx file through webbrowser in app using OpenIn functionality