Reputation: 77
Apply Sensitivity Labels to Microsoft Exchange Mail via .NET core code
I would like to apply sensitivity labels to emails programmatically. I have successfully obtained the email ID (message ID) and sensitivity label ID using Graph API in .NET Core Application C#.
However, I cannot find an endpoint within the Microsoft Graph API or any other way via code that allows me to apply the sensitivity label directly to the email.
I have necessary APP Permission and App details like tenant id, client id etc.
I don't want to download email file and apply sensitivity label like any other file. Just like graph API support updating content and subject of exchange email. Can we apply labels as well.
Thank you in advance for your help.
Upvotes: 1
Views: 379
Answers (1)
Reputation: 22032
You can't currently do this in the Graph API for the mail endpoints as there is no equivalent to https://learn.microsoft.com/en-us/graph/api/driveitem-assignsensitivitylabel?view=graph-rest-1.0&tabs=http for any of the mail endpoints. You can do it in the Mail Addin at compose time https://learn.microsoft.com/en-us/javascript/api/outlook/office.sensitivitylabel?view=outlook-js-preview#outlook-office-sensitivitylabel-setasync-member(2). If you need to do automated email and set sensitivity labels it appears that you can do this using the Power platform see https://platformsofpower.net/how-to-send-emails-from-power-apps/ (not sure its supported as the documentation doesn't mention this ability.
Unsupported
One other option that does appear to work but isn't documented or supported is to use extended properties eg to send a high confidential email to all employees (unrestricted)
{
"message": {
"subject": "Test confidential Message",
"body": {
"contentType": "HTML",
"content": "The is confiential"
},
"toRecipients": [
{
"emailAddress": {
"address": "[email protected]"
}
}
],
"internetMessageHeaders": [
{
"name": "X-MS-Exchange-Organization-ModifySensitivityLabel",
"value": "defa4170-0d19-0005-0004-bc88714345d2;defa4170-0d19-0005-000a-bc88714345d2"
}
],
"SingleValueExtendedProperties": [
{
"Value": "MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_Enabled=True;MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_SiteId=xxxxx-xxxx-4795-bb19-f8364545cd00;MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_SetDate=2024-09-19T00:43:11.078Z;MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_Name=All Employees;MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_ContentBits=0;MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_Method=Privileged;",
"Id": "String {00020386-0000-0000-C000-000000000046} Name msip_labels"
}
]
}
}
the value for SiteId=xxxx-xxxx...
MSIP_Label_defa4170-0d19-0005-000a-bc88714345d2_SiteId=xxxxx-xxxx-4795-bb19-f8364545cd00
needs to be set to your own Office365 tenantid
the defa4170-0d19-0005-000a-bc8871 is one of the well-known labels https://techcommunity.microsoft.com/t5/security-compliance-and-identity/advanced-hunting-for-microsoft-purview-data-loss-prevention-dlp/ba-p/3821330
Upvotes: 1
Related Questions
- What are the tradeoffs between the different MIP SDK options for the bulk assignment of sensitivity labels?
- Mircosoft Graphs API /common vs /{{tenant}}
- Programmatically apply sensitivity labels to file - Can fetch labels but not apply them
- Could not use Graph API and Exchange scope in one auth flow of microsoft graph API
- How to use Microsoft MIP SDK from Python?
- How to apply a sensitivity label to a document in SharePoint Online programmatically?
- AIP Sensitivity Labels added via Power Automate
- Update sensitivity label to office365 group using graph api
- Microsoft Graph API .NET not able to read shared mail