Pinned Posts
Forum Widgets
Latest Discussions
Purview Graph API
Hello. I'm trying to find information on the Purview Graph API and it's endpoints. It looks like the endpoints aren't posted publicly and are listed within an admin console. Can someone help me with how to view the endpoints? Also, are the graph API endpoints capable of reading and creating assets into Purview?
Leveraging Microsoft Graph to Automate Compliance Workflows MS Purview
Background Microsoft Purview provides organizations with capabilities to discover, classify, protect, and govern sensitive information across Microsoft 365 workloads. As organizations increasingly rely on Purview for compliance operations such as auditing, investigations, and regulatory response, there is a growing need to automate these processes beyond the Microsoft Purview portal. Microsoft exposes key compliance capabilities through Microsoft Graph APIs, enabling organizations to integrate Purview operations directly into automation workflows. The Microsoft Purview APIs in Microsoft Graph allow applications to align with data governance, security, and compliance policies defined within the Purview portal, helping ensure that applications handling sensitive information respect organizational controls. Automating eDiscovery Operations with Microsoft Graph The Microsoft Purview eDiscovery APIs available through Microsoft Graph enable organizations to automate repetitive compliance tasks and integrate with existing investigation or legal workflows. These APIs are intended to support litigation, investigation, and regulatory scenarios by allowing administrators to programmatically manage key eDiscovery components such as cases, custodians, searches, review sets, and exports. This capability allows organizations to move from manual portal‑based workflows toward repeatable, policy‑aligned processes integrated into automation platforms or downstream compliance tooling. Programmatic Access to Audit Logs Microsoft Purview Audit captures thousands of operations across Microsoft 365 services and retains them in the unified audit log for security investigations and compliance obligations. Through Microsoft Graph, administrators can now programmatically search and retrieve audit logs using the Purview Audit Search API. This API enables administrators and applications to query and retrieve relevant audit activity logs across workloads such as Exchange, Entra ID, OneDrive, SharePoint, and Intune, providing visibility into user activity and administrative operations performed across the organization. This provides a programmatic alternative to legacy PowerShell‑based audit search methods, improving reliability and enabling automation of compliance monitoring workflows. Supporting Policy‑Aware Applications Applications that integrate with Microsoft Purview APIs through Microsoft Graph can interpret and enforce compliance policies such as sensitivity labels or data loss prevention (DLP) rules. Microsoft documents that apps built using these APIs can prevent data misuse by aligning with compliance and security requirements defined within the organization’s governance framework. This integration also allows enterprise applications to respect sensitivity labels and policy‑driven controls, ensuring that interactions with organizational data remain compliant with regulatory requirements and internal governance policies. Conclusion Microsoft Purview governs organizational data through classification, retention, auditing, and investigation capabilities. Microsoft Graph provides the automation layer that allows these governance controls to be accessed programmatically. By integrating Microsoft Graph with Microsoft Purview APIs, organizations can automate eDiscovery workflows, retrieve audit logs programmatically, and ensure that applications interacting with sensitive data respect compliance policies defined within their Microsoft 365 environment. Learning Resources Use the Microsoft Purview eDiscovery API in Microsoft Graph Use Microsoft Purview APIs for eDiscovery Overview of Microsoft Purview APIs in Microsoft Graph Introducing the Microsoft Purview Audit Search Graph API
Co Authoring with Sensitivity Labels
Hello, I am working with sensitivity labels with my organization. We currently have Standard, Confidential, and Highly Confidential which all are encrypted. I have Co-Authoring turned on but I have some trouble with. We a lot of documents being collaborated on. Standard: Co-Authoring functions normal and Auto-Save is toggled on. Highly Confidential: Custom Permission in Sensitivity Label (View, Edit, Reply, Forward) I asked copilot and it stated even though my permissions are selected custom I have "Edit" on their for my internal users it is reading it as Co authoring; Co-Authoring is on and functioning but internal end users Auto-Save is toggled off and they are being asked to save a copy of the document or excel sheet then upload it again to SharePoint. Why isn't "Auto-Save" toggled on for "Highly Confidential" label? Can it be adjusted so it can be on? Do I have to make adjustments to my permissions in the Sensitivity label? Any help is appreciated. Thank you!
Unified Catalog activity / usage reporting
Hi, We are building out our data products and glossary terms in Purivews Data Governance Unified catalog. I’d like to get some metrics on data consumer activity/usage. Metrics like how many users running searches for terms or data products. How many people navigating into data assets to discover data, etc. I haven’t found any reports like this. Is there any audit logs specific to data governance I can query? I’m trying to gauge user adoption. thanks
Getting sensitivity label working for specific domain
Good morning all I am trying to setup a sensitivity label to work so anyone with '@mail.com' will have access to a document that has this label. I have attempted to apply this in the control access settings with the label under 'Add specific email addresses or domains' However for the life of me, I cannot get this to work, I have tried "*@mail.com. mail.com, mail.com", nothing seems to work. I have run through the MS material on this and can't see anything specific to setting this up. Has anyone been successful in setting this up? Is there a trick I am missing? Grateful for anyone who can help on this!
Purview EXPORTS unreliable and missing "Top-of-information-store" folder
Has anyone noticed an issue where the exported PST files are either empty or missing folders? I don't normally check every PST file that I export, but after hearing from customers that there are either no emails or missing folders, I started to check after each export. I am noticing that the Seach and Export process seems to be fine and the Downloaded PST file show the correct size, but when i open the PST files, I'm seeing that they contain no emails OR they are missing folders - including the "Top-of-information-store" folder. When i look at the Properties > Folder Size settings, i can see that the PST file thinks that all the folders are there. This is incredibly tough to work with since I am now checking each PST file and then having to rerun the search/export/download all over again. It's been like this for about 3 weeks.Sensitivity Label Permissions
Hello, I have set up sensitivity labels within my company. I have Public, Standard, Confidential and Highly Confidential. When testing with my external email (e.g. Gmail and Yahoo) I am prompted to enter the one-time passcode when opening an email from my test account. But then I tested with an external user who has an Outlook email and he was not prompted to enter the one-time passcode. "Authenticated Users" is included in Standard, Confidential and Highly Confidential permission control when setting up the labels. Is this the normal behavior for the one-time passcode only being prompted for Non-Microsoft emails? Can the one-time passcode be prompted for Microsoft (Outlook) domains? Also how can I have multi-factor authenticator apply to my labels for external clients/users? Any help would be much appreciated. Thank you!How to remove/modify a sensitivity label for many SharePoint documents?
We would like to implement Purview sensitivity labels for our SharePoint sites. We would like to use auto labeling. Before we start the implementation, we would like to test some rollback scenario. How to remove/modify a sensitivity label for many SharePoint documents?
