We're pleased to announce General Availability of the Microsoft Information Protection SDK!

Back in April, we revealed the Microsoft Information Protection SDK public preview. Today, we’re happy to announce that the SDK is now generally available and ready for you to build into your own applications!


Microsoft Information Protection

At Ignite 2017, we announced our plans to bring together the management of Azure Information Protection, Office Information Protection, and Windows Information Protection. Microsoft Information Protection is the result of our work to unify the management experience across all these services in Office 365 Security and Compliance Center.

For more on the Microsoft Information Protection story, check out this blog post: http://aka.ms/MIP-Ignite2018


Microsoft Information Protection SDK

The Microsoft Information Protection SDK brings the classification, labeling, and protection capabilities of Microsoft Information Protection into a simple, lightweight, cross-platform software development kit that enables any application to label and protect information. The labels and protection are consumable by Azure Information Protection, Office apps, Office 365, and any application or service that has integrated the Microsoft Information Protection SDK.

Bringing the labeling and protection capabilities that have existed in Office to line of business applications, as well as third-party PDF viewers, CAD/CAM applications, and other SaaS applications is a critical component of the information protection story. The Microsoft Information Protection SDK enables Microsoft partners and customers to build those integrations to protect data at creation, detect movement across trust boundaries, and to prevent accidental or malicious leakage of sensitive information.


Technical Details

The GA release is supported on the following platforms.


  • Any supported version of Windows Server and client
  • MacOS High Sierra and Later
  • Ubuntu 16.04
  • Debian 9
  • RedHat Enterprise Linux 7
  • iOS (Public Preview)
  • Android (Public Preview)

The SDK also requires the use of a C++11 compliant compiler.


Getting Started

The Microsoft Information Protection SDK binaries can be downloaded here: https://aka.ms/MIPSDKBinaries

The files for each platform and API are named as follows:


mip_sdk_API_OS_1.0.41.zip (or .tar.gz)

For example, the protection API binaries and headers on Debian look like:



Each ZIP or tarball contains three directories:

  • Bins: The compiled binaries for each platform architecture, where applicable.
  • Include: The Microsoft Information Protection SDK header files
  • Samples: Source code for the sample applications


Sample Applications

We've published a few sample applications on GitHub to help get you started with the SDK. These first few samples provide examples of authentication and simple examples of the File, Policy, and Protection APIs. We'll continue to add to the set of available samples in the months following GA.






If you're attending Ignite this week or looking to view online, check out the following sessions:


Tom Moser, @milt0r, Sr. Program Manager – Azure Information Protection

Occasional Visitor

Hi Tom,


I haven't played around with the public review release, but been working with the AIP SDK and now looking to see how MIP could benefit us. I am trying to use the File API to list the avialble labels but keep getting the bellow error, any ideas.


C:\Dev\MIP\mip_sdk_file_win32_1.0.36\bins\debug\amd64>.\file_sample.exe --username "XXXXX" --password "XXXXXX" --listlabels
Something bad happend: Failed to parse the acquired Compliance Policy. Failed with: [class mip::CompliancePolicyParserException] Tag not found : policy, NodeType: 15, Name: No Name Found, Value: , Ancestors: <SyncFile><Content>, correlationId:[34668a40-bb6a-4ef8-b2af-00005aa67409]


I can however, use the protection API which does list all of the RMS Protection templates.


Would appreciate your help and ideas!




Senior Member
Occasional Contributor

Any plans on a .NET SDK or Web API?


Yes, it's available at https://aka.ms/mipsdkbins. No plans for web APIs just yet.

Senior Member

Hi, Tom


I'm sorry I can't speak English very well.


When will you support Unicode        (std::string -> std::wstring)


Thanks, Jinsik


Hi Jinsik! @진식 박진식


We are in the process of releasing documentation on this and should have something published in the next few days. The SDK itself expects that all input will be in UTF-8. Strings are also returned in UTF-8. Conversions to other encoding types must be handled in your code. The samples included in the SDK package (https://aka.ms/mipsdkbins) will have updated examples of the conversion. 


Edit: The doc is live! https://docs.microsoft.com/en-us/information-protection/develop/faqs-known-issues#question-how-does-...






Regular Visitor

Hi, the link to the downloads page seems to be broken, can you do something about it? I would like to test the SDK. Thank you very much!


@Pablo Lorenceau apologies, I broke it on Friday and didn't discover that the landing page hadn't published until over the weekend. It's set to publish now and should be available shortly.

Regular Visitor

@Tom MoserNice, I just checked it out and the site loads as expected. Thank you!

Regular Visitor

Hi @Tom Moser - I was previously successfully able to apply labels using the .NET SDK , however in the past couple of hours I've been getting the error "HandleRestClientError - REST Service is disabled for publishing for this user". I haven't been able to find any documentation of what this means or how to fix it. Would you be able to point me in the right direction?


Also, is there any documentation around the ContentState enum? It isn't listed in the reference of enums and structs - https://docs.microsoft.com/en-us/information-protection/develop/reference/mip-enums-and-structs. I am unsure what the different states mean.


Hi @Charissa Upcroft, are you still experiencing this issue? It seems that it could be related to the onboarding control policy being enabled. Can you check that out? From PowerShell you should be able to run install-module aadrm, then get-aadrmonboardingcontrolpolicy.


Not yet. I'm working on that this week. The values are defined in the C++ header file as:


REST, /**< Inactive data stored physically in databases/file/warehouses */

MOTION, /**< Data traversing a network or temporarily residing in computer memory to be read or updated */
USE, /**< Active data under constant change stored physically in databases/file/warehouses etc */



Regular Visitor

Hey @Tom Moser, thanks for getting back to me.


I'm still experiencing the error. I ran get-aadrmonboardingcontrolpolicy, and I get UseRmsUserLicense=false, SecurityGroupObjectId=null, Scope=all, which seems to be the correct setting to not restrict azure rights management. The error is occurring when I call CommitAsync on the file handler. 


Regular Visitor

Hi, I have a question: Does the MIP SDK allow to apply labels to arbitrary data formats (i.e. BLOBs) or just MS Office formats? And furthermore, if this is possible, can Azure RMS be extended to protect BLOBs this way?


Thank you and kind regards,