在 Azure aip 中,我创建了一个应用程序,并获得了所有必需的权限和管理员同意,如 MIP sdk先决条件部分中所述。
这是根据 sdk 创建文件引擎的代码。
public static IFileEngine CreateFileEngine(Identity identity)
{
// If the profile hasn't been created, do that first.
if (profile == null)
{
profile = CreateFileProfile(appInfo, ref authDelegate);
}
// Create file settings object. Passing in empty string for the first parameter, engine ID, will cause the SDK to generate a GUID.
// Locale settings are supported and should be provided based on the machine locale, particular for client applications.
var engineSettings = new FileEngineSettings("", "", "en-US")
{
// Provide the identity for service discovery.
Identity = identity
};
// Add the IFileEngine to the profile and return.
var engine = Task.Run(async () => await profile.AddEngineAsync(engineSettings)).Result;
return engine;
}
在这里,我收到一个异常提示“未配置合规策略”(参见图片)。
我已经签入租户 AIP 统一标签和保护已激活,它与 Office 365 保护中心的敏感度标签同步。(如此答案中推荐的)。
我是租户的全局管理员,令牌是使用我的凭据生成的。
public string AcquireToken(Identity identity, string authority, string resource, string claims)
{
AuthenticationContext authContext = new AuthenticationContext(authority);
string clientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"]?.ToString();
//var clientCred = new ClientCredential(AppInfo.ApplicationId, clientSecret);
var result = Task.Run(async () => await authContext.AcquireTokenAsync(resource, AppInfo.ApplicationId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.Always))).Result;
//var result = authContext.AcquireTokenAsync(resource, clientCred).Result;
return result.AccessToken;
}
我还在 aip 中发布了 4/5 的敏感度标签。
我错过了什么?