admin管理员组

文章数量:1435787

Using the C# wrapper of the MIP SDK I've been trying to protect documents and revoke access to documents. Protection and revocation both work fine when the JWT token is retrieved through an PublicClientApplication using the username and password of an Office account with an Office 365 license (both in the File and Protection component). However, when I try to revoke access to a document using an Azure App Registration secret/certificate the following exception is thrown:

...
Microsoft.InformationProtection.Exceptions.NoPermissionsException: Received message User has no right to revoke the document. 
User doesn't have premium license. when targeting , 
NoPermissionsError.Category=NotPremiumLicenseUser, 
...

The token returned from the following PublicClientApplication code in combination with different App Registration API permissions works fine:

// Snippets of the IAuthDelegate implementation
...
var app = PublicClientApplicationBuilder.Create(config.ClientId)
            .WithAuthority(authority)
            .WithDefaultRedirectUri()
            .Build();

var result = app
               .AcquireTokenByUsernamePassword(scopes, config.Username, config.Password)
               .ExecuteAsync();

return result.AccessToken;
...

However, when I use the a secret, in combination with different combinations of API permissions, the exception from earlier is thrown.

// Snippets of the IAuthDelegate implementation
...
var app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
            .WithAuthority(authority)
            .WithClientSecret(config.Secret)
            .Build();

var result = app
               .AcquireTokenForClient(scopes)
               .ExecuteAsync();

return result.AccessToken;
...

Is there a specific combination of API permissions and configuration in the SDK that I am missing or is it simply not possible to revoke access to a document (using the MIP SDK) with an secret/certificate?

本文标签:

版权声明:本文标题:office365 - How to revoke access to a document using an Azure App Registration secretcertificate - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745616415a2666427.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。