How to integrate Azure Information Protection with Exchange transport Rules

In this post we will discuss the current possibility of integration of the Azure Information Protection and Exchange Online products.

In particular we will talk about how to generate a Exchange transport Rules based on  Azure Information Protection labels.

We know that the normal is to use the Azure information protection client to apply permission-based templates and not forward template (Outlook client), but there are situations that are not covered by these scenarios.

Our scenario will be to apply the template not forward to all mails with a General label and to be sent externally to our organization:

  • The first step is to have the GUID of the label that we want to apply in the Exchange transport rule, for this we have to access the Azure Information Protection portal, select the label at the copy the GUID


  • Access the label and copy the GUID

  • The next step is to create a transport rule based on the scenario, for this it is necessary to access the Exchange Online administration portal and create a transport rule


  • Click create new rule with the fields that appear in the following screen


With this configuration when a user applies the General label to an email and it is sent outside the organization, Exchange transport rule applies the not forward template created by default in the Azure Information Protection service.

In this will be the result to the user who receives the mail outside the Exchange organization.

When the mail is open you can see with the possibility of being able to perform forward


Modern Workplace Tech appreciates the reading and hopes it has been of interest.

Microsoft article:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.