#Technology

Azure Information Protection (AIP)

AIP unified labeling client

The Azure Information Protection unified labeling client extends labeling, classification, and protection capabilities to additional file types, as well as to the File Explorer and PowerShell.

For example, in the File Explorer, right-click one or more files and select Classify and protect to manage the AIP functionality on the selected files.

Classify and protect from the File Explorer

Download the client from the Microsoft Azure Information Protection download page.

AIP on-premises scanner

The Azure Information Protection on-premises scanner enables administrators to scan their on-premises file repositories for sensitive content that must be labeled, classified, and/or protected.

The on-premises scanner is installed using PowerShell cmdlets provided as part of the unified labeling client, and can be managed using PowerShell and the Azure Information Protection area in the Azure portal.

For example, use the scanner data shown on the Azure portal to find repositories on your network that might have sensitive content at risk:

For more information, see:

What is the AIP unified labeling scanner?
The scanner sections of the AIP unified labeling client - Version release history

Download the scanner installation together with the client from the Microsoft Azure Information Protection download page.

Microsoft Information Protection SDK

The Microsoft Information Protection SDK extends sensitivity labels to third-party apps and services. Developers can use the SDK to build built-in support for applying labels and protection to files.

For example, you might use the MIP SDK for:

A line-of-business application that applies classification labels to files on export.
A CAD/CAM design application provides built-in support for Microsoft Information Protection labeling.
A cloud access security broker or data loss prevention solution reasons over data encrypted with Azure Information Protection.

For more information, see the Microsoft Information Protection SDK overview.

Next steps

To get started with AIP, download and install the unified labeling client and scanner.

Sign up for a free trial (Enterprise Mobility + Security E5)
Download the client
Quickstart: Deploy the unified labeling client

Get familiar with AIP using our initial tutorials:

When you're ready to customize AIP further, see Admin Guide: Custom configurations for the Azure Information Protection unified labeling client.

To get started with the MIP SDK, see Microsoft Information Protection (MIP) SDK setup and configuration.

Additional resources

Top Ignite sessions

See the following recorded sessions from Ignite 2020:

AIP's classic client

The Azure Information Protection classic client is the earlier version of AIP, and enables administrators to manage classification labels directly in the Azure portal.

AIP labels managed in the Azure portal are not supported by the unified labeling platform, are limited to working with the Azure Information Protection client and scanner, and Microsoft Cloud App Security.

We recommend migrating to unified labeling to support these features, as well as SharePoint, Microsoft 365 apps, Outlook for the web and mobile devices, PowerBI data protection, and more. For more information, see Tutorial: Migrating from the Azure Information Protection (AIP) classic client to the unified labeling client.

Note

To provide a unified and streamlined customer experience, the Azure Information Protection classic client and Label Management in the Azure Portal are deprecated as of March 31, 2021. While the classic client continues to work as configured, no further support is provided, and maintenance versions will no longer be released for the classic client.

We recommend that you migrate to unified labeling and upgrade to the unified labeling client. Learn more in our recent deprecation blog.