SafeBase

Enterprise customers can leverage SafeBase's integration with Microsoft Purview labeled files. This allows for specific files to be encrypted at rest at the file level, and allows an organization to maintain control over the users who can decrypt them. 

The organization's Azure tenant has a valid subscription to MP. 

The organization has created a valid MP label. 

- The SafeBase app will reapply a new, email-scoped label for each customer who downloads a protected file.

- The organization's Azure tenant has a valid subscription to MP. 
- The organization has created a valid MP label. 
  - The SafeBase app will reapply a new, email-scoped label for each customer who downloads a protected file.

Organizations should reach out to their dedicated CSM and ask about the add-on

Once the integration is active, navigate to Settings &gt; Documents &gt; Microsoft Purview Protection in the Trust Center.

Choose Microsoft Purview in the Encrypted Document Provider dropdown.

Enter the Azure Tenant ID. This is found in the Azure portal <a href="https://portal.azure.com/#settings/directory" rel="nofollow noopener noreferrer" target="_blank">Directories + subscriptions</a> settings.

An Azure administrator (or other privileged user with permissions to approve new apps) will be required to complete the approval process. The OAuth connection requires the following permissions:

A new service principal will be created that has the following permissions:

- UnifiedPolicy.Tenant.Read - Access to the policy configurations for MP
- Content.Writer - Create protected content with labels.
- Content.SuperUser - Read content that has already been labeled.
- Application.Read.All - For SafeBase to log data and read the service configuration for MP.

After successfully connecting, navigate back to the Trust Center settings. 

Upload your encrypted files with the appropriate label that allows for all authenticated users to access the file. 

Notify the SafeBase team of the files that are MP labeled. 

- A SafeBase team member will adjust the content as MP labeled on our end.

After this has been completed, the MP-labeled files will have a tooltip distinguishing them from other, non-labeled files. This tooltip will indicate to the user that this file will take slightly longer to download.

These files will be scoped to the domain of the user who downloads the file from the Trust Center. Access will expire after 30 days. 

- Organizations should reach out to their dedicated CSM and ask about the add-on
- Once the integration is active, navigate to Settings &gt; Documents &gt; Microsoft Purview Protection in the Trust Center.
- Choose Microsoft Purview in the Encrypted Document Provider dropdown.
- Enter the Azure Tenant ID. This is found in the Azure portal <a href="https://portal.azure.com/#settings/directory" rel="nofollow noopener noreferrer" target="_blank">Directories + subscriptions</a> settings.
- Click Connect. 
- An Azure administrator (or other privileged user with permissions to approve new apps) will be required to complete the approval process. The OAuth connection requires the following permissions:
 
 
 
- Click on Allow, 
- A new service principal will be created that has the following permissions:
 - UnifiedPolicy.Tenant.Read - Access to the policy configurations for MP
 - Content.Writer - Create protected content with labels.
 - Content.SuperUser - Read content that has already been labeled.
 - Application.Read.All - For SafeBase to log data and read the service configuration for MP.
- After successfully connecting, navigate back to the Trust Center settings. 
- Upload your encrypted files with the appropriate label that allows for all authenticated users to access the file. 
- Notify the SafeBase team of the files that are MP labeled. 
 - A SafeBase team member will adjust the content as MP labeled on our end.
- After this has been completed, the MP-labeled files will have a tooltip distinguishing them from other, non-labeled files. This tooltip will indicate to the user that this file will take slightly longer to download.

- These files will be scoped to the domain of the user who downloads the file from the Trust Center. Access will expire after 30 days.

See how you can upload your MP protected documents to SafeBase.

Integration - Microsoft Purview

Blog

Home

Resource Center

About Us

Women in Trust

Careers

Pricing

Trust Center

Resources

Company

Customer Trust Centers

Login

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Integration - Microsoft Purview

Overview

Prerequisites

Setup