Get sensitivity labels error - Compliance policy not configured: missing <policy> tag

Question

In Azure aip I have created an app, given all required permission and admin consent like described here in MIP sdk prerequisite section.

Here is the code as per the sdk to create the file engine.

public static IFileEngine CreateFileEngine(Identity identity)
{
            // If the profile hasn't been created, do that first. 
            if (profile == null)
            {
                profile = CreateFileProfile(appInfo, ref authDelegate);
            }

            // Create file settings object. Passing in empty string for the first parameter, engine ID, will cause the SDK to generate a GUID.
            // Locale settings are supported and should be provided based on the machine locale, particular for client applications.
            var engineSettings = new FileEngineSettings("", "", "en-US")
            {
                // Provide the identity for service discovery.
                Identity = identity
            };

            // Add the IFileEngine to the profile and return.
            var engine = Task.Run(async () => await profile.AddEngineAsync(engineSettings)).Result;

            return engine;
} 

Here I am getting an exception saying "Compliance policy not configured" (See the image).

I have already checked in tenant AIP unified labelling and protection is activated and it's in sync with office 365 protection center's sensitivity labels.(Like recommended in this answer).

I am the global admin of the tenant and the token is generated using my credential.

public string AcquireToken(Identity identity, string authority, string resource, string claims)
{
            AuthenticationContext authContext = new AuthenticationContext(authority);
            string clientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"]?.ToString();
            //var clientCred = new ClientCredential(AppInfo.ApplicationId, clientSecret);
            var result = Task.Run(async () => await authContext.AcquireTokenAsync(resource, AppInfo.ApplicationId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.Always))).Result;
            //var result = authContext.AcquireTokenAsync(resource, clientCred).Result;
            return result.AccessToken;
 }

I have also 4/5 sensitivity labels published in aip.

What am I missing ?

Answer 1

You can either publish a policy in Office 365 Security and Compliance Centre to your users/groups, or copy your AIP policies to S&CC from the Azure portal (Azure Information Protection - Unified labeling / Copy policies (Preview). That should fix the issue.