Share via

Automating Custom Data Classification and Tagging in Microsoft Purview

Anwar 70 Reputation points
2025-05-13T17:39:54.0766667+00:00

I'm looking to automate the classification and tagging of newly onboarded data sources in Microsoft Purview based on custom rules. Specifically, I have the following questions:

How can I create and automate custom data classification policies beyond the default built-in options in Purview?

Is it possible to automatically apply sensitive data labels based on metadata or the actual content of the data?

How can I ensure that data classification and tagging stay up-to-date when the structure or content of a data source changes?

Any advice on automating these processes directly within Purview would be much appreciated!

Microsoft Security Microsoft Purview
Accepted answer
  1. Ganesh Gurram 7,295 Reputation points Microsoft External Staff Moderator
    2025-05-13T18:20:53.69+00:00

    @Anwar

    Creating and automating custom data classification policies

    You can absolutely create custom classification rules in the Microsoft Purview governance portal using regex patterns or keyword lists to fit your organizational needs. These are applied during scans to classify newly onboarded data.
    However, at this time, custom classification rules must be created manually in the portal. They cannot be created or managed via REST API or SDKs.
    Once your classification rules are in place, you can automate scans to apply them continuously as new data is ingested.

    Applying sensitive data labels automatically

    Yes, Microsoft Purview integrates with Microsoft Information Protection (MIP) to apply sensitivity labels based on data content or metadata. For example, if Purview identifies sensitive information types (like credit card numbers or national IDs), it can trigger auto-labeling policies configured in the Microsoft 365 Compliance Center.
    Labels are not applied directly in Purview — they’re managed via MIP and associated with classification results.

    Keeping classification and tagging up to date

    To keep classification and tagging current with structural or content changes:
    Set up recurring or triggered scans in the Purview portal or via automation tools (e.g., Azure Data Factory). These scans ensure that any schema or content changes are reclassified with the latest rules.

    Automating processes within Purview

    You can automate several aspects of the classification process, including:
    Registering new data sources using the Purview REST API.
    Triggering scans after new data is ingested (e.g., using pipelines or Azure Functions).
    Monitoring changes using Purview Insights or Azure Monitor.
    That said, the creation of classification rules still requires manual setup, and there’s currently no public API for managing them.

    For more details refer: https://learn.microsoft.com/en-us/purview/sensitivity-labels-teams-groups-sites?view=o365-worldwide

    I hope this information helps.

    Kindly consider upvoting the comment if the information provided is helpful. This can assist other community members in resolving similar issues.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.