How-to
Set up an approval chain rule
Goal
Require that an inbound multi-party message has passed through a specific set of approvers before reaching the final recipient.
How the chain is identified
Every multi-party ciphertext produced by MultiEncryptMessageUsingSharedKeyAsync binds the chain into the envelope's RECEIVER field — semicolon-separated, in the order specified at encrypt time. When the final recipient calls MultiDecryptMessageUsingSharedKeyAsync, the recovered plaintext envelope carries the full chain, so a policy rule can match on it.
Code
// Rule: only accept messages that have been through HR AND Legal
await policies.AddPolicyRuleAsync(new PolicyRule(
Sender: "*",
Destination: "mp:[hr.acme.com,legal.acme.com]",
Realm: "default",
Direction: "inbound",
Effect: "allow")); The mp:[...] destination matches inbound multi-party messages whose chain includes all listed parties. Order does not matter and extras are allowed.
Wildcard chains
// Any multi-party chain at all (regardless of who's in it)
await policies.AddPolicyRuleAsync(new PolicyRule(
"*", "mp:*", "default", "inbound", "allow")); See also
- Encrypt to multiple recipients How-to
- Verify the multi-party chain How-to