IRM lets you apply restrictions on a per-user, per-file, or per-group basis (group-based permissions require Active Directory directory service for group expansion). Information contained in the workbook is not sent to the licensing server. Downloading permissions requires that Microsoft 365 send your credentials, which includes your e-mail address, and information about your permission rights to the licensing server. In other words, content with restricted permission cannot be opened without a use license. This process is required for each file that has restricted permission. The use license defines the level of access that you have to a file. The first time that you try to open a workbook with restricted permission, you must connect to a licensing server to verify your credentials and to download a use license. For example, a company administrator might define a rights template called 'Company Confidential,' which specifies that an e-mail message that uses that policy can be opened only by users inside the company domain. The RMS administrator can configure company-specific IRM policies that define who can access information and what level of editing is permitted for an e-mail message. To use IRM in Microsoft 365, the minimum required software is Windows Rights Management Services (RMS) Client Service Pack 1 (SP1). Using IRM in Microsoft 365, you can rights manage XML Paper Specification (.xps) files and the following file types: