Problem Statement
One of the most common requirements in Power Automate Integration with SharePoint is to break the inheritance and assign unique permissions to an Item. Though we have an action called Stop Sharing which can impose unique permissions, it still leaves the Site Owners with Full Control access to the item.
Below we can see the parent’s permissions which will be inherited by the child:
On using the Stop Sharing Flow action, it will remove the remaining permissions but retains the Full Control Owners on the item.
Solution
To work around this we will use HTTP action to remove the users
Create the Flow
Let’s head over to Power Automate and create the flow with the trigger “When an item is created” and mention the location at which the flow should run. Currently, we are running this within the March folder in the Revenues Library.
Now let’s add the Send HTTP request action in which we will use the REST API call to break the role inheritance of the current item
We are using the REST URL :
| _api/web/lists/getbytitle(‘Revenues’)/items(ID)/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true) |
And we are setting the CopyRoleAssignment = False as well as setting the clearSubscopes to true so that once the permission inheritance is broken, all the existing permissions will be cleared.
Test the implementation
Now let’s upload a document and see the flow run :
We can see that the flow has run successfully and going to the item’s permission we can see that all the other Site Owner groups have been removed retaining only the created user.
Summary
Thus, we saw how we can use HTTP Action to remove the permissions from an item and impose unique permissions on it. We will see how to grant the item permissions in the coming article.
