HomePower Automate

Assign Unique Permissions to SharePoint items using Power Automate

kspriyaranjan
By kspriyaranjan
0
486

Problem Statement

Workaround

Get SharePoint Security Group Information

Assign Permissions

Test the implementation

Summary

Problem Statement

This is a continuation of the article posted here where we saw how to break the inheritance on an item and clear the permissions. In this article, we will see how we can assign unique permissions to an item. Though we have a flow action to assign permissions, it does not allow us to assign SharePoint Security groups to the item. We can only specify the users shown below:

In addition to that, it allows us to set only View and Edit permissions which is a very limited functionality.

Workaround

To overcome this, we will use HTTP Request action to assign the permissions on to the item.

Here we will be doing the below steps:

  • Get the SharePoint Security Group Information using HTTP Request
  • Add the group to the Items permission with the required Permission Role

Let’s head over to Power Automate and start from where we left off in the previous article. We had already broken the inheritance and cleared off all the permissions.

Get SharePoint Security Group Information

We will use the Send HTTP Request action to get the information on the Auditors group which we will be adding later with the Contribute Role to the item. The ID of the Auditors group will be present in the body returned from this request which is what we are most interested in for the next step.

Assign Permissions

Now we will assign the Auditor group with Contribute permission to the item. For this, we need the below information.

  • Auditor Group ID – This is present in the Body of the previous HTTP Request and we will access it as :
body(‘Get_Auditor_Group_Info_-Send_an_HTTP_request_to_SharePoint’)[‘d’][‘id’]
  • roleDefinition ID : We need the ID for the Contribute role to use the the REST URL which is 1073741827

Now that we have the information required to create the Rest call, lets add the flow action and use the below REST API in the HTTP request as shown below:

_api/lists/getByTitle(‘Revenues’)/items(‘ID’)/roleassignments/addroleassignment(principalid=<Expression>,roledefid=1073741827)

Test the implementation

Now let’s upload a new document and see the flow run status:

We can see that the flow has run successfully and let’s head over to SharePoint and see the permissions for the item.

We can see that the Auditors group has been added successfully with the Contribute permission.

Summary

Thus, we saw how we can break inheritance for an item and add a SharePoint Security Group with a particular Security Role on to the Item.

Previous article
Power Automate: Convert Doc Files to PDF
Next article
Check if the Site Page is published or not using HTTP Action and Version Number verification
kspriyaranjan
kspriyaranjan

Related Articles

Author

Author

Priyaranjan KS is a Modern Workplace Architect primarily focused on developing and architecting solutions around Office 365,Power Platform and Azure.He is also a Microsoft Most Valuable Professional(MVP) and a Microsoft Certified Trainer(MCT)

Latest Articles

Load more