This is a continuation of the article posted here where we saw how to break the inheritance on an item and clear the permissions. In this article, we will see how we can assign unique permissions to an item. Though we have a flow action to assign permissions, it does not allow us to assign SharePoint Security groups to the item. We can only specify the users shown below:
In addition to that, it allows us to set only View and Edit permissions which is a very limited functionality.
To overcome this, we will use HTTP Request action to assign the permissions on to the item.
Here we will be doing the below steps:
- Get the SharePoint Security Group Information using HTTP Request
- Add the group to the Items permission with the required Permission Role
Let’s head over to Power Automate and start from where we left off in the previous article. We had already broken the inheritance and cleared off all the permissions.
We will use the Send HTTP Request action to get the information on the Auditors group which we will be adding later with the Contribute Role to the item. The ID of the Auditors group will be present in the body returned from this request which is what we are most interested in for the next step.
Now we will assign the Auditor group with Contribute permission to the item. For this, we need the below information.
- Auditor Group ID – This is present in the Body of the previous HTTP Request and we will access it as :
- roleDefinition ID : We need the ID for the Contribute role to use the the REST URL which is 1073741827
Now that we have the information required to create the Rest call, lets add the flow action and use the below REST API in the HTTP request as shown below:
Now let’s upload a new document and see the flow run status:
We can see that the flow has run successfully and let’s head over to SharePoint and see the permissions for the item.
We can see that the Auditors group has been added successfully with the Contribute permission.
Thus, we saw how we can break inheritance for an item and add a SharePoint Security Group with a particular Security Role on to the Item.