cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Helper I
Helper I

Getting SharePoint Permissions

I want to return all users and their associated SharePoint permission group membership to a site or library item.  I have the URL to the site or item.    

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Solution Sage
Solution Sage

Re: Getting SharePoint Permissions

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

View solution in original post

6 REPLIES 6
Highlighted
Dual Super User
Dual Super User

Re: Getting SharePoint Permissions

Hi @rarroyo1 

 

You can check this out : https://www.youtube.com/watch?v=dIzOAbMjN7g 

 

Hope this Helps!

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

Highlighted
Super User
Super User

Re: Getting SharePoint Permissions

hi @rarroyo1 

you can follow this post to see if this is what you need

https://powerusers.microsoft.com/t5/General-Power-Automate/using-Flow-to-grant-access-in-SharePoint/...



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA
Highlighted
Helper I
Helper I

Re: Getting SharePoint Permissions

The link you sent was for a powerapp.  I am using Flow.   I believe I need to use the Send HTTP request to SharePoint, but don't know how to form the API request.

Highlighted
Helper I
Helper I

Re: Getting SharePoint Permissions

Nope.  Don't follow.  

Highlighted
Super User
Super User

Re: Getting SharePoint Permissions

hi @rarroyo1  by using a PA action is not currently available sorry, you have just HTTP request



Did I answer your question? Please consider to Mark
my post as a solution! to guide others :winking_face:

Proud to be a Flownaut!


If you want you can follow me at www.christianabata.com Quieres contenido en español? Síguenos en Power Automate LA
Highlighted
Solution Sage
Solution Sage

Re: Getting SharePoint Permissions

Hello @rarroyo1 

You could use the "Send an Http request to Sharepoint", and use an Uri like this to get the permissions for the site: 

weburl+”/_api/Web/RoleAssignments?$expand=Member,RoleDefinitionBindings”

You will get some results with the groups and their permissions, and will have to parse the results. I attach the schema you should use:

{
    "type": "object",
    "properties": {
        "odata.metadata": {
            "type": "string"
        },
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "odata.type": {
                        "type": "string"
                    },
                    "odata.id": {
                        "type": "string"
                    },
                    "odata.editLink": {
                        "type": "string"
                    },
                    "Member@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "Member": {
                        "type": "object",
                        "properties": {
                            "odata.type": {
                                "type": "string"
                            },
                            "odata.id": {
                                "type": "string"
                            },
                            "odata.editLink": {
                                "type": "string"
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "IsHiddenInUI": {
                                "type": "boolean"
                            },
                            "LoginName": {
                                "type": "string"
                            },
                            "Title": {
                                "type": "string"
                            },
                            "PrincipalType": {
                                "type": "integer"
                            },
                            "AllowMembersEditMembership": {
                                "type": "boolean"
                            },
                            "AllowRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "AutoAcceptRequestToJoinLeave": {
                                "type": "boolean"
                            },
                            "Description": {},
                            "OnlyAllowMembersViewMembership": {
                                "type": "boolean"
                            },
                            "OwnerTitle": {
                                "type": "string"
                            },
                            "RequestToJoinLeaveEmailSetting": {
                                "type": "string"
                            }
                        }
                    },
                    "RoleDefinitionBindings@odata.navigationLinkUrl": {
                        "type": "string"
                    },
                    "RoleDefinitionBindings": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "odata.type": {
                                    "type": "string"
                                },
                                "odata.id": {
                                    "type": "string"
                                },
                                "odata.editLink": {
                                    "type": "string"
                                },
                                "BasePermissions": {
                                    "type": "object",
                                    "properties": {
                                        "High": {
                                            "type": "string"
                                        },
                                        "Low": {
                                            "type": "string"
                                        }
                                    }
                                },
                                "Description": {
                                    "type": "string"
                                },
                                "Hidden": {
                                    "type": "boolean"
                                },
                                "Id": {
                                    "type": "integer"
                                },
                                "Name": {
                                    "type": "string"
                                },
                                "Order": {
                                    "type": "integer"
                                },
                                "RoleTypeKind": {
                                    "type": "integer"
                                }
                            },
                            "required": [
                                "odata.type",
                                "odata.id",
                                "odata.editLink",
                                "BasePermissions",
                                "Description",
                                "Hidden",
                                "Id",
                                "Name",
                                "Order",
                                "RoleTypeKind"
                            ]
                        }
                    },
                    "PrincipalId": {
                        "type": "integer"
                    }
                },
                "required": [
                    "odata.type",
                    "odata.id",
                    "odata.editLink",
                    "Member@odata.navigationLinkUrl",
                    "Member",
                    "RoleDefinitionBindings@odata.navigationLinkUrl",
                    "RoleDefinitionBindings",
                    "PrincipalId"
                ]
            }
        }
    }
}

For each group, you can get the email and its members with the following uri: 

api/Web/SiteGroups/GetByName('Name_Of_Role_Or_Group')/users?$select=email,Id

Parse the JSON results again with the following schema:

{
    "type": "object",
    "properties": {
        "d": {
            "type": "object",
            "properties": {
                "results": {
                    "type": "array",
                    "items": {
                        "type": "object",
                        "properties": {
                            "__metadata": {
                                "type": "object",
                                "properties": {
                                    "id": {
                                        "type": "string"
                                    },
                                    "uri": {
                                        "type": "string"
                                    },
                                    "type": {
                                        "type": "string"
                                    }
                                }
                            },
                            "Id": {
                                "type": "integer"
                            },
                            "Email": {
                                "type": "string"
                            }
                        },
                        "required": [
                            "__metadata",
                            "Id",
                            "Email"
                        ]
                    }
                }
            }
        }
    }
}

And then save the email to a string array, for example.

I attach a sample in two screenshots.First PartFirst Part

 

Second PartSecond Part

 

Hope it helps!

Ferran

 

 

 

 

 

View solution in original post

Helpful resources

Announcements
firstImage

Now Live: Power Virtual Agents Community!

We are excited to announce the launch of Power Virtual Agents Community. Check it out now!

firstImage

New & Improved Power Automate Community Cookbook

We've updated and improved the layout and uploading format of the Power Automate Cookbook!

thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

Top Solution Authors
Users online (5,579)