I am using HTTP request (REST) to add/remove permissions for a user. I've got a point where I have stripped all permissions from a newly created item, then given an individual user Read. On subsequent flow I need to give the user Edit permissions for the same item. What would I put into the HTTP call to do that?
I've included a flow picture to show that I can get the created_by user, but how would I replace permissions without removing all existing permission on the item and then re-adding?!
Accepted Solutions
Hey Cardinalpipkin,
The below article has a great tutorial on this.
Although, personally I add/removed users from a group, rather than using individuals. So if you have a Owners, Contributor, and Visitor group, you'd add/remove the user from one of those groups. I wasn't able to utilize the getByEmail portion. Instead, I used their loginname, which looks like i:0#.f|membership|user@contoso.com
What you will want to do is first send a get request to get the groupID of the targeted group.
URI:
_api/web/SiteGroups?$filter=LoginName eq 'Site Group Name'&$select=Id&top=1 *Note: Site Group Name would usually be the name of the site space Owners or Contributors. So example: Site name is Finance, you would put: Finance Owners
Then you will want to do a Parse JSON. Content should be the body of the Get request.
Schema:
{
"type": "object",
"properties": {
"d": {
"type": "object",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"properties": {
"Id": {
"type": "integer"
},
"__metadata": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"uri": {
"type": "string"
},
"type": {
"type": "string"
}
}
}
},
"required": [
"__metadata",
"Id"
]
}
}
}
}
}
}Finally, you will want to do a POST using the Id from the JSON parse
Body:
{"__metadata":{"type":"SP.User"},"LoginName":"i:0#.f|membership|user@contoso.com"}
If this solves your issue, please mark it as the solution
Hey Cardinalpipkin,
The below article has a great tutorial on this.
Although, personally I add/removed users from a group, rather than using individuals. So if you have a Owners, Contributor, and Visitor group, you'd add/remove the user from one of those groups. I wasn't able to utilize the getByEmail portion. Instead, I used their loginname, which looks like i:0#.f|membership|user@contoso.com
What you will want to do is first send a get request to get the groupID of the targeted group.
URI:
_api/web/SiteGroups?$filter=LoginName eq 'Site Group Name'&$select=Id&top=1 *Note: Site Group Name would usually be the name of the site space Owners or Contributors. So example: Site name is Finance, you would put: Finance Owners
Then you will want to do a Parse JSON. Content should be the body of the Get request.
Schema:
{
"type": "object",
"properties": {
"d": {
"type": "object",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"properties": {
"Id": {
"type": "integer"
},
"__metadata": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"uri": {
"type": "string"
},
"type": {
"type": "string"
}
}
}
},
"required": [
"__metadata",
"Id"
]
}
}
}
}
}
}Finally, you will want to do a POST using the Id from the JSON parse
Body:
{"__metadata":{"type":"SP.User"},"LoginName":"i:0#.f|membership|user@contoso.com"}
If this solves your issue, please mark it as the solution
Helpful resources
Join us for Microsoft Power Platform Conference
The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.
A new place to submit your Ideas for Power Automate
Announcing a new way to share your feedback with the Power Automate Team.
Register for a Free Workshop
Learn to digitize and optimize business processes and connect all your applications to share data in real time.
