cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
bennet
New Member

Permissions question: Flow --> Sharepoint Add-in, item level security

I am trying to read and write item level security in sharepoint online with Flow.  I have followed numerous examples.  I have even used tenant admin to give tenant Manage permissions through the Sharepoint Add-in.  I can successfully retrieve an access token, but no matter what combination of access permissions I give, Flow returns a Forbidden error when trying to read or update item level security.

 

I know that Flow uses the Sharepoint\App account, do I need to do something special with that account? 

 

https://xxxxx-admin.sharepoint.com/_layouts/15/appregnew.aspx

https://xxxxx-admin.sharepoint.com/_layouts/15/appinv.aspx

 

Permission scope:

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="Manage" />
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
</AppPermissionRequests>

 

I post to "https://accounts.accesscontrol.windows.net/xxxx/tokens/OAuth/2"

I receive an access token

I use the token to post to https://xxxxx.sharepoint.com/sites/xxxxx/_api/lists/getbytitle('xxxxx')/items(1)/roleassignments/

I get Access Denied

I even get access denied if I try to get the site title ("https://xxxx.sharepoint.com/sites/xxxxx/_api/web?$select=Title")

 

What am I missing?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

Are you using the http request action from the sharepoint connector or the one from the http connector?

View solution in original post

4 REPLIES 4
Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

Are you using the http request action from the sharepoint connector or the one from the http connector?

View solution in original post

bennet
New Member

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

I'm using the HTTP connector. 

 

Should I be using the "Send an HTTP to Sharepoint" connector?

bennet
New Member

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

I changed the HTTP connector I'm using to the Sharepoint HTTP connector and I'm starting to see some good results.  I believe this may be the solution.  

 

Thank you for pointing me in the right direction.

Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

The SharePoint version handles all the painful authentication troubles.

Helpful resources

Announcements
firstImage

New Ranks and Rank Icons released on April 21!

The time has come: We are finally able to share more details on the brand-new ranks coming to the Power Automate Community!

firstImage

Now Live: Power Virtual Agents Community!

We are excited to announce the launch of Power Virtual Agents Community. Check it out now!

firstImage

New & Improved Power Automate Community Cookbook

We've updated and improved the layout and uploading format of the Power Automate Cookbook!

thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

sixthImage

Community Summit North America

The top training and networking event across the globe for Microsoft Business Applications

Top Solution Authors
Users online (9,826)