cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
bennet
Level: Power Up

Permissions question: Flow --> Sharepoint Add-in, item level security

I am trying to read and write item level security in sharepoint online with Flow.  I have followed numerous examples.  I have even used tenant admin to give tenant Manage permissions through the Sharepoint Add-in.  I can successfully retrieve an access token, but no matter what combination of access permissions I give, Flow returns a Forbidden error when trying to read or update item level security.

 

I know that Flow uses the Sharepoint\App account, do I need to do something special with that account? 

 

https://xxxxx-admin.sharepoint.com/_layouts/15/appregnew.aspx

https://xxxxx-admin.sharepoint.com/_layouts/15/appinv.aspx

 

Permission scope:

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="Manage" />
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
</AppPermissionRequests>

 

I post to "https://accounts.accesscontrol.windows.net/xxxx/tokens/OAuth/2"

I receive an access token

I use the token to post to https://xxxxx.sharepoint.com/sites/xxxxx/_api/lists/getbytitle('xxxxx')/items(1)/roleassignments/

I get Access Denied

I even get access denied if I try to get the site title ("https://xxxx.sharepoint.com/sites/xxxxx/_api/web?$select=Title")

 

What am I missing?

 

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

Are you using the http request action from the sharepoint connector or the one from the http connector?

View solution in original post

4 REPLIES 4
Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

Are you using the http request action from the sharepoint connector or the one from the http connector?

View solution in original post

bennet
Level: Power Up

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

I'm using the HTTP connector. 

 

Should I be using the "Send an HTTP to Sharepoint" connector?

bennet
Level: Power Up

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

I changed the HTTP connector I'm using to the Sharepoint HTTP connector and I'm starting to see some good results.  I believe this may be the solution.  

 

Thank you for pointing me in the right direction.

Super User
Super User

Re: Permissions question: Flow --> Sharepoint Add-in, item level security

The SharePoint version handles all the painful authentication troubles.

Helpful resources

Announcements
thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

firstImage

Incoming: New and improved badges!

We've given our badges an overhaul and also added some brand new ones!

fifthimage

Microsoft Learn

Learn how to build the business apps that you need.

sixthImage

Power Platform World Tour

Find out where you can attend!

seventhimage

Webinars & Video Gallery

Watch & learn from the Power Automate Community Video Gallery!

Top Kudoed Authors (Last 30 Days)
Users online (5,841)