cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
JFF42
New Member

using Flow to grant access in SharePoint

Hi,

I want to manage permissions automatically on SharePoint Online folders in a library.

I found the Flow action "Grant permission" but it is very limited:

- we can only add, not delete

- we can't use all SharePoint permissions levels, but only "role" Edit or View (and the role does not exist in SharePoint)

- we can only grant the right to an email address and not to a SharePoint group. 

 

If anyone has an idea about these issues ...
Thank you

 

(traduction FR)

Bonjour,

Je souhaite gérer automatiquement les autorisations sur les dossiers SharePoint Online dans une bibliothèque. J'ai trouvé l'action Flow "Accorder l'autorisation" mais elle est très limitée :

- on ne peut qu'ajouter, pas supprimer

- il ne s'agit pas des niveaux complets d'autorisations SharePoint mais seulement de rôle (nouveau concept qui n'existe pas dans ShP) Edit ou View

- on ne peut accorder le droit qu'à une adresse e-mail et pas à un groupe SharePoint.

Si quelqu'un a une idée pour traiter ces questions …

Merci.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Pstork1
Dual Super User III
Dual Super User III

You can use HTTP Rest calls in Flow to modify permissions to SharePoint lists, folders, and items.  Take a look at this walkthrough

https://collab365.community/sharepoint-item-permissions-using-flow-part-1/



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

View solution in original post

v-bacao-msft
Community Support
Community Support

 

Hi @JFF42 ,

 

Have you had an opportunity to apply @Pstork1 's recommendations to adapt your Flow?

There are also links here for your needs, please check them:

managing-sharepoint-item-level-permissions-with-microsoft-flow

get-sharepoint-role-definition-ids-out

assign-unique-permissions-to-a-document-with-the-new-send-an-http-request-to-sharepoint-action-how-t...

Please take a try and feel free let us know if you have any questions.

 

Best Regards,

Community Support Team _ Barry
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

7 REPLIES 7
Pstork1
Dual Super User III
Dual Super User III

You can use HTTP Rest calls in Flow to modify permissions to SharePoint lists, folders, and items.  Take a look at this walkthrough

https://collab365.community/sharepoint-item-permissions-using-flow-part-1/



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

View solution in original post

v-bacao-msft
Community Support
Community Support

 

Hi @JFF42 ,

 

Have you had an opportunity to apply @Pstork1 's recommendations to adapt your Flow?

There are also links here for your needs, please check them:

managing-sharepoint-item-level-permissions-with-microsoft-flow

get-sharepoint-role-definition-ids-out

assign-unique-permissions-to-a-document-with-the-new-send-an-http-request-to-sharepoint-action-how-t...

Please take a try and feel free let us know if you have any questions.

 

Best Regards,

Community Support Team _ Barry
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

sandhiya
Regular Visitor

Is there any option to provide access to groups in flows and to remove access to flows or to delete a group or user? please suggest.

Pstork1
Dual Super User III
Dual Super User III

Setting permissions via HTTP can be done for both users and groups.  Other than that your question really doesn't pertain to the discussion.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.
BenFetters
Continued Contributor
Continued Contributor

Just a quick comment here.

 

1. You can use custom role definitions with the "Grant Access" action by entering in "role:[roleID]" as a custom value. See here: https://powerusers.microsoft.com/t5/General-Power-Automate/Custom-value-for-Role-in-Grant-access-to-...

 

2. While HTTP requests are great to change security, they take a lot longer to do. The hardest thing I've had to deal with with setting security with the "Grant Access" action is that it only works with people fields or just email addresses and not SP groups. I think that would be a great feature to add so that the flow could handle a user ID as well as a group ID instead of just an email.

 

That is all, hope that was insightful/helpful!

 

Kind regards,

Ben Fetters

If this solved the problem for you, feel free to hit "Accept as Solution" so others can find the answer easier. 🙂

Kind regards,

Ben Fetters
Power Apps/Power Automate Developer
www.sovereignsp.com
Pstork1
Dual Super User III
Dual Super User III

The problem with Grant Access is that it just shares the item with new people.  It doesn't break inheritance and setup true item level permissions for the item.  Actually managing permissions is what this question was about.



-------------------------------------------------------------------------
If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.

How would you do this for folders? Can only see answers for lists.

Helpful resources

Announcements
UG GA Amplification 768x460.png

Launching new user group features

Learn how to create your own user groups today!

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

M365 768x460.jpg

Microsoft 365 Collaboration Conference | December 7–9, 2021

Join us, in-person, December 7–9 in Las Vegas, for the largest gathering of the Microsoft community in the world.

Users online (2,630)