Sharepoint list as a run-only user

Anonymous · ‎06-13-2018

Hi Team,

I was excited about the ability to manage run-only users permissions based on SharePoint list/library. This should significantly improve managing flow permissions, but the reality is opposite.

According to this post

Share your Flows with Office 365 Groups and SharePoint Lists, Connector Updates, and Analytics with ...

From the Flow details screen, you can add the Site and corresponding Documents library as a run-only user, so that now all users that have read/write access to the Document library automatically have permissions to run the flow from the Flow menu in SharePoint.

It means that users with Contribute permissions should be able to run manually triggered Flow for a selected item.

In fact, it requires Edit permissions which is too much in almost all business cases to assign for users as it allows to edit list/library.

Hey, read/write means read/write content, not manage the list itself.

This is why I submitted the post as a bug because from the business perspective this is a bug.

Regards,

Pavel

v-yamao-msft · ‎06-14-2018

Hi @Anonymous,

Yes, once added lists run-only users to the flow, these connections will provide the users listed here to have run-only access to this flow. Unless providing their own connection, run-only users will not have access to these connections outside this flow.

For your scenario, may you consider sharing the flow with team members?

If you really need this feature for Manage run only users, please try to submit a request at Flow Ideas Forum.

https://powerusers.microsoft.com/t5/Flow-Ideas/idb-p/FlowIdeas

Best regards,

Mabel Mao

Community Support Team _ Mabel Mao
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Anonymous · ‎06-18-2018

Hi @v-yamao-msft,

Thank you for your reply.

I am not sure that my message was got correctly.

My question is why when we share a flow with a SharePoint list, users require to have Edit (not Contribute) permissions on the SharePoint list to be able initiating the flow?

This is not an idea, this is a bug as it doesn't comply with the feature description.

Regards,

Pavel

zplume · ‎06-19-2018

Hi Mabel, Pavel,

I also recently spotted this issue and was encouraged by @MicrosoftFlow on Twitter to post to these forums about it.

I'll try and reiterate and perhaps clarify the issue that Pavel has posted in the hope that we can move the issue forward.

Currently sharing a Flow with a SharePoint list via 'Manage run-only users > SharePoint > Invite a SharePoint list or library' only allows users who have the Edit permission level (Manage lists) on the list/library to run the Flow (e.g. via the 'For a selected item' trigger).

This seems like a bug / oversight, because granting users the Edit permission level at list level allows users to delete the list, or worse if applied at site level, allows them to delete any list in the site, which is often not something you want members to do.

Please can this be changed so that users only need Read (or at most Contribute) access to a list/library to trigger Flows that are shared via 'Manage run-only users > SharePoint > Invite a SharePoint list or library'.

Thanks

BenHatton · ‎07-05-2018

Added to Flow Ideas - Sharepoint Flow Button Should NOT require Edit or Write permissions

winstonnz · ‎05-06-2020

I created a dummy list and set all users to have edit permission. Add the list into the flow with some dummy action. Then I add the dummy list as run only flow permission.

It turns out working, with contribution permission on real production list.

Sharepoint list as a run-only user

Helpful resources

Join us for our User Group Public Preview!

Meet the Power Automate Super Users!

Power Platform ISV Studio