cancel
Showing results for 
Search instead for 
Did you mean: 

SharePoint Groups for Approvals, Reviews, Emails, and Permissions

Today, 95% of our approval processes that are done in SharePoint Designer workflows leverage SharePoint Groups (not AD security Groups, AAD Security Groups, or O365 Groups) that exist inside of the site collection.  These SharePoint Groups are typically maintained directly by business users.  They also don't have an email address associated with them.  Very rarely are approvals and reviews done just to individual people.  Manager is easy enough, but typically roles are defined for solutions and they are managed by Groups.  Permissions are also typically applied by Groups.

 

 

Based on feedback at MS Ignite, Flow will NOT support SharePoint Groups unless there is a large driver to do so.  Recommendation was to use O365 Groups.  O365 Groups however provision a billion other collaboration tools that are, more often than not, not needed for processes like this.  They would be extreme overkill for simple approval processes.   AD and AAD Security Groups usually involve some form of IT involvement and are not so easy for business users to maintain.

 

Also at Ignite, the majority of approval processes currently demoed and planned for involve "hard coding" individual users, or dynamically selecting your manager.  

 

If Flow is going to be the de facto replacement for SharePoint Designer, it needs to be able to handle these SharePoint Groups, instead of individual names.  Otherwise we'll have to continue to use SharePoint Designer to handle these basic needs.

 

Common Scenarios:

  • Send an Email to all members of a SharePoint Group
  • Start an Approval and Assign it to a SharePoint Group
    • If users are added to the Group, they would have permission to do that Approval
    • If users are removed from the Group, they would lose permission to do the Approval
  • Start a Review and Assign it to a SharePoint Group
  • Assign Item Level Permissions to a SharePoint Group
Status: New
Comments
Advocate III

@tism Yeah, it sometimes feels like MS and their MVPs want to have their cake and eat it too. It's one thing to tout things like Power Automate as a no-code tool that average to intermediate users can use, but you can't do that out one side of your mouth and out the other just tell people all they have to do is use simple API calls. APIs are for coders and with a product like Power Automate, code should be abstracted behind a user interface, especially for something like "using sharepoint groups". It's not a huge demand to ask for one currently supported and active product "Power Apps" to be able to interact with a simple part of another supported and active product (SharePoint) from the same company.