Skip to content

Let's POWER Automate

From no-code to low-code

Menu
  • Expressions
  • Filters
  • General
  • Problems
  • Triggers
  • Application specific solutions
    • Excel
    • Forms
    • Planner
    • Outlook
    • SharePoint
    • Teams
  • Resources
Menu

How to add permissions to SharePoint group with Power Automate

Posted on March 16, 2022 by Tom

“I can assign permissions to a user or M365 group, but what about SharePoint groups, how can I manage their access with Power Automate?”


Power Automate has two actions that make SharePoint permissions management a bit easier as you can ‘Stop sharing an item or a file’ and ‘Grant access to a file or folder’. But each of them has a limitation. The ‘Stop sharing…’ action won’t work on folders. You can use it to remove permissions from an item or a file, but not from a folder. Then there’s the ‘Grant access…’ action that won’t let you assign permissions to SharePoint groups. You can assign permissions to a user or Microsoft 365 group, but not to a SharePoint group. And since SharePoint groups are still widely used, this post explains how to solve that.

Note: everything inside <…> is a placeholder, replace it including the < and >.

You’ll need an HTTP request

As already shown a few times, if there’s no action that’ll do what you need, you can use an HTTP request.

Method: POST

Uri:
_api/lists/getByTitle('<listName>')/items(<itemID>)/roleAssignments/addRoleAssignment(PrincipalId=<groupID>,roleDefId=<roleID>)
Power Automate SharePoint group permissions

As you can see above it’s a bit more complex than the other HTTP requests on this blog. Additionally to the list name and item id you’ll need two more parameters. The ID of the SharePoint group, and the ID of the permission level.

Get the SharePoint group ID

The first new parameter is the SharePoint group ID. If you know the group name, you can use another HTTP request to get the group ID.

Method: GET

Uri:
_api/web/siteGroups/getByName('<groupName>')

The group ID can be then extracted from the JSON output, e.g.

body('Send_an_HTTP_request_to_SharePoint')?['d']?['Id']

Get the permission level ID

The second new parameter is the permissions level ID. And as you could probably guess, you can get it via HTTP request.

Method: GET

Uri:
_api/web/roleDefinitions/getByName('<roleName>')

The role ID can be then extracted in the same way as the group ID.

body('Send_an_HTTP_request_to_SharePoint')?['d']?['Id']

Build the HTTP request

Once you have the two IDs, you can use them to assign the desired permissions to the SharePoint group.

Power Automate SharePoint group permissions

Summary

If you can’t use the new Power Automate actions to manage SharePoint group permissions, you can still do it the old way. Get the group ID and permission level ID using HTTP requests, and combine the information together to assign the permissions in the 3rd one.


Do you struggle with the various expressions, conditions, filters, or HTTP requests available in Power Automate?

I send one email per week with a summary of the new solutions, designed to help even non IT people to automate some of their repetitive tasks.

All subscribers have also access to resources like a SharePoint Filter Query cheat sheet or Date expressions cheat sheet.

Zero spam, unsubscribe anytime.

2 thoughts on “How to add permissions to SharePoint group with Power Automate”

  1. Steve Morley says:
    March 21, 2022 at 12:44 pm

    Really timely Tom, I’m trying to create a SharePoint group from the instructions of this post: https://powerusers.microsoft.com/t5/Power-Automate-Community-Blog/SharePoint-Group-Operations-in-Microsoft-Flow/ba-p/394446
    Struggling a bit with the group Id

    Reply
    1. Tom says:
      March 29, 2022 at 11:14 am

      Hello Steve,
      ID is the result from the HTTP request that creates the group, it should be among the outputs of the ‘Parse JSON’ action.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Now available:

The Ultimate Power Automate expressions cheat sheet
Equip yourself with the tool to translate your thoughts into Power Automate expressions!

Do you struggle with the various expressions, conditions, filters, or HTTP requests available in Power Automate?

I send one email per week with a summary of the new solutions, designed to help even non IT people to automate some of their repetitive tasks.

All subscribers have also access to resources like a SharePoint Filter Query cheat sheet or Date expressions cheat sheet.

Zero spam, unsubscribe anytime.

Hello and welcome!

My name is Tom and I'm a business process automation consultant and Microsoft MVP living in the Czech Republic. I’ve been working with Microsoft technologies for almost 10 years, currently using mainly Power Automate, SharePoint, Teams, and the other M365 tools.

I believe that everyone can automate part of their work with the Power Automate platform. You can achieve a lot by "clicking" the flows in the designer, but you can achieve much more if you add a bit of coding knowledge. And that's what this blog is about.

To make the step from no-code Power Automate flows to low-code flows: using basic coding knowledge to build more complex yet more efficient flows to automate more of your daily tasks.

  • Format results of date calculation in SharePoint columnJune 29, 2022
  • Why is your Power Automate flow creating duplicatesJune 26, 2022
  • How to create a unique identifier in your Power Automate flowJune 22, 2022
  • How to assign custom SharePoint permission level with Power AutomateJune 19, 2022
  • Remove permissions from a specific SharePoint user with Power AutomateJune 15, 2022

Power Automate blogs worth visiting

Damien Bird
Dennis (Expiscornovus)
Paul Murana

© 2022 Let's POWER Automate | Powered by Superbs Personal Blog theme