“I can assign permissions to a user or M365 group, but what about SharePoint groups, how can I manage their access with Power Automate?”
Power Automate has two actions that make SharePoint permissions management a bit easier as you can ‘Stop sharing an item or a file’ and ‘Grant access to a file or folder’. But each of them has a limitation. The ‘Stop sharing…’ action won’t work on folders. You can use it to remove permissions from an item or a file, but not from a folder. Then there’s the ‘Grant access…’ action that won’t let you assign permissions to SharePoint groups. You can assign permissions to a user or Microsoft 365 group, but not to a SharePoint group. And since SharePoint groups are still widely used, this post explains how to solve that.
Note: everything inside <…> is a placeholder, replace it including the < and >.
You’ll need an HTTP request
As already shown a few times, if there’s no action that’ll do what you need, you can use an HTTP request.
Method: POST
Uri:
_api/lists/getByTitle('<listName>')/items(<itemID>)/roleAssignments/addRoleAssignment(PrincipalId=<groupID>,roleDefId=<roleID>)

As you can see above it’s a bit more complex than the other HTTP requests on this blog. Additionally to the list name and item id you’ll need two more parameters. The ID of the SharePoint group, and the ID of the permission level.
Get the SharePoint group ID
The first new parameter is the SharePoint group ID. If you know the group name, you can use another HTTP request to get the group ID.
Method: GET
Uri:
_api/web/siteGroups/getByName('<groupName>')

The group ID can be then extracted from the JSON output, e.g.
body('Send_an_HTTP_request_to_SharePoint')?['d']?['Id']
Get the permission level ID
The second new parameter is the permissions level ID. And as you could probably guess, you can get it via HTTP request.
Method: GET
Uri:
_api/web/roleDefinitions/getByName('<roleName>')

The role ID can be then extracted in the same way as the group ID.
body('Send_an_HTTP_request_to_SharePoint')?['d']?['Id']
Build the HTTP request
Once you have the two IDs, you can use them to assign the desired permissions to the SharePoint group.

Summary
If you can’t use the new Power Automate actions to manage SharePoint group permissions, you can still do it the old way. Get the group ID and permission level ID using HTTP requests, and combine the information together to assign the permissions in the 3rd one.
Really timely Tom, I’m trying to create a SharePoint group from the instructions of this post: https://powerusers.microsoft.com/t5/Power-Automate-Community-Blog/SharePoint-Group-Operations-in-Microsoft-Flow/ba-p/394446
Struggling a bit with the group Id
Hello Steve,
ID is the result from the HTTP request that creates the group, it should be among the outputs of the ‘Parse JSON’ action.