Power Automate has multiple actions to break and assign permissions for SharePoint list items.
An action to assign list item permissions to a SharePoint Group is not available at this moment.
Removing item permissions
To remove list item permissions, you only need to fill in the site address, list/library name and the ID. This action removes all kinds of permissions for an item for which you specify the ID.
Setting item permissions
Setting permissions for a list item or library file is also easy to do if you just want to assign permissions to:
- A normal user
- A M365 group
- A mail enabled security group
Should you be interested in all types of groups, I have written an article about all kinds of M365 groups and if they can be nested or not.
Setting item permissions for a SharePoint Group
In this article, we will focus on assigning item level permissions to a SharePoint group.
To achieve this, we have to use the SharePoint REST API from Power Automate.
Add a “Send a HTTP request to SharePoint” action to your flow. Configure it as below.
- Site Address: Select for which you want to set item permissions
- Method: POST
- Uri: Write the name of your list in the getbytitle(”) part
- Uri: Add the list item ID, or a dynamic reference to it as I did, between the items() parentheses
- Uri: Set the principalid of your SharePoint group in the principalid=” part
To know the principalid of a SharePoint group, go to “Settings” and click “Site permissions”.
Click “Advanced permissions settings”:
Click on one of the SharePoint groups and copy the principalid from the URL.
- Uri: Set the roleDefId parameter to one of the roles below:
|Role Definition Name||Role Definition Id|
After configuring everything and running the flow, you will see that the item is shared with a SharePoint group.
In some cases you will get the error below, you can try to add “Stop sharing an item or file” before the “Send a HTTP request to SharePoint” action.
This operation is not allowed on an object that inherits permissions. clientRequestId: baccf21a-246b-4d3c-b69f-310f5197a186 serviceRequestId: 9edc889f-e0ab-2000-3c89-c30ec084be80
Assign item permissions to SharePoint Groups for all items in a list/library
Sometimes you need to assign item level permissions for all your list items or files. Add a SharePoint “Get items” action followed by a for each loop with your HTTP call in it:
Working with large lists
In case you have a large list or library, make sure to enable the “Pagination” setting and to increase the threshold:
In this article we learned:
- How to assign item permissions to SharePoint groups
- What to do in case you get the “This operation is not allowed on an object that inherits permissions” error
- How to assign item permissions to a SharePoint group for all your list items
- How to work with large lists and a higher amount of items