{"id":1477,"date":"2021-03-09T13:02:19","date_gmt":"2021-03-09T07:32:19","guid":{"rendered":"http:\/\/blog.binarybits.net\/?p=1477"},"modified":"2021-03-09T13:05:54","modified_gmt":"2021-03-09T07:35:54","slug":"item-level-permission-in-sharepoint-using-rest-and-power-automate","status":"publish","type":"post","link":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/","title":{"rendered":"Item level permission in SharePoint using REST and Power Automate"},"content":{"rendered":"\n

Sometimes when an item is created we might need to set item level permission for those items. Fortunately, SharePoint’s REST API can help with this and Power Automate \/ Flow supports SharePoint HTTP calls.<\/p>\n\n\n\n

For this to work, make sure the Power Automate is created with an account having site collection administrator access.<\/p><\/blockquote><\/figure>\n\n\n\n

First the basics of how this works<\/h2>\n\n\n\n

Step 1 is to identify to whom the permissions should be granted to. It can be either a person or a group.<\/p>\n\n\n\n

Step 2 is to identify what kind of permission i.e. role should be granted.<\/p>\n\n\n\n

Step 3 is breaking the inheritance.<\/p>\n\n\n\n

Step 4 is assigning the permission.<\/p>\n\n\n\n

Second is knowing the supporting APIs to gather the information<\/h2>\n\n\n\n

Step 1: To whom the permission should be granted?<\/h3>\n\n\n\n

Individual user<\/h4>\n\n\n\n

To identify the individual user the following API can be used. Commonly everyone relies on e-mail ID so lets take that as an example<\/p>\n\n\n\n

URL: _api\/web\/SiteUsers\/getByEmail('email@domain.com')\nMethod: Get<\/pre><\/div>\n\n\n\n
When you use Power Automate, make sure to extract the ID and place it in a variable.<\/p>\n\n\n\n
body('Get_User_Id')['d']['Id']<\/pre><\/div>\n\n\n\n
Site Group<\/h4>\n\n\n\n
To identify the site group the following API can be used.<\/p>\n\n\n\n
URL: _api\/web\/sitegroups\/getbyname('Group Name')\nMethod: Get<\/pre><\/div>\n\n\n\n
When you use Power Automate, make sure to extract the ID and place it in a variable.<\/p>\n\n\n\n
body('Get_Group_Id')['d']['Id']<\/pre><\/div>\n\n\n\n
Step 2: What kind of permission?<\/h3>\n\n\n\n
This is defined by the role definitions available in the site. The following API will help in identifying the role definitions and their ID.<\/p>\n\n\n\n
URL: _api\/roledefinitions\/getbyname('Full Control')\nMethod: Get<\/pre><\/div>\n\n\n\n
When you use Power Automate, make sure to extract the ID and place it in a variable.<\/p>\n\n\n\n
body('Get_Role_Definition_Id')['d']['Id']<\/pre><\/div>\n\n\n\n
Step 3: Breaking the inheritance<\/h3>\n\n\n\n
For this first thing is we need to identify the target for which the inheritance should be broken. In the following example it’s a list item.<\/p>\n\n\n\n
URL: _api\/lists\/getByTitle('<List Name>')\/items(<Item ID>)\/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)\nMethod: POST<\/pre><\/div>\n\n\n\n
Example:<\/h4>\n\n\n\n
URL: _api\/lists\/getByTitle('Test List')\/items(1)\/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)<\/pre><\/div>\n\n\n\n
Step 4: Assigning permission<\/h3>\n\n\n\n
As said before permission can be assigned to an individual or a group. The following API will help with that<\/p>\n\n\n\n
URL: _api\/lists\/getByTitle('<List Name>')\/items(<Item ID>)\/roleassignments\/addroleassignment(principalid=<User ID or Group ID>,roledefid=<Role ID>)\nMethod: POST<\/pre><\/div>\n\n\n\n
Example:<\/h4>\n\n\n\n
URL: _api\/lists\/getByTitle('Test List')\/items(1)\/roleassignments\/addroleassignment(principalid=10,roledefid=1073741829)<\/pre><\/div>\n\n\n\n
Following is the list of out of the box role definitions which I came across in the internet<\/p>\n\n\n\n
Role Definition Name<\/strong><\/td>Role Definition Id<\/strong><\/td><\/tr>
Full Control<\/td>1073741829<\/td><\/tr>
Design<\/td>1073741828<\/td><\/tr>
Edit<\/td>1073741830<\/td><\/tr>
Contribute<\/td>1073741827<\/td><\/tr>
Read<\/td>1073741826<\/td><\/tr>
View Only<\/td>1073741924<\/td><\/tr>
Limited Access<\/td>1073741825<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
Useful URL<\/h2>\n\n\n\n
You can refer the following URL which has code example to use REST api.<\/p>\n\n\n\n
Set custom permissions on a list by using the REST interface<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Sometimes when an item is created we might need to set item level permission for those items. Fortunately, SharePoint’s REST API can help with this and Power Automate \/ Flow supports SharePoint HTTP calls. For this to work, make sure the Power Automate is created with an account having site collection administrator access. First the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[316,62,1],"tags":[317,231],"yoast_head":"\nItem level permission in SharePoint using REST and Power Automate : Binary Bits<\/title>\n<meta name=\"description\" content=\"Use the following API to set item level permissions in Power Automate or Microsoft Flow.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Item level permission in SharePoint using REST and Power Automate : Binary Bits\" \/>\n<meta property=\"og:description\" content=\"Use the following API to set item level permissions in Power Automate or Microsoft Flow.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\" \/>\n<meta property=\"og:site_name\" content=\"Binary Bits\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-09T07:32:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-09T07:35:54+00:00\" \/>\n<meta name=\"author\" content=\"Kannan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Kannan_B\" \/>\n<meta name=\"twitter:site\" content=\"@Kannan_B\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kannan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\"},\"author\":{\"name\":\"Kannan\",\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855\"},\"headline\":\"Item level permission in SharePoint using REST and Power Automate\",\"datePublished\":\"2021-03-09T07:32:19+00:00\",\"dateModified\":\"2021-03-09T07:35:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\"},\"wordCount\":367,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855\"},\"keywords\":[\"Power Automate\",\"SharePoint Online\"],\"articleSection\":[\"Power Automate\",\"SharePoint\",\"Uncategorized\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\",\"url\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\",\"name\":\"Item level permission in SharePoint using REST and Power Automate : Binary Bits\",\"isPartOf\":{\"@id\":\"https:\/\/blog.binarybits.net\/#website\"},\"datePublished\":\"2021-03-09T07:32:19+00:00\",\"dateModified\":\"2021-03-09T07:35:54+00:00\",\"description\":\"Use the following API to set item level permissions in Power Automate or Microsoft Flow.\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.binarybits.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Item level permission in SharePoint using REST and Power Automate\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.binarybits.net\/#website\",\"url\":\"https:\/\/blog.binarybits.net\/\",\"name\":\"Binary Bits\",\"description\":\"Bits & Pieces - A blog by Kannan Balasubramanian\",\"publisher\":{\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.binarybits.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855\",\"name\":\"Kannan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/blog.binarybits.net\/wp-content\/uploads\/2017\/04\/12976869_10207528235497646_1307827709790943986_o.jpg\",\"contentUrl\":\"https:\/\/blog.binarybits.net\/wp-content\/uploads\/2017\/04\/12976869_10207528235497646_1307827709790943986_o.jpg\",\"width\":1270,\"height\":1270,\"caption\":\"Kannan\"},\"logo\":{\"@id\":\"https:\/\/blog.binarybits.net\/#\/schema\/person\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Item level permission in SharePoint using REST and Power Automate : Binary Bits","description":"Use the following API to set item level permissions in Power Automate or Microsoft Flow.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/","og_locale":"en_GB","og_type":"article","og_title":"Item level permission in SharePoint using REST and Power Automate : Binary Bits","og_description":"Use the following API to set item level permissions in Power Automate or Microsoft Flow.","og_url":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/","og_site_name":"Binary Bits","article_published_time":"2021-03-09T07:32:19+00:00","article_modified_time":"2021-03-09T07:35:54+00:00","author":"Kannan","twitter_card":"summary_large_image","twitter_creator":"@Kannan_B","twitter_site":"@Kannan_B","twitter_misc":{"Written by":"Kannan","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#article","isPartOf":{"@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/"},"author":{"name":"Kannan","@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855"},"headline":"Item level permission in SharePoint using REST and Power Automate","datePublished":"2021-03-09T07:32:19+00:00","dateModified":"2021-03-09T07:35:54+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/"},"wordCount":367,"commentCount":0,"publisher":{"@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855"},"keywords":["Power Automate","SharePoint Online"],"articleSection":["Power Automate","SharePoint","Uncategorized"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/","url":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/","name":"Item level permission in SharePoint using REST and Power Automate : Binary Bits","isPartOf":{"@id":"https:\/\/blog.binarybits.net\/#website"},"datePublished":"2021-03-09T07:32:19+00:00","dateModified":"2021-03-09T07:35:54+00:00","description":"Use the following API to set item level permissions in Power Automate or Microsoft Flow.","breadcrumb":{"@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.binarybits.net\/item-level-permission-in-sharepoint-using-rest-and-power-automate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.binarybits.net\/"},{"@type":"ListItem","position":2,"name":"Item level permission in SharePoint using REST and Power Automate"}]},{"@type":"WebSite","@id":"https:\/\/blog.binarybits.net\/#website","url":"https:\/\/blog.binarybits.net\/","name":"Binary Bits","description":"Bits & Pieces - A blog by Kannan Balasubramanian","publisher":{"@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.binarybits.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/dda0e26212583a95f286cf67604fd855","name":"Kannan","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/image\/","url":"https:\/\/blog.binarybits.net\/wp-content\/uploads\/2017\/04\/12976869_10207528235497646_1307827709790943986_o.jpg","contentUrl":"https:\/\/blog.binarybits.net\/wp-content\/uploads\/2017\/04\/12976869_10207528235497646_1307827709790943986_o.jpg","width":1270,"height":1270,"caption":"Kannan"},"logo":{"@id":"https:\/\/blog.binarybits.net\/#\/schema\/person\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/posts\/1477"}],"collection":[{"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/comments?post=1477"}],"version-history":[{"count":11,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/posts\/1477\/revisions"}],"predecessor-version":[{"id":1489,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/posts\/1477\/revisions\/1489"}],"wp:attachment":[{"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/media?parent=1477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/categories?post=1477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.binarybits.net\/wp-json\/wp\/v2\/tags?post=1477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}