Hi Ben, tks for the video. However I am quite frustrated cuz I want to grant acess to sharepoint (the simple step) but I cannot find a step before that to get the item or folder "ID". If I use "when item is created" as you did, it will wait for that trigger. I tried "get item" and other steps but nothing worked. Do you have any idea? Thanks.
@@sovereignsp tks for your reply. I tried the command above but got the message "Cannot read property 'properties' of undefined ". Because I am trying to get ID from a library, it has no columns ID. I wonder if I can get the actual value for the ID of a library in SharePoint. I tried with this page (www.benprins.net/2019/09/02/sharepoint-get-all-the-ids/#comment-2946), but Power automated shows an error saying it needs to be an integer number. Actually my purpose is to find an easy way to grant access to users via power automate to the whole sharepoint. Seems simple but maybe "grant access to item or folder" does not work for that.
Hi Ben,Thank you so much for sharing such a good content. Just one doubt- does the break inheritance api not work if the owner of the flow has edit access only?
Hi. very helpful ! Now, I am trying to copy a library from one site to another site. I a quioet good except I need to READ the permissions applied one source folder with inheritance broken and reproduce these - using what you showed here - on the destination. Any hint on how I can list the users who can access (Moddify / Read) the folder ?
Hi Ben, Thank you so much for sharing such a good content. I am setting a edit permission to the person who have created the item and it is working fine ,but I had a doubt regarding the owner permission,will the owner of the list can see all the items ? In my case owner is able to see the items created by him and also by others.
Ben, Great video. Can a power automate be made that can reference a List of users then update a permissions group based on who is on the list, and when the list gets changed, like someone is removed it will automatically remove their permissions?
Hi Ben, thanks for the detailed video! It is really helpful! I tried to update permission of one of my SharePoint groups, however, the new permission is getting appended. It is not replacing the existing permission. Could you please tell me what has gone wrong, and what can I check?
Hi Soverign SP. Thanks for the video and a great explanation. I have a slightly different query. I have multiple individual folders with specific peoples names EG: Joe Blogs, Mary Jane etc. and i want to assign Joe to Joe's folder, Mary to Marys folder etc as I have over 200 of these instances. What would you suggest the best way is to do this thru Power Automate?
Hey Ben! I came across your very helpful video when looking for a way to change permissions for a SharePoint group across multiple sites. I have about 40 sites where a SP group is used on all those sites. Currently the group has Edit rights and I want to change to Contribute rights. The change is not specific to a list or library, but everywhere that SP group is used. I set the workflow to use a manual trigger. Using the HTTP Request, I was able to get the ID of the group (_api/web/sitegroups/getbyname('Group Name Members')), use a Parse JSON to extract the ID, and then finally use a second HTTP Request to Post the change (_api/web/roleassignments/addroleassignment(principalID=@{body('Parse_JSON')?['body']?['d']?['Id']},roledefid=1073741827), but am getting the error "web/roleassignments/addroleassignment(principalID=,roledefid=1073741827)" is not valid. In the error message, the principalID is blank. Do you have any recommendations?
Hi! Amazing video, this was very helpful for me, so thank you! Just one question, at the "Get Principal ID" step, say that part of the list item is empty and it cannot return any value, is there a way to keep the Flow going? Is there any way to make an IF-statement, checking whether or not that particular field is empty and then making the appropriate action (whether to skip, or to set a variable)?
Hi Ben, great video but i've got a problem... If I use a single persons field, like creator of object, the flow works perfectly. But I want to set permissions for a multiple persons field and get error like: "... 'The template language expression 'items('Apply_to_each_2')['type']' cannot be evaluated because property 'd' cannot be selected. Array elements can only be selected using an integer index." How can I solve this?
Hi there, Watched your video regarding breaking the inheritance. And wanted to tell you it was really helpful to me. But i've a question regarding this. i wanted to know if it's possible to break the inheritance for owners too. For example: Owners have full control but I want their permissions to read only for a particular item in the list.
Great Vid. Can we apply the same flow for an SP-Library instead of a List? If YES - I tried and it is throwing me an error :-( If No - Can you explain/make a video/refer to a source where it has been explained?
@@sovereignsp Hi. I am having the same problem. I tried changing all that has 'list' to 'library' and it's not working as well. It's throwing 'Cannot find resource for the request library.' error. And If I follow your instructions in the video it's throwing 'BadGateway' error. Thank you!
Hello, have you tried changer flow which changes all users of the file from Edit to View permissions? It seems to work way from View to Edit but doesnt do ANYTHING from edit to view. And Powerautomate doesnt write an error it grants the View permission in the flow... Any ideas? I tried Stop sharing in the loop, but we have many persons on one file and then the loop doesnt work for this case.
Hi, that's a nice explanation about setting permission through flow. Thank you. I have a question, related to PrincipalID, when I am trying to put body('Send_an_HTTP_request_to_SharePoint_2')?['d']['id'] in the expression and click OK, it says Expression is Invalid, also would like to know what is d and id in this.
@@sovereignsp Thankyou so much for beautiful explanation.. and you are correct flow sometimes behave wierd.. after couple of try.. it worked and worked beautifully.. Now I am trying to send email to multiple person at once.. trying to figure out how to get data from people picker in powerapps when selected three names in the same people picker
@@sovereignsp Thanks for taking the time to respond. I have found a way in flow when i add multiple groups or users in a column, and the flow runs successfully. The issue now is when someone removes one user or group, i need the flow to run and remove the user and only set permissions for the items that are in the column and its owner. Hope this makes sense. I have the exact same workflow in SharePoint Designer, which is a 2010 workflow. I just figured to try and do it in flow because its a bit more modern. And thank you so much yet again .This video help me a lot.
@@wadevollmer428 How did you do that Wade? We have a similar problem, a list where education participants (and their boss) should be the only ones that have the edit permission, the rest of the company should have read permission...
Hi Ben, great video, Thanks! I was looking for item level permissions, this video mostly solved my requrement. Please let me know, how to achieve this functionality for multiple users/groups (i.e. assigning permissions to multiple user groups)?
@@sovereignsp Thanks for the detailed explanation. I got it, for now we have to send multiple HTTP request. I wish, in future some new action(s) in power flow supports our requirement :)
Hi ben, i had a sharepoint 2010 WF but know they will remove this one, in the WF i change the permissions if the Item was approved so they cant edit the item, can we do that with this PA or SPWF2013 thanks for your help
Hi Ben! The video is great as we are trying to look for solutions to change permission on SharePoint items. Does it work for site pages inside a subsite's sitepage library? As we preliminary tried and it returned a status 400. _api/lists/getByTitle('Site Pages')/items(ID)/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true) also we have tried a couple of field other than "ID", like "filename with extension", it did not work either. What we are trying to do is that first of all a group of users are allowed to create a sitepage (with "Contribute" right) in that sub-site, once a sitepage is created, a flow will be triggered to break the inheritance of the sitepage's permission, change permission of that group of users with "READ", then further add the author of that sitepage with "Contribute" right. hm....
@@sovereignsp Thanks so much for the feedback Ben. I believe I found what I was lookin for...how to add a "SharePoint list as a co-owner" to flow. I'm surprised that there aren't too many tutorials about this on TH-cam. Maybe because its super easy :) Thanks again!
Hi Ben, thanks for the walk through. I'm having the same issue as Henrique, in that I understand that if the trigger is an item insertion you can get the ID from that actions, but I want to set permission for the whole List, not an Item, so I don't think I have a trigger. Can you tell how to get the ID of the List, rather than the Item? Thanks.
@@sovereignsp Thanks, Ben! I have a PowerApps app which hits 6 lists, so every time I add a user, I think I have to grant permissions for him/her 6 separate times... 7 if you count the app... and if I have 10 new users... ugh! I want to automate this!
Hello Ben, Thanks for this video , I was looking for something very similar . I tried to follow your instructions and could achieve 95% of it. my scenario is . > I am breaking the inheritance and then adding the " group" for the shared access to a SharePoint library. > After the flow runs, I could see the group in the permissions list[which is perfect], but along with that I see my Name as well in the list [I do not want to see my name in the list] Below are the details Break inheritance : _api/lists/getByTitle('Test Library')/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true) Principle ID : _api/web/SiteGroups/getbyname('000-TEST BATCH Owners') Set permissions _api/lists/getByTitle('Test Library')/roleassignments/addroleassignment(principalid=@{variables('VarGroupNameID')},roledefid=1073741829) What am I doing wrong?
Hi, great video - is it possible to add someone to the site collection admin list using the same method (or any other method for that matter!), thanks.
Hi buddy.... Here I having one question we want to remove unique permission for a item using ms flow Is it possible? Could you please guide me on this?
Good question! You’d have to add them to a security group that has access to the document library. I’m sure there are examples of how to do that somewhere :)
Hi Ben, tks for the video. However I am quite frustrated cuz I want to grant acess to sharepoint (the simple step) but I cannot find a step before that to get the item or folder "ID". If I use "when item is created" as you did, it will wait for that trigger. I tried "get item" and other steps but nothing worked. Do you have any idea? Thanks.
@@sovereignsp tks for your reply. I tried the command above but got the message "Cannot read property 'properties' of undefined
". Because I am trying to get ID from a library, it has no columns ID. I wonder if I can get the actual value for the ID of a library in SharePoint. I tried with this page (www.benprins.net/2019/09/02/sharepoint-get-all-the-ids/#comment-2946), but Power automated shows an error saying it needs to be an integer number.
Actually my purpose is to find an easy way to grant access to users via power automate to the whole sharepoint. Seems simple but maybe "grant access to item or folder" does not work for that.
You are a GOD! Looked everywhere for this. Works perfectly, thanks!
Hey thanks for this simple to understand video. Finally a solution I can run with.
Hi Ben,Thank you so much for sharing such a good content.
Just one doubt- does the break inheritance api not work if the owner of the flow has edit access only?
Hi. very helpful ! Now, I am trying to copy a library from one site to another site. I a quioet good except I need to READ the permissions applied one source folder with inheritance broken and reproduce these - using what you showed here - on the destination. Any hint on how I can list the users who can access (Moddify / Read) the folder ?
Good one Ben ..This is awesome..
Hi Ben, Thank you so much for sharing such a good content.
I am setting a edit permission to the person who have created the item and it is working fine ,but I had a doubt regarding the owner permission,will the owner of the list can see all the items ?
In my case owner is able to see the items created by him and also by others.
@@sovereignsp Thank you so much
Ben, Great video. Can a power automate be made that can reference a List of users then update a permissions group based on who is on the list, and when the list gets changed, like someone is removed it will automatically remove their permissions?
Hello Ben
You use numbers to give users full access or read only etc. Is there any code to revoke access to folder?
Hi Ben, thanks for the detailed video! It is really helpful! I tried to update permission of one of my SharePoint groups, however, the new permission is getting appended. It is not replacing the existing permission. Could you please tell me what has gone wrong, and what can I check?
Hi Soverign SP. Thanks for the video and a great explanation. I have a slightly different query. I have multiple individual folders with specific peoples names EG: Joe Blogs, Mary Jane etc. and i want to assign Joe to Joe's folder, Mary to Marys folder etc as I have over 200 of these instances. What would you suggest the best way is to do this thru Power Automate?
Hey Ben! I came across your very helpful video when looking for a way to change permissions for a SharePoint group across multiple sites. I have about 40 sites where a SP group is used on all those sites. Currently the group has Edit rights and I want to change to Contribute rights. The change is not specific to a list or library, but everywhere that SP group is used. I set the workflow to use a manual trigger. Using the HTTP Request, I was able to get the ID of the group (_api/web/sitegroups/getbyname('Group Name Members')), use a Parse JSON to extract the ID, and then finally use a second HTTP Request to Post the change (_api/web/roleassignments/addroleassignment(principalID=@{body('Parse_JSON')?['body']?['d']?['Id']},roledefid=1073741827), but am getting the error "web/roleassignments/addroleassignment(principalID=,roledefid=1073741827)" is not valid. In the error message, the principalID is blank. Do you have any recommendations?
Hi! Amazing video, this was very helpful for me, so thank you!
Just one question, at the "Get Principal ID" step, say that part of the list item is empty and it cannot return any value, is there a way to keep the Flow going? Is there any way to make an IF-statement, checking whether or not that particular field is empty and then making the appropriate action (whether to skip, or to set a variable)?
Hi Ben, great video but i've got a problem... If I use a single persons field, like creator of object, the flow works perfectly.
But I want to set permissions for a multiple persons field and get error like: "... 'The template language expression 'items('Apply_to_each_2')['type']' cannot be evaluated because property 'd' cannot be selected. Array elements can only be selected using an integer index."
How can I solve this?
What a timing... Was looking for this info today. Quick question, what if we have a custom permission level, how to find out the id for it?
Great job!
@@sovereignsp Yes I was able to find the ID of my custom Permission level. Thank you for the tip!
Hi there,
Watched your video regarding breaking the inheritance. And wanted to tell you it was really helpful to me. But i've a question regarding this. i wanted to know if it's possible to break the inheritance for owners too. For example: Owners have full control but I want their permissions to read only for a particular item in the list.
@@sovereignsp Thanks for the reply, Ben.
Is there a way to automate the "folder name" the file is being created within?
if the list row is over 5000 record can work all row?
Great Vid.
Can we apply the same flow for an SP-Library instead of a List?
If YES - I tried and it is throwing me an error :-(
If No - Can you explain/make a video/refer to a source where it has been explained?
@@sovereignsp Hi. I am having the same problem. I tried changing all that has 'list' to 'library' and it's not working as well. It's throwing 'Cannot find resource for the request library.' error.
And If I follow your instructions in the video it's throwing 'BadGateway' error.
Thank you!
Hello Ben, thank you so much for the video! It is very helpful. Quick question. How do we set permission for Group and Created by together?
@@sovereignsp Thank you Ben.
how did you get the action name?
Hello, have you tried changer flow which changes all users of the file from Edit to View permissions? It seems to work way from View to Edit but doesnt do ANYTHING from edit to view. And Powerautomate doesnt write an error it grants the View permission in the flow...
Any ideas? I tried Stop sharing in the loop, but we have many persons on one file and then the loop doesnt work for this case.
Hi, that's a nice explanation about setting permission through flow.
Thank you.
I have a question, related to PrincipalID, when I am trying to put body('Send_an_HTTP_request_to_SharePoint_2')?['d']['id'] in the expression and click OK, it says Expression is Invalid, also would like to know what is d and id in this.
@@sovereignsp Thankyou so much for beautiful explanation.. and you are correct flow sometimes behave wierd.. after couple of try.. it worked and worked beautifully.. Now I am trying to send email to multiple person at once.. trying to figure out how to get data from people picker in powerapps when selected three names in the same people picker
Hi Ben, great video. I have tried this and it works 100%. But is there a way to add multiple groups ?
@@sovereignsp Thanks for taking the time to respond. I have found a way in flow when i add multiple groups or users in a column, and the flow runs successfully. The issue now is when someone removes one user or group, i need the flow to run and remove the user and only set permissions for the items that are in the column and its owner. Hope this makes sense.
I have the exact same workflow in SharePoint Designer, which is a 2010 workflow. I just figured to try and do it in flow because its a bit more modern.
And thank you so much yet again .This video help me a lot.
@@wadevollmer428 How did you do that Wade? We have a similar problem, a list where education participants (and their boss) should be the only ones that have the edit permission, the rest of the company should have read permission...
Hi Ben, great video, Thanks! I was looking for item level permissions, this video mostly solved my requrement. Please let me know, how to achieve this functionality for multiple users/groups (i.e. assigning permissions to multiple user groups)?
@@sovereignsp Thanks for the detailed explanation. I got it, for now we have to send multiple HTTP request. I wish, in future some new action(s) in power flow supports our requirement :)
Hi ben, i had a sharepoint 2010 WF but know they will remove this one, in the WF i change the permissions if the Item was approved so they cant edit the item, can we do that with this PA or SPWF2013 thanks for your help
Hi Ben! The video is great as we are trying to look for solutions to change permission on SharePoint items. Does it work for site pages inside a subsite's sitepage library? As we preliminary tried and it returned a status 400.
_api/lists/getByTitle('Site Pages')/items(ID)/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)
also we have tried a couple of field other than "ID", like "filename with extension", it did not work either.
What we are trying to do is that first of all a group of users are allowed to create a sitepage (with "Contribute" right) in that sub-site, once a sitepage is created, a flow will be triggered to break the inheritance of the sitepage's permission, change permission of that group of users with "READ", then further add the author of that sitepage with "Contribute" right. hm....
Awesome video! Thanks for sharing!
Thanks, bro your video helps me a lot if somebody needs permission to break into SharePoint using Power Automate I send this video link
Does this work with o365 security groups? or just groups created in your sharepoint environment
It should just work with the groups created in your SharePoint environment, good question!
Do you have a guide on applying a "user group" for sharing purposes on a
flow? If so, how can we initiate this process from start to finish?
@@sovereignsp Thanks so much for the feedback Ben. I believe I found what I was lookin for...how to add a "SharePoint list as a co-owner" to flow. I'm surprised that there aren't too many tutorials about this on TH-cam. Maybe because its super easy :) Thanks again!
Hi Ben, thanks for the walk through. I'm having the same issue as Henrique, in that I understand that if the trigger is an item insertion you can get the ID from that actions, but I want to set permission for the whole List, not an Item, so I don't think I have a trigger. Can you tell how to get the ID of the List, rather than the Item? Thanks.
@@sovereignsp Thanks, Ben! I have a PowerApps app which hits 6 lists, so every time I add a user, I think I have to grant permissions for him/her 6 separate times... 7 if you count the app... and if I have 10 new users... ugh! I want to automate this!
thanks. In order to assign the View Only role, I put 'role:1073741924' including 'role:' in the input box , and It worked. regards...
Awesome! Thank you for the help.
I'm getting an error "Bad Gateway , status code 502, message: "Group cannot be found"...
@@sovereignsp thanks , I was able to resolve it.
Hello Ben, Thanks for this video , I was looking for something very similar . I tried to follow your instructions and could achieve 95% of it.
my scenario is .
> I am breaking the inheritance and then adding the " group" for the shared access to a SharePoint library.
> After the flow runs, I could see the group in the permissions list[which is perfect], but along with that I see my Name as well in the list
[I do not want to see my name in the list]
Below are the details
Break inheritance :
_api/lists/getByTitle('Test Library')/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)
Principle ID :
_api/web/SiteGroups/getbyname('000-TEST BATCH Owners')
Set permissions
_api/lists/getByTitle('Test Library')/roleassignments/addroleassignment(principalid=@{variables('VarGroupNameID')},roledefid=1073741829)
What am I doing wrong?
Hi, great video - is it possible to add someone to the site collection admin list using the same method (or any other method for that matter!), thanks.
@@sovereignsp Thanks for looking and replying, much appreciated.
Hi buddy.... Here I having one question
we want to remove unique permission for a item using ms flow
Is it possible? Could you please guide me on this?
@@sovereignsp thanks for the response... It is possible to remove unique permission for the item via http request..
@@shyamjero3830 Hi, I am also looking for a way to remove a specific permission setting for an item. Could you let me know how you did it?
How to grant permission to doc library only... not to item or folder level
Good question! You’d have to add them to a security group that has access to the document library. I’m sure there are examples of how to do that somewhere :)
What if we want to add a Office 365 Group to have permissions?
@@sovereignsp ya i thought of that as well, but then the issue is when the users come and go from the group we'd have to routinely check.
Works perfectly! Thanks!