How to manage permissions on a SharePoint List Item using Microsoft Flow – changing Item permissions

As part of a project I needed to change the permission on an item just after it is created to only be visible to people based on column values in the item. The building the flow included lots of topics from using REST api, extracting information from a previous step and separating my flow into re-usable parts. This is Part 1 of the series.

In this post we will create a flow that will break inheritance permission on an item when it created. It will use SharePoint REST api and a HTTP request.

Part 1 – Flow to Break Inheritance

This walk through is based off a custom list. For part 1 it needs no extra columns.

1. Create a new flow from blank and add the trigger When a new item is created. Add in your site name and list name from the drop downs.
   
2. Next initialise variables to save the Site Address and List Name used in the trigger. This saves you typing them again later.
   
3. Next we need to build the URI string needed for the REST call. I create this as a variable so it’s easier to explain and debug later. The command that is needed can be found either on the Microsoft Set Custom permissions or Serge Luca’s blog, links are at the bottom of this post.

   The command to break inheritance on item 1 in a list called My List is:

   _api/lists/getByTitle('MyList')/items(1)/breakroleinheritance(copyRoleAssignments=false,clearSubscopes=true)

   So we initialise a variable URI-String inserting in the ListName and ID from the trigger.
   

4. The final step for breaking inheritance is to Send the HTTP Request to SharePoint. The site address you have saved, the method is Post and we already have the URI-String.
   
5. Save and create a new item in the list. Then look at the permissions for the new item and you will see it has unique permissions and you have full control.
   The next post in this series will be to add Contribute permission for one person to the item.

Resources

As always we all learn from each other and I am grateful to the resources provided online. Here are the ones that helped me create this series.

• Microsoft Set custom permissions on a list by using the REST interface
• Microsoft Users, groups, and roles REST API reference
• Serge Luca – HOW TO USE THE SHAREPOINT REST API IN FLOW

“How to manage permissions on a SharePoint List Item using Microsoft Flow! – Series Navigator:

• 1) How to change List Item permissions
• 2) How to add Contribute permission
• 3) How to split a Flow into reusable parts
• 4) How to set named Permission Levels
• 5) Getting responses from called Flows