Skip to main content

Power Automate has multiple actions to break and assign permissions for SharePoint list items.

An action to assign list item permissions to a SharePoint Group is not available at this moment.

Removing item permissions

To remove list item permissions, you only need to fill in the site address, list/library name and the ID. This action removes all kinds of permissions for an item for which you specify the ID.

Setting item permissions

Setting permissions for a list item or library file is also easy to do if you just want to assign permissions to:

  • A normal user
  • A M365 group
  • A mail enabled security group

Should you be interested in all types of groups, I have written an article about all kinds of M365 groups and if they can be nested or not.

Setting item permissions for a SharePoint Group

In this article, we will focus on assigning item level permissions to a SharePoint group.

To achieve this, we have to use the SharePoint REST API from Power Automate.

Add a “Send a HTTP request to SharePoint” action to your flow. Configure it as below.

  • Site Address: Select for which you want to set item permissions
  • Method: POST
  • Uri: Write the name of your list in the getbytitle(”) part
  • Uri: Add the list item ID, or a dynamic reference to it as I did, between the items() parentheses
  • Uri: Set the principalid of your SharePoint group in the principalid=” part

To know the principalid of a SharePoint group, go to “Settings” and click “Site permissions”.

Click “Advanced permissions settings”:

Click on one of the SharePoint groups and copy the principalid from the URL.

  • Uri: Set the roleDefId parameter to one of the roles below:
Role Definition NameRole Definition Id
Full Control1073741829
View Only1073741924
Limited Access1073741825

After configuring everything and running the flow, you will see that the item is shared with a SharePoint group.

Handling errors

In some cases you will get the error below, you can try to add “Stop sharing an item or file” before the “Send a HTTP request to SharePoint” action.

This operation is not allowed on an object that inherits permissions.
clientRequestId: baccf21a-246b-4d3c-b69f-310f5197a186
serviceRequestId: 9edc889f-e0ab-2000-3c89-c30ec084be80

Assign item permissions to SharePoint Groups for all items in a list/library

Sometimes you need to assign item level permissions for all your list items or files. Add a SharePoint “Get items” action followed by a for each loop with your HTTP call in it:

Working with large lists

In case you have a large list or library, make sure to enable the “Pagination” setting and to increase the threshold:

In this article we learned:

  • How to assign item permissions to SharePoint groups
  • What to do in case you get the “This operation is not allowed on an object that inherits permissions” error
  • How to assign item permissions to a SharePoint group for all your list items
  • How to work with large lists and a higher amount of items


  • Jon says:

    hi. Will this work on Document library?
    The expression “web/lists/getbytitle(‘Shared Documents’)/items(14)/roleassignments/addroleassignment(principalid=’87’,1073741826)” is not valid.
    ‘Documents’ as the list name is not valid too.

Leave a Reply