Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities - Lets Get Started!
Announcing new navigation menus and the Engage with the Community forum!
News and Announcements icon
Community site session details
Power Platform Community / Forums / Power Automate - Building Flows / Problem set sharepoint...
Power Automate - Building Flows
Answered

Problem set sharepoint list permission with API roleassignment (user assigment, not group)

Like (2) ShareShare
ReportReport
Posted on 11 Aug 2024 10:14:28 by SP-09081330-0 15
Hallo, it's second day without solution :( .... helppp !

My need is grant access to a list in my sharepoint 365 space for users not always registered in my site. So the idea is a list where I insert their name ( as users() of a sharepoint list ) and an automation  (triggered by insert) set custom grant with the desired role in the list. I followed this article: https://community.powerplatform.com/blogs/post/?postid=9d3d2a51-71ee-4ca5-9de7-122804a65770 that primary says to break inheritance and later set permission into the list.
More this I see that if the user never access to the site, can be a problem retrive the principalID, so I found this:
POST http://<sitecollection>/<site>/_api/web/ensureUser(logonName)
in order to set the principalID even i f the user never access on my site.
So the flow is like this:
0. trigger new row in the user list
1. retrive new user principal ID by ensureUser
2. break inheritance
3. set user grant with role on the list

The first part, trigger to start job, retrive user info and break inheritance seems work fine, the problem @ #3  when I launch the http request, the flow stops with error:
Value does not fall within the expected range. clientRequestId: 09448e45-dfac-4433-bbe2-a1f235d33558 serviceRequestId: 25b644a1-f045-9000-866e-04efeacf0a60
 
Here the log:
 
{
"dataset": "https://enelcom.sharepoint.com/sites/COLLAUDO",
"parameters/method": "POST",
"parameters/uri": "_api/lists/getByTitle('target list')/roleassignments/addroleassignment(principalid=26,roledefid=1073741827)"
}
 
{
"status": 400,
"message": "Value does not fall within the expected range.\r\nclientRequestId: 09448e45-dfac-4433-bbe2-a1f235d33558\r\nserviceRequestId: 25b644a1-f045-9000-866e-04efeacf0a60",
"source": "https://enelcom.sharepoint.com/sites/COLLAUDO/_api/lists/getByTitle('target%20list')/roleassignments/addroleassignment(principalid=26,roledefid=1073741827)",
"errors": [
"-2147024809",
"System.ArgumentException"
]
}
 
Any idea or suggestion?

Thanks!

Stefano
Categories:
Business Process Flows
  • Verified answer
    SP-09081330-0 Profile Picture
    SP-09081330-0 15 on 22 Aug 2024 at 13:28:20
    Problem set sharepoint list permission with API roleassignment (user assigment, not group)
    Hallo problem solved!

    The main problem was about CTRL+C CTRL-V that I used to write the code.
    As wrote by @Niven here there is a good article:
    https://www.c-sharpcorner.com/blogs/microsoft-flow-assign-unique-permission-to-current-list-item-using-rest-api
     
    but the code here:
     
     
    they use this [‘Id’] instead of this ['Id'] so the code crash !
     
     
    Now everything works fine :)
     
  • SP-09081330-0 Profile Picture
    SP-09081330-0 15 on 11 Aug 2024 at 15:40:20
    Problem set sharepoint list permission with API roleassignment (user assigment, not group)
    Hallo Nived, thanks for your reply, yes I also read your article and this also too:
    https://www.c-sharpcorner.com/blogs/microsoft-flow-assign-unique-permission-to-current-list-item-using-rest-api
    ​​​​​​​
    I tried with variable without success, I tried also to:
    -  write parentId and/or role directly in the code
    - with/without  ''
     
    Nothing... not works  ...... really can't understand :(
     
     
  • Suggested answer
    Nived_Nambiar Profile Picture
    Nived_Nambiar 17,659 Super User 2025 Season 1 on 11 Aug 2024 at 12:18:11
    Problem set sharepoint list permission with API roleassignment (user assigment, not group)
    Hi,
     
    the error seems to have occured from api params- so could you check whether values/parameters needs to be passed as string values ?
     
    principalid, roledefid
     
     
    Just a guess, but give a try as API seems to be correct only as what i seen from an article as well.
     
    Thanks & Regards,
    Nived N 
    LinkedIn: Nived N's LinkedIn
    YouTube: Nived N's YouTube Channel
    Blog: Nived Nambiar's Blogs
     Found my answer helpful? Please consider marking it as the solution!
     Your appreciation keeps me motivated. Thank you!
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities - Lets Get Started!
Announcing new navigation menus and the Engage with the Community forum!

Quick Links

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Congratulations to all our community participants!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Leaderboard > Power Automate - Building Flows

#1
David_MA Profile Picture

David_MA 385 Super User 2025 Season 1

#2
stampcoin Profile Picture

stampcoin 318

#3
Michael E. Gernaey Profile Picture

Michael E. Gernaey 310 Super User 2025 Season 1

Overall leaderboard

Featured topics

Start and wait for an approval action

Product updates

Microsoft Power Platform Community release plans