web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Sharepoint Permission ...
Power Apps
Unanswered

Sharepoint Permission Level for PowerApp with PowerAutomate Flow

(0) ShareShare
ReportReport
Posted on by lk777 124

I have posted this my question initially on Microsoft Tech community and but it seems that this community is more active.

 

I have created a Security group for the users in the organization who mostly will be utilizing PowerApps.

Now I am trying to figure out what a  minimum Sharepoint permission level is to be applied to document libraries and lists in Sharepoint.

PowerApp is using flows which create/delete files and folders in Sharepoint libraries, items in lists. Within an application users can open files (link to the file is provided by a flow).

Created an 'Edit_Limited' permission level.

When a user opens Sharepoint document library directly (for the test purposes only), he can create/open/delete folders/files with the permission level lower than it is necessary from within PowerApp/Flow.

 

Why does PowerApp/Flow combination require rights elevation? It requires the Site Permissions/Manage Permissions to be selected, though for the direct access (SharePoint) it is not necessary.

 

This is a permission level which works with PowerApp :

 

PowerApp-SP-PermissionLevel-1.jpgPowerApp-SP-PermissionLevel-2.jpg

 

 

With 'Manage Permissions' unselected it works for the direct Sharepoint access.

I need an absolute minimum Sharepoint permission level for this group of users.

 

Thanks in advance.

 

Categories:
Building Power Apps
I have the same question (0)
  • Pstork1 Profile Picture
    Pstork1 68,697 Most Valuable Professional on at

    I believe you are mistaken or are doing something very specific that requires that permission.  Power Apps is most frequently used with lists/libraries that are created on Modern sites.  Modern Sites are secured using an Office 365 group where Members are provided with the standard Edit permission level.  If you look at Edit you will see that it does not include the manage Permissions permission.  Almost all my Power Apps are shared with users who only have Edit permission to the site and the list.  But they all work just fine.

     

    Are you doing any custom http REST calls?  That might be one reason you need Manage Permissions permission.  Some of those calls need elevated permissions.  

     

    Power Apps only requires that users have permissions required to interact with the data source.  If you are creating a read only app you can get away with everything down to Read Only permissions. Power Apps doesn't require any elevation of permissions.

  • lk777 Profile Picture
    lk777 124 on at

    Hi @Pstork1 ,

     

    I have unchecked 'Manage Lists' in my custom Edit_Limited permission level.

    My goal is to limit users' rights to the lists and libraries which are used by the Power App/Flow.

     

    I would even prefer not to give users any direct access to the those Sharepoint libraries/lists.

     

    My question is why direct access to the Sharepoint lists/libraries and Flow require different set of permissions. Once again, when I use direct access it works with the unchecked 'Manage Permissions' permission and not via Flow.

     

  • Pstork1 Profile Picture
    Pstork1 68,697 Most Valuable Professional on at

    There has to be something you are doing in the Power App or flow that requires the manage permission permission.  Are you breaking inheritance and setting specific permissions on items in the list?  That would require that level of permission. But just editing items does not.  Can you provide a screenshot of your flow?  I'll try to identify what is requiring the additional permission.

  • lk777 Profile Picture
    lk777 124 on at

    Yes, I am breaking inheritance.

     

    My flow:

     

    Flow_1.jpg

    {
 "type": "array",
 "items": {
 "type": "object",
 "properties": {
 "DOS": {
 "type": "string"
 },
 "Doc": {
 "type": "string"
 },
 "FileBody": {
 "type": "string"
 },
 "FileNameDoc": {
 "type": "string"
 }
 },
 "required": [
 "DOS",
 "Doc",
 "FileBody",
 "FileNameDoc"
 ]
 }
}

    Flow_2.jpgFlow_3.jpg

  • Verified answer
    Pstork1 Profile Picture
    Pstork1 68,697 Most Valuable Professional on at

    I suspect its the create sharing link action that is causing the problem.  You should be able to do that if the user's running the Power App/flow are members of the members group.  If they are not members of that Office 365 group, which automatically has Edit permission then they would need manage permission permission to create a sharing link.

  • lk777 Profile Picture
    lk777 124 on at

    Perfect!

    I have replaced 'Create sharing link for a file or folder' with https://..../sites/MySite/Path and my limited edit is working now.

     

    @Pstork1, thank you so much.

  • lk777 Profile Picture
    lk777 124 on at

    For some reason https://..../sites/MySite/Path  doesn't work in a mobile application (Android) but it works in a desktop application.

     

    When I click on the button/ OnSelect - Launch(ThisItem.Link) nothing is happening in a mobile app but it opens file in a desktop app.

    So the only solution that works for my setup is to use  Sharepoint/Get file properties - Link to item in a flow. It works in both mobile and desktop apps. What is interesting is that when I was using Create Sharing Link clicking on the button opened pdf file in a viewer, but when I am using Get file properties - Link it downloads a file in a mobile app.

     

    I am a bit confused with all this stuff.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 793 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 333 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans