Skip to main content

Notifications

Community site session details

Community site session details

Session Id : z2e89gVtvwfRZaqLN87iWw
Power Automate - Using Flows
Answered

Access Denied for some Users in Sharepoint HTTP API

Like (0) ShareShare
ReportReport
Posted on 10 Aug 2023 13:52:19 by 44

We use the Sharepoint HTTP API to query users and groups via Flow. I know that the users need read-permissions on the site to query users and groups.

 

There are 2 Flows that are called from a canvas app:

 

1 loads the User from Sharepoint and then the groups of that user with these 2 URLS

 _api/web/siteusers?$filter=EMAIL

_api/web/getuserbyid(USERID)/Groups

 

This flow runs successfully for all users. So apparently they have the correct permissions to access the users and groups, in general.

 

a 2nd Flow then loads other data including all SP-Groups and then for each of those groups all users with these 2 URLs

_api/web/sitegroups

_api/Web/SiteGroups/GetById(GROUPID)/Users

 

For my DEV-  and TEST-Users and also for many others this flow works as well, so I don't think that there is anything wrong with the configuration.

 

But for some Users the last call fails. So loading the sitegroups is successfull, only loading the users of a group fails. 

 

The error is 403 with this text:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
clientRequestId: f5723cba-2bd0-4465-a7b5-95489ae75d11
serviceRequestId: 3ccccea0-1050-7000-0f5e-1640cd23c341

 

I can't explain this. Can anybody help?

  • philippschaefer Profile Picture
    44 on 10 Aug 2023 at 14:15:16
    Re: Access Denied for some Users in Sharepoint HTTP API

    That was exactly it! Thanks for the quick help. Who needs language models.

  • Verified answer
    Pstork1 Profile Picture
    66,091 Most Valuable Professional on 10 Aug 2023 at 13:58:48
    Re: Access Denied for some Users in Sharepoint HTTP API

    Check the configuration of the SharePoint groups.  When you create an SP Group the default setting is that only group members can see the membership.  That can be changed to everyone.  I suspect the groups that are failing are groups that are set to group membership and the users involved aren't members.

    image.png

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Understanding Microsoft Agents - Introductory Session

Confused about how agents work across the Microsoft ecosystem? Register today!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,745 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 66,091 Most Valuable Professional

Leaderboard

Featured topics

Restore a deleted flow
Loading started