web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate - Building Flows / Granting Site Collecti...
Power Automate - Building Flows
Answered

Granting Site Collection Admin fails if account is not also a site admin

(0) ShareShare
ReportReport
Posted on by AbedK 6

Hello,

 

I created a Power Automate flow that grants a user site collection administrator access to a SharePoint site. This works only if the account running the flow is already a site collection administrator of the site. If it is not, then I get something like the following:

 

{
  "status"403,
  "message""Attempted to perform an unauthorized operation.\r\nclientRequestId: ...\r\nserviceRequestId: ...",
  "source"".../_api/web/ensureuser",
  "errors": [
    "-2147024891",
    "System.UnauthorizedAccessException"
  ]
}
 
It fails in the first 'Send an HTTP request to SharePoint' action.
 
AbedK_0-1712094378681.png

 

 Full flow:
 
AbedK_1-1712094407176.png

 

 

The account is a SharePoint Administrator and is able to grant access to sites, it is not an admin of, using PowerShell just fine. Why is it failing when trying to grant access in a flow?

 
 
Categories:
Business Process Flows
I have the same question (0)
  • SudeepGhatakNZ Profile Picture
    SudeepGhatakNZ 14,381 Most Valuable Professional on at
    Re: Granting Site Collection Admin fails if account is not also a site admin

    @AbedK ,

    Please verify that the account used to create the connection for this action is the Site Collection Administrator.

    SudeepGhatakNZ_0-1712103275624.png

     

  • AbedK Profile Picture
    AbedK 6 on at
    Re: Granting Site Collection Admin fails if account is not also a site admin

    The account for the connection is not a site collection administrator. That is what I am trying to do. Grant site collection administrator access to a site which the account running the flow is not already a site collection administrator. 

  • Verified answer
    SudeepGhatakNZ Profile Picture
    SudeepGhatakNZ 14,381 Most Valuable Professional on at
    Re: Granting Site Collection Admin fails if account is not also a site admin

    Powershell uses a separate API to achieve this. Either PnP or MOSP.

    If you like, you can run the PnP PowerShell  in an Azure Function and then trigger the azure Function from flow.

     

  • AbedK Profile Picture
    AbedK 6 on at
    Re: Granting Site Collection Admin fails if account is not also a site admin

    Oh, I see. That's good to know. Thanks for the tip!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Chiara Carbone – Community Spotlight

We are honored to recognize Chiara Carbone as our Community Spotlight for November…

Congratulations to the October Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 659 Super User 2025 Season 2

#2
Tomac Profile Picture

Tomac 386 Moderator

#3
chiaraalina Profile Picture

chiaraalina 290

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Start and wait for an approval action

Product updates

Microsoft Power Platform Community release plans