web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Granting Site Collecti...
Power Automate
Answered

Granting Site Collection Admin fails if account is not also a site admin

(0) ShareShare
ReportReport
Posted on by AbedK 6

Hello,

 

I created a Power Automate flow that grants a user site collection administrator access to a SharePoint site. This works only if the account running the flow is already a site collection administrator of the site. If it is not, then I get something like the following:

 

{
  "status"403,
  "message""Attempted to perform an unauthorized operation.\r\nclientRequestId: ...\r\nserviceRequestId: ...",
  "source"".../_api/web/ensureuser",
  "errors": [
    "-2147024891",
    "System.UnauthorizedAccessException"
  ]
}
 
It fails in the first 'Send an HTTP request to SharePoint' action.
 
AbedK_0-1712094378681.png

 

 Full flow:
 
AbedK_1-1712094407176.png

 

 

The account is a SharePoint Administrator and is able to grant access to sites, it is not an admin of, using PowerShell just fine. Why is it failing when trying to grant access in a flow?

 
 
Categories:
Building flows
I have the same question (0)
  • SudeepGhatakNZ Profile Picture
    SudeepGhatakNZ 14,396 Most Valuable Professional on at

    @AbedK ,

    Please verify that the account used to create the connection for this action is the Site Collection Administrator.

    SudeepGhatakNZ_0-1712103275624.png

     

  • AbedK Profile Picture
    AbedK 6 on at

    The account for the connection is not a site collection administrator. That is what I am trying to do. Grant site collection administrator access to a site which the account running the flow is not already a site collection administrator. 

  • Verified answer
    SudeepGhatakNZ Profile Picture
    SudeepGhatakNZ 14,396 Most Valuable Professional on at

    Powershell uses a separate API to achieve this. Either PnP or MOSP.

    If you like, you can run the PnP PowerShell  in an Azure Function and then trigger the azure Function from flow.

     

  • AbedK Profile Picture
    AbedK 6 on at

    Oh, I see. That's good to know. Thanks for the tip!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the April Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Vish WR Profile Picture

Vish WR 796

#2
Valantis Profile Picture

Valantis 671

#3
Haque Profile Picture

Haque 551

Last 30 days Overall leaderboard

Featured topics

Known issue with browser automation in Power Automate for Desktop on Google Chrome 146 and 147
Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans