Power Automate Exchange

Please login or click SIGN UP FOR FREE to create your FlowUG account to join this user group.
Expand all | Collapse all

Modify Flow Run-Only User to SharePoint List or Library (For a selected item)

  • 1.  Modify Flow Run-Only User to SharePoint List or Library (For a selected item)

    Top Contributor
    Posted Jul 22, 2021 05:27 PM

    I posed this to the Microsoft forum a few days ago but got no responses so trying here.

    Using the Modify Flow Run-Only Users action in Power Automate allows us to set run-only users in an automated process.

    I need to do this, but the user needs to be a specific SharePoint document library or list.

    If I use the action List Flow Run-Only Users on an existing flow with the the trigger For a selected item, the response looks like this:

        "body": {
            "value": [
                {
                    "name": "DELEGATED-8a87a010-xxxx-xxxx-6b7b-e7c1f3b391a4",
                    "id": "/providers/Microsoft.Flow/environments/Default-deae25e1-xxxx-xxx-884a-2696a67a60c5/flows/f7a3e163-76e8-xxxx-xxxx-62ba001b5b48/users/DELEGATED-8a87a010-3716-xxxx-xxxx-e7c1f3b391a4",
                    "type": "/providers/Microsoft.Flow/environments/flows/users",
                    "properties": {
                        "permissionType": "AuthorizationDelegate",
                        "authorizationDelegate": {
                            "accessDefinition": {
                                "sharePointBasePermissions": [
                                    {
                                        "high": 0,
                                        "low": 15
                                    }
                                ]
                            },
                            "delegationSource": {
                                "delegationService": "SharePoint",
                                "contractVersion": "2017-12-01"
                            },
                            "delegatedAuthResource": {
                                "resourceCollection": "https://xxxxxx.sharepoint.com/sites/xxxxxx_common",
                                "resourceId": "823acca3-xxxx-xxxx-980e-6467283ea7df"
                            }
                        }
                    }
                }
            ]
        }

     

    The Modify Run-Only Users action asks for only the id and type, without the properties object, which you can see above contains the delegatedAuthResource object that appears to specify the site URL and list/library ID.

    Also it's hard to pick where that GUID comes from in the id after /DELETGATED-xxx

    It looks like this run-only user perhaps needs to created first, then assigned to the flow using the Modify Flow Run-Only Users action but I can't find any guidance on the matter.

    Has anyone solved this before, and if so, how?

    I need to copy a templated flow as part of a process that stands up new SharePoint sites from a PnP template. It's all fairly straight forward to get the flow definition from the template, replace values in the definition such as the SharePoint trigger and action's site URL and list/library IDs, but assigning the run only permission to the relevant site/library after the flow has been created is not so straight forward. This looks like the way to do it, but perhaps there's another method. I'm open to suggestions!

    TIA
    Will.



    ------------------------------
    Will Page
    Technical consultant
    Christchurch, NZ
    ------------------------------


  • 2.  RE: Modify Flow Run-Only User to SharePoint List or Library (For a selected item)

    Top Contributor
    Posted Jul 23, 2021 06:49 AM
    Edited by Sam Duval Jul 23, 2021 06:50 AM