This Power Automate blog post will show how to use Power Automate and SharePoint REST API to turn off folder permissions inheritance and remove user or group permission from a SharePoint folder.
Sometimes, when working with SharePoint folders and setting permissions, we need to disable permissions inheritance from the actual SharePoint team site.
SharePoint team sites get their permissions from their Microsoft 365 group, which, by default, has the following three groups.
- Owners
- Members
- Visitors
By default and out of the box, the SharePoint Power Atomate connector doesn’t have a task that turns off permissions inheritance. To overcome this limitation, we must use the SharePoint REST API service using the Power Automate task – Send an HTTP Request to SharePoint.
Disable SharePoint Folder Permissions Inheritance Using Power Automate
To turn off inheritance, I have the following PO step.
Item | Value |
---|---|
Task name | Send an HTTP request to SharePoint |
Method | Post |
URI | _api/web/GetFolderByServerRelativeUrl('Shared%20Documents/@{body('Create_new_folder')?['Title']}')/ListItemAllFields/breakroleinheritance(copyRoleAssignments=true,clearSubscopes=true) |
Note: In the above URI, I use parameters from the previous task to ensure you understand and update the code.
The screenshot below shows the task.
Remove Group Permission from a SharePoint Folder
As an optional step, and you might need it, the following code will remove access to a group from the folder. You might need this code because when disabling inheritance, the access is not removed.
To add this code, create another Send an HTTP request to SharePoint with the same setting as above and use the following URI. Just make sure you set the folder path and group name.
_api/web/GetFolderByServerRelativeUrl('Shared%20Documents/@{body('Create_new_folder')?['Title']}')/ListItemAllFields/RoleAssignments/groups/RemoveByLoginName('Group Name')