Do you want to add a user to a SharePoint group from your flow?
Most security and permission provisioning for your Microsoft 365 tenant will be done with Microsoft 365 groups, and there is a dedicated Power Automate connector for this.
But your organization may still be using SharePoint groups for certain permission granting scenarios. Unfortunately, there is no action in the SharePoint connector for adding a user to a SharePoint group.
This can still be achieved in your flows. This post will show you how to use the SharePoint HTTP action to grant access to a SharePoint group.
Get the SharePoint Group ID
The first thing you will need to know is the SharePoint group ID for the group to which you are going to add users.
This is a sequential numerical value much like the ID automatically generated for list and library items.
_layouts/15/groups.aspx
You can find this ID in the URL for the group and you can get to a list of all your groups by appending the above to your site URL.
This will take you to a list of all your groups and you can click on one to see the group ID in the URL.
This number will be needed for the HTTP request that will add the user.
SharePoint HTTP Request to Add a User to a Group
Now that you have the group ID, you can add a SharePoint HTTP request action to the flow.
- Add the Send an HTTP request to SharePoint action to your flow.
- Select the Site Address that contains the group from the dropdown list.
- Select the POST type Method for the request.
_api/web/sitegroups(48)/users
- Add the above Uri where the number in parentheses corresponds to your SharePoint group.
{
"Accept": "application/json;odata=verbose",
"Content-Type": "application/json;odata=verbose"
}
- Add the above Headers to the action. You can add this as JSON by clicking on the Switch Headers to text mode button to the right of the input fields.
{
"__metadata": {
"type": "SP.User"
},
"LoginName": "i:0#.f|membership|youremail@yoursite.com"
}
- Add the above to the Body of the action where
youremail@yoursite.com
is replaced with the user’s email or dynamic content referencing the user’s email to add to the group.
When this action runs, it will add the user to the SharePoint site!
Conclusions
Adding a user to a SharePoint group is possible in Power Automate even though there is no dedicated action for this.
You can use the Send an HTTP request to SharePoint action to add a user to the group. All you will need to know is the group ID and the email address of the user.
I hope this helps you with your flow to add users to a SharePoint group!
Hello John,
when I run the flow started from my account it works like a charm.
If the flow is called by another user I get the following error:
“Attempted to perform an unauthorized operation.”.
I assume this happens because O365 knows that the trigger came from an user who does not have the rights for adding to the specific group.
Do you have an suggestions?
Kind regards
Joseph
Yes, the user would require the correct permissions.
However I would like to user to be added to the SP list automatically ? How do we achieve this ?
Depends on what automatically means for you? Automatically when… the user is created in AAD, when a form is submitted, when a user is added to a group, when a user joins a Team, etc.
But adding user access to a list just means adding them to the group that controls the list.
This is great because you don’t need to know the GUID for the group. But what happens if the user is already in the group? Will the flow fail or will it continue processing additional commands?
Do you need to (and are you able to) determine if they are already a group member without the GUID?
It will run without error when the user is already a member of the group.
You can test member ship by listing the members of the group.
Hi, thanks for the great article. I’m getting a “401 UNAUTHORIZED” error when testing the flow.
I definitely have the rights to add members to the group as I’m usually the one manually adding people.
Are there any obvious things to check in this scenario?
Thanks for your help,
Tbh, I’m not sure. Try asking in the Power Automate forum.
Is it possibile to remove a user from a specific group like this way (with ID of group and email of the user)?
Thanks for your help