Power Automate : Scrubbing SharePoint Permissions spotlessly Clean

Power Automate : Scrubbing SharePoint Permissions spotlessly Clean

Simplify Your large SharePoint Library Cleanup with Power Automate and REST API

Beatrisu fromhelu's photo
Beatrisu fromhelu
·

3 min read

If your SharePoint document library permissions have spiraled out of control and links to sensitive files are scattered like confetti at a parade, it’s time to unleash the power of Power Automate with REST API.

Understand the Challenge

Unique permissions in SharePoint are like those awkward office plants that seemed like a good idea but now require constant attention. When left unchecked, they multiply and create a tangled mess. Meanwhile, SharePoint sharing links can lead to data exposure if improperly managed.

Power Automate, combined with SharePoint’s REST API, can:

  • Identify items or folders with unique permissions.

  • Reset them to inherit permissions from their parent.

  • Delete sharing links to tighten security.

Additionally, this approach is particularly useful for large libraries with over 5000 items, where the SharePoint GUI may start acting weird and not allow you to perform these tasks manually. Automating the process ensures consistent results even when the user interface becomes unreliable.

Prerequisites

Before diving into automation, make sure you have:

  • Access to Power Automate: Licensed and ready to flow.

  • Permissions in SharePoint: Access to the site and permissions execute REST API calls.

  • REST API Basics: your best friend for this mission.

  • Bearer Token from Graph Explorer: To authenticate REST API calls with elevated permissions the quickest and laziest way.

Catch the token

To execute REST API calls with proper authentication, you’ll need a Bearer Token. Here’s how to obtain one using Microsoft Graph Explorer:

  1. Access Microsoft Graph Explorer:

  2. Sign In:

    • Use your Microsoft account to sign in. Ensure you have the necessary permissions for the SharePoint actions you plan to perform.

  3. Run a Sample Query:

    • Execute a simple GET request (e.g., /me) to ensure everything is working.

  4. Retrieve the Acess Token:

    • Copy the value—it will look something like eyJ0eXAi....

Note: Bearer Tokens are temporary and may expire after a certain period. Retrieve a fresh token as needed.

Setting Up the Flow

Time to get hands-on! Here’s how to create your Power Automate flow:

For our example, let’s go with a manual trigger so you can run the flow on demand.

Initialize a new variable to handle our bearer value.

Use the Get Files (Properties Only) to fetch items from your library.

To reinstate inheritance, call the SharePoint REST API using the Send an HTTP Request to SharePoint action

  • Method: POST

  • URI: /sites/{site-name}/_api/web/GetFileByServerRelativeUrl('{file-url}')/ListItemAllFields/resetroleinheritance

Replace {site-name} and {file-url} with your site and file details. This resets the permissions to match the parent library or folder.

Cleaning up large SharePoint document library doesn’t have to be a dreaded chore. With Power Automate and REST API, you can effortlessly restore order, protect sensitive information, and keep your SharePoint environment humming smoothly. No more late-night firefighting—just click Run Flow and let the magic happen!

SharePointpower-automateREST APILow Code
Â