Introducing "custom permissions" within Office 365 Update Item Permissions

1 0 2,110

You've asked, and we listened!


Introducing Office 365 update item permissions custom permissions:


What’s new

This workflow action has been upgraded to support the ability to use custom SharePoint permissions when setting list item permissions.


What's all the big hype about:

Since the beginning of times, Nintex for SharePoint on premises, has always had a connector for Set item permission. However, when we launched Nintex for SharePoint O365, the Office 365 update item permissions action was limited to support default permission levels only. Many customers and partners took to the to provide their feedback and demand for more from this action:


Now introducing the ability to use custom SharePoint permissions :)


When would I use the Office 365 Update Item Permissions:

Whether you are looking to implement user permissions sox controls or even governance for user access integrity, this action can help serve as a way to achieve this component of Process Excellence.


For example, suppose I am a Chief Financial Officer and getting ready to roll out a new global process for Corporate Charity Giving, and want to allow employees to have contribute access, however once a request is submitted users access should be changed to read only. How would I accomplish this? Well, you are in luck, this step by step scenario will help walk you through it.


Nintex Form: Corporate Charity Giving Request

1. Design your form- For this form, I used the Nintex "New Responsive Form Designer "AVAILABLE NOW :)

IMPORTANT NOTE: Set the permissions at the child or parent level for users to have contribute access to this list to access the form. To ensure that permissions are set accordingly, click on list settings, and then Permissions for this list. Ensure that if inheriting permissions from the parent, nothing less than contribute access is available. If the parent access is less than contribute (read, edit, view only as examples), select "Stop Inheriting Permissions" so that you can set the correct permissions.



Nintex Workflow:

  1. Open Nintex Workflow
  2. Search for the workflow action "Office 365 update item permissions" and drag unto the design canvas:


nb3.png3. Configuration Process:

*  Destination site URL- URL of the destination site containing the items to be updated

*  Connection- You will need to set up a connection to update item permissions (OAuth2). Enter the Connection name and SharePoint Online Tenant URL (Both are required)

*  List name- Name of the list or document library containing the items to be updated

* Items to update- Query to determine which items are to be updated.  Includes filters and options to update folders and items within subfolders.

* Inherit permissions from parent- When enabled, links the item permission to the parent permission set (the permissions used in the library or list that contains the item). Inheriting permissions does not apply any other permission settings.

* Remove existing permissions-

           When enabled, clears permissions currently set on the item before adding the new permissions. If the item permission currently links to the parent permission set (the permissions used in the library or list that contains the item), disabling (clearing) this option causes the inherited permissions to be copied to the items.

* Target-

Type of user for permission update. Select one of the following items.

User- Does not support external users


* Custom permission- Custom SharePoint permission level for the item. The custom permission level selected will override the selection made in the permission field. New permission levels can be created in SharePoint. To learn more, see How to create and edit permission levels. For this example, I created a new permissions called Custom Level, with Read access based on instructions outlined in the link above:



Once the workflow action has been fully configured, it should look like this:


Recap:  User start off with Contribute access to the Corporate Charity Giving Request list item. However, with the Custom permissions action of "Custom Level" their access changes to Read access. This will mitigate the risk of any data integrity being jeopardized.


I hope that you found this blog helpful and insightful!


Should you have any questions, feel free to connect with me:

Twitter: Wknowles22




See you next time! :)