For Previous Article, Assigning Azure RBAC Roles using PowerApps and Flow – Part 5
5. Creating An Approval Flow
So far, we have created SharePoint list, PowerApps, Flows and Registered an Application. Able to get user’s information and submit for the approval. Now it has to be submitted for approval to process the roles assignment.
Click on New
Click on Create from template
Select SharePoint– Start approval when a new item is added
Click on Continue
Paste the SharePoint site URL and List Name and enter the details as follows for start an Approval
Below the when a new item is created action– Click on (+)
Click on add an action
Add An Action Item Initialize variable
Enter the TenantID–Select Type:String–Enter the value of the DirectoryID
as like above, Parse Client ID, Client Secret Key as well
Now, for Yes Branch of the approval process,
Select Update item and select SharePoint name and list name
Select ID for Title, Enter the text for Status: Approved
Click on Add an action and Select HTTP
Enter the details as follows,
Method: POST
URI: https://login.microsoft.com/TENANTID/oauth2/v2.0/token
Headers : Content-Type with application/x-www-form-urlencoded.
Body:
client_id=APPLICATIONID&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default &client_secret=APPLICATIONPASSWORD &grant_type=client_credentials
Save the flow and Click on Test to get the json token for the access token
Select the Body and copy the text
Add an action –> Parse JSON
Content : Select Body from HTTP
Click on User sample Payload to generate schema
Paste the body copied earlier and click on Done
Click on add an action
Select Get User
Select Email Address
Add another HTTP, Name it has Assigning Role-HTTP and enter the below details
Method: POST
URI: https://graph.microsoft.com/v1.0/directoryRoles/{id}/members/$ref
Headers:
Authorization — bearer access_token
Content-type: application/json
Body:
{
“@@odata.id”: “https://graph.microsoft.com/v1.0/directoryObjects/ee8e1f6e-281d-4203-b58b-a5fed968b9cd“
}
Add an action — Select Send an email (V2) and enter the details as follows
Add another action — Select SharePoint –>Update item and enter the details of the SharePoint Site URL and List Name
Enter the test of Status: Completed
Now, Yes Branch is completely defined. Let’s define for If No Branch, Add an Action
Select Send an Email(V2) and enter the details as follows,
Add another action — Select SharePoint –>Update item and enter the details of the SharePoint Site URL and List Name
Enter the test of Status: : Rejected
Now Approval process is completely defined and ready to Test
For Next Article, Assigning Azure RBAC Roles using PowerApps and Flow – Part 7