Assigning Azure RBAC Roles using PowerApps and Flow – Part 6

For Previous Article, Assigning Azure RBAC Roles using PowerApps and Flow – Part 5

5. Creating An Approval Flow

So far, we have created SharePoint list, PowerApps, Flows and Registered an Application. Able to get user’s information and submit for the approval. Now it has to be submitted for approval to process the roles assignment.

Click on New

Click on Create from template

Select SharePoint– Start approval when a new item is added

Click on Continue

Paste the SharePoint site URL and List Name and enter the details as follows for start an Approval

Below the when a new item is created action– Click on (+)

Click on add an action

Add An Action Item Initialize variable

Enter the TenantID–Select Type:String–Enter the value of the DirectoryID

as like above, Parse Client ID, Client Secret Key as well

Now, for Yes Branch of the approval process,

Select Update item and select SharePoint name and list name

Select ID for Title, Enter the text for Status: Approved

Click on Add an action and Select HTTP

Enter the details as follows,

Method: POST

URI: https://login.microsoft.com/TENANTID/oauth2/v2.0/token

Headers : Content-Type with application/x-www-form-urlencoded.

Body:

client_id=APPLICATIONID&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default &client_secret=APPLICATIONPASSWORD &grant_type=client_credentials

Save the flow and Click on Test to get the json token for the access token

Select the Body and copy the text

Add an action –> Parse JSON

Content  : Select Body from HTTP

Click on User sample Payload to generate schema

Paste the body copied earlier  and click on Done

Click on add an action

Select Get User

Select Email Address

Add another HTTP, Name it has Assigning  Role-HTTP and enter the below details

Method: POST

URI: https://graph.microsoft.com/v1.0/directoryRoles/{id}/members/$ref

Headers:

Authorization  — bearer access_token

Content-type: application/json

Body:

{

  “@@odata.id”: “https://graph.microsoft.com/v1.0/directoryObjects/ee8e1f6e-281d-4203-b58b-a5fed968b9cd

}

Add an action — Select Send an email (V2) and enter the details as follows

Add another action — Select SharePoint –>Update item and enter the details of the SharePoint Site URL and List Name

Enter the test of Status: Completed

Now, Yes Branch is completely defined. Let’s define for If No Branch, Add an Action

Select Send an Email(V2) and enter the details as follows,

Add another action — Select SharePoint –>Update item and enter the details of the SharePoint Site URL and List Name

Enter the test of Status: : Rejected

Now Approval process is completely defined and ready to Test

For Next Article, Assigning Azure RBAC Roles using PowerApps and Flow – Part 7