Accessing SharePoint modern page Likes & Comments using Power Automate

In a SharePoint modern page, you as an author would be able to turn on or turn off comments while creating a page. Everyone with minimum Read access on a SharePoint site would be able to Post, Like, reply to a comment at a single level, @mention a person while commenting in a SharePoint page.

When someone comments on a page or news post, SharePoint notifies the author or the person mentioned in the header of the page via an email. The SharePoint mobile app also alerts the author whenever a comment is made. If there are multiple comments, it will be batched so that the authors receive a single email when several comments have been made within a short period of time. Additionally, author gets email notices when users reply to comments or leave a “like”.  Author or a user can unsubscribe from notifications by clicking the “Unsubscribe” link in the footer of the email.


User with contribute access on a site would be able to delete any comments posted on the page which is quite an issue & not yet addressed by Microsoft. User with Read access to the site would be able to delete only the comments they have posted. Do you know where the comments are stored when ever you make a comment, they are stored in a separate data store with references to the Site Pages library guid & the item id of the page. The comments & likes are accessible via Rest API of the site. Find the different endpoints available for executing below actions

  • Getting comments & likes of a page item
  • Posting a comment on a page
  • Deleting a existing comment

There are couple of nice blog posts covering this topic with the API details. Find the links below:

On this blog post I am going to show you how to access the comments details of a SharePoint page using Power Automate.

Let’s create an automated flow with trigger “Manually Trigger a Flow”, add an action “Send an Http request to SharePoint” since the API to retrieve the comments is an SharePoint rest API.

The API for getting the comments of a SharePoint page is‘Site Pages’)/GetItemById(pageitemid)/Comments

Method: Get

Header Information: accept: application/json;odata.metadata=none

The odata.metadata=none option reduces the size of the payload significantly, and for many scenarios this is all that you need when working with list items

Run the flow, the output of this action would have all the data related to the comments posted by users on the page in a JSON format. To get the required information we will have to parse the JSON with the help of the Parse JSON action. Add the Parse to JSON action as below with content to the Body from Outputs of the action “Send an Http request to SharePoint”

Click on the button “Generate from sample” which loads a popup “Insert a Sample JSON payload” paste the run data of the flow for generating the schema automatically. To get the run data, go to the run history and click the run and go to outputs of the action “Send an Http request to SharePoint” copy everything inside the Body

Find the information of the body in the JSON online viewer to decide what information you need & what is available on JSON output

Add the compose action to see all the information available from the Output of the parse action, I’ve added only text which has the comment text & email has the email address of the user posted the comment

Summary: There are different Rest API endpoints available for comments & likes in Modern SharePoint page, you can select the any of them based on the requirement. The api’s can also be used on SPFx solutions for customizing Comments feature. Hope you find this post useful. Let me know if there is any comments or feedback by posting a comment below.

Restricting Power Apps users from viewing or updating the SharePoint List content from SharePoint GUI

There are many developers & power users using SharePoint lists as a data source to store data submitted from a Power App. There should be various reasons for this, please find mine below

  • Enterprise users with license (E5, E3, E1) has access to Power App & SharePoint as a service
  • SharePoint is a standard connector & not a premium one which means the user would be able to access SharePoint with the license they have assigned. Its not required for the users to have an additional license (App based license or user based license) to access the premium connectors like Azure SQL etc
  • There are many triggers & actions available for SharePoint connector

Let’s say on the Power App you have developed or developing has many custom logics on different screens. For e.g data being stored on different lists on click of a button in a Power App screen/form. If the user has to store data to SharePoint from Power App, user should have at the least edit/contribute access which means the user to be added on the out of the box site members group.

If the power app user gets to know the SharePoint site url which is connected as a data source in the Power App, the user would be able to access all the lists from the site by going to the Site contents page or by directly going to the list view url. This might create an issue because the user might edit, create or delete an item from the SharePoint interface rather from the Power Apps interface. As an app owner, you would like to avoid this. There is a way to avoid this by creating a custom permission level for the app users in SharePoint. Please find the steps below

  1. Go to the Site Permissions
  2. Click Permission Levels on the Ribbon
  3. Click an existing permission level “Contribute” from the list.
  4. You will be navigated to Edit Permission level for “Contribute”
  5. Scroll the page to the bottom & click on the button “Copy Permission Level”
  6. Name the permission level as “Power Apps – Custom Permission” & give some meaningful description
  7. Remove/Uncheck the permission “View Application Pages” under the category “List Permissions”
  8. Scroll down and click “Create” button

The custom permission level is ready, let’s assign this to a new SharePoint group. Find steps below to create a new group & assign the custom permission level to the group

  1. Go to the Site Permissions
  2. Click “Create Group” on the ribbon
  3. Name it as “Power App Users”
  4. Change the Owner field to the Site Owners group – Optional Step
  5. Scroll down & select the Permission level created above
  6. Click Create

The group is ready, add the power app users to this group. This access will not allow the members of this group to access the Site contents (Application Page), view forms or views (Allitems.aspx) but they would be able to create/update from Power Apps. Technically the user would still be able to access/modify the list content programmatically using CSOM/JSOM etc, but the GUI in SharePoint is blocked. They will receive an access denied message while trying to access the list view/form or site contents page.

Summary: You can play around with the different types of permissions while creating the permission level for Power Apps users, grant only the required permissions. A site owner will have access to create or update permission level. Microsoft has very detailed documentation on permission levels. In a SharePoint site, the permissions are inherited from the Site>Lists>Item. Based on the need, the permissions can be broken at any level. Hope you find this post useful. Let me know if there is any comments or feedback by posting a comment below.

Actionable Outlook Message using Adaptive Card connected to SharePoint using Power Automate

Adaptive Cards a new way for developers to display & exchange content in a common and consistent way across different applications. It can be hosted on

  • Bot Framework Webchat
  • Cortona Skills
  • Outlook Actionable Messages
  • Windows Timeline
  • Microsoft Teams
  • Windows Notifications

SDKs (.NET, JavaScript, Android, React, iOS etc) are available for authoring & rendering cards inside your own apps. Microsoft has got a very great documentation on this. The schema explorer has got information about all the list of available Card elements, containers & actions sets to use. Adaptive card templating features which is now available in preview mode to help create, reuse & share the cards you develop & enable you to separate the data from the layout in an Adaptive card. There is also a plugin available called as Adaptive Card Viewer in Visual studio code for visualizing the card & a Team app called as App Studio.

Develop a card using the Adaptive Card Designer from the scratch or you can start with some available samples. Card Authors describe their content as a simple JSON object with the help of the designer which could then be rendered natively inside a Host Application as shown above, automatically adapting to the look and feel of the Host.

On this blog post, I am going to show you how to create an Outlook actionable message using a sample (Input Form) available in Adaptive card designer, this collects information (Name, Email) from the user & storing it in a SharePoint list using two flows. On submission of the form, a simple response message will be shown using a response Adaptive card. For the outlook version requirements for actionable message, click on this link. Find the flows to be created below

  1. Instant flow with the manual trigger for sending the adaptive card in an email
  2. Instant Flow using trigger When a Request is received for sending information to SharePoint list

Actionable messages can be via Email which I am focusing on this blog post or using connectors. Check here the supported scenarios via an Email.

Steps Involved to create actionable message via an Email:

  • Creating the Adaptive card for the host application (Outlook)
  • Creating the Flows

Let’s start with creating the card using the Adaptive Card designer

Adaptive Card Creation:

There is going to be two adaptive cards

  • First one is the initial form to be sent on email using the sample Input form
  • Second one is a response card which will be shown after the input form is submitted

First Adaptive Card:

Go the designer & click on Open Sample, select Input Form as shown below

Adaptive Card Designer

Then change the host app from the default Bot Framework Webchat to Outlook Actionable Messages. Remove the Phone number Text Block [Element] & the corresponding Text.Input [Inputs] field to keep it simple. Remove the Submit action set, add the action set of type Action.Http for us call the flow with method POST for us to interact with SharePoint

Update the following attributes of the just added element action set

  1. Rename the Title of the element to Submit from Action.Http
  2. Add the Id submit
  3. Change the Style to Positive from Default
  4. Select the Method to POST
  5. Url to be set to our second FLOW (When a Http request is received) HTTP POST url later once we have it ready with us
  6. Add the following to the Body
  1. Set the HTTP Headers
    • Click the Add New header, enter “Authorization” to Name and leave the Value blank. If this is not done, you will receive an HTTP 401 unauthorized message while clicking the button on the email. The HTTP request is received flow does not have any authentication its anonymous so be careful with the URL and have some steps to validate on the flow so check if its triggered from valid source
    • Add one more header, enter “Content-type” to Name and Value should be “application/json”. This is required to make the POST request from the email

The first card is ready, lets us go ahead and create the second one which is the response card. This will be shown once the response is submitted

Second Adaptive Card:

This is going to be a very simple card, lets start from the scratch. Go to the designer and select New Card

  1. Add a Container
  2. Add a TextBlock with text “Your Response has been submitted successfully” on the container

Click Copy Card JSON from ribbon for this card to be used on the flow. We now have the adaptive cards ready with us, let’s go ahead and the create the flows using Power Automate. Find the generated JSON below

  "type": "AdaptiveCard",
  "version": "1.0",
  "body": [
      "type": "Container",
      "items": [
          "type": "TextBlock",
          "text": "Your response has been submitted successfully",
          "id": "response text"
  "$schema": ""

Instant Flow using trigger When a Request is received:

This flow is an Instant flow with trigger “When a HTTP request is received”, this is going to be called from email for submitting the Input form to a SharePoint list. Create a SharePoint list with two columns for us to store the Name and Email submitted from the adaptive card on email.Create the flow with the trigger as said above. The POST url will be generated after the flow is saved with an action. Click Generate from sample on the trigger and copy and paste below information which would automatically generate the schema for you. If you have more advanced JSON schema with, try using this tool.

	"inputName": "",
	"inputEmail": ""

Click Advanced options to select the method POST. Add the action create item to store the user form response to SharePoint list created above with the request body information mapped to Title (Name – inputName) & Email (inputEmail) using the dynamic content

Add the Compose action, paste the JSON of the second adaptive card to the Inputs.

Compose action

Add the Response action, a premium one with the header key CARD-UPDATE-IN-BODY and the value as true. The body parameter should be the outputs of the compose action JSON

Response Action – Premium Action

Save the flow, the POST url will now be generated copy it and go to the first adaptive card and paste it on the url attribute for the Submit action set. After this copy the JSON from ribbon, we are now ready for creating the next flow

Instant flow with the manual trigger for sending the Adaptive Card

This flow is an instant flow with trigger Manually Trigger a flow for sending the adaptive card an outlook actionable message in an Email. You can have a different type of trigger based on the requirement. Add the compose & send an email (v2) action, paste the JSON for the first adaptive card to the inputs field of compose action. Make sure JSON also has the POST Url of the first flow on the Action set. On the compose action, also include the script tags as given below

<script type=”application/adaptivecard+json”>

— JSON of First Adaptive Card—


<script type="application/adaptivecard+json">
    "$schema": "",
    "type": "AdaptiveCard",
     "version": "1.0",
    "body": [
            "type": "ColumnSet",
            "columns": [
                    "type": "Column",
                    "width": 2,
                    "items": [
                            "type": "TextBlock",
                            "text": "Tell us about yourself",
                            "weight": "Bolder",
                            "size": "Medium"
                            "type": "TextBlock",
                            "text": "We just need a few more details to get you booked for the trip of a lifetime!",
                            "isSubtle": true,
                            "wrap": true
                            "type": "TextBlock",
                            "text": "Don't worry, we'll never share or sell your information.",
                            "isSubtle": true,
                            "wrap": true,
                            "size": "Small"
                            "type": "TextBlock",
                            "text": "Your name",
                            "wrap": true
                            "type": "Input.Text",
                            "id": "myName",
                            "placeholder": "Last, First"
                            "type": "TextBlock",
                            "text": "Your email",
                            "wrap": true
                            "type": "Input.Text",
                            "id": "myEmail",
                            "placeholder": "",
                            "style": "Email"
                    "type": "Column",
                    "width": 1,
                    "items": [
                            "type": "Image",
                            "url": "",
                            "size": "auto"
    "actions": [
            "type": "Action.Http",
            "title": "Submit",
            "url": "HTTP POST FLOW URL",
            "id": "submit",
            "style": "positive",
            "method": "POST",
            "body": "{\"inputName\":\"{{myName.value}}\",\"inputEmail\":\"{{myEmail.value}}\"}",
            "headers": [
                    "name": "Authorization",
                    "value": ""
                    "name": "Content-type",
                    "value": "application/json"
Instant Flow for sending the actionable message

On the Send an email (V2) action, click the html view and select the outputs of the compose JSON which has the first adaptive card JSON. The flow is ready, click the Test link on the right corner of your flow to trigger it. The email will be received to the sender as below

Email – Input for collection information (Name & Email)

Once the information is Submitted, you would see the response as below

Email response after the form is submitted

If you would like to test with the tenant or global users, then register your adaptive card actionable message on the Actionable Email Developer Dashboard to enable this service. Enter the Flow URL (HTTP Request response), scope & sender email address. For more information on the developer dashboard refer here. Regarding security of the actionable message, refer here.

New Provider Registration

Once your provider is approved. Add the Provider Id (originator) field to the originator attribute in your JSON of the adaptive cards next to the type key, as follows:

“originator”: “ProviderId”,

Summary: You now have an actionable message adaptive card on outlook for collecting information from users on email. It provides you more functionality than the available Out of the box actions Approvals or Emails with options. To know the future road map, click here to know. Hope you have enjoyed reading this post and find it useful. If you have any comments or feedback, please provide it on the comments section below.

Managing users for a Power App with SharePoint as a data source

In this blog post, I am going to show you how to manage users for a Power App which has SharePoint as a data source. Let’s take an example, you’ve built a Power App application which has its data stored in SharePoint. After the application is developed, you want to share the app with some users. To do so you’ll have to give the user access to

  • PowerApps
  • Access to the Data source (SharePoint in this case), it could be Read/Write based on the use case

Only after the user has been granted access, they would be able to use the application. To setup the process for managing users we are going to use an action “Edit App Role Assignment” under the connector “PowerApps for App Makers” in the flow. Find the steps to executed to make this happen

  1. Create an Interface/screen for the Admins in PowerApps (custom role) to maintain (Add/Remove) the users of the application
  2. Flow for granting access to the users
    1. Action to grant access to the PowerApps
    1. Action to add the user to the SharePoint site

Step 1: Create an Interface for the Admins in PowerApps to manage the users for the application

Create a list (User Roles) on the SharePoint site which acts as a data source for application with the below schema to maintain the users

UserNamePerson or Group
RoleChoice (value: Admin, User)
RoleStatusSingle line of text (Default value: Add)
List Schema for UserRoles

Add a screen on the Power App as shown on the image below. I’ve given some information on the image the type of controls I’ve added on the screen.  This screen will be shown only to the Admin role, the navigation to this screen could be based on click of a button placed somewhere on the screen. The visibility of the button to navigate to the admin interface could be set based on the data (Role) from the list User Roles list. In this example, I will have two roles an Admin and User. Find the below screen in PowerApp built for managing the users

PowerApp Admin Interface screen

Once the user name and the role has been entered on the section 1, click add which adds the user information to the list User Roles. Once a user is added, the flow will be triggered which has actions to grant access for a Power App.

Step 2: Flow for granting access to the users

I will be using a flow to grant access to PowerApp & SharePoint site. Let’s build the automated flow with trigger “When an item is created or modified” connected to the list User Roles

Automated Flow Trigger

Add the action “Get User profile”, the input should be the email address of the user who must be given access to PowerApp. This step is required to get the user guid, to be given on a later step for granting access to PowerApp action

Get User profile

Now Add the action “Edit App Role Assignment” under the connector “PowerApps for App Makers”, this action is in preview mode by the time I am writing this post. To get more details on the different actions and its parameters with this connector go through this link. Make sure the connection to this action has access (Owner/Co-Owner) to share an App to a user.  You would be able to get the GUID (App ID) of the Power App by going to the details section of an app.

Edit App role assignment flow action

Now let’s add an action to grant the user access to SharePoint site. I would be using a flow action “Send an HTTP request to SharePoint” to call a Rest API (POST) to get the user added to the SP site groups (Members/Viewers/Visitors). The connection for this action should have access (Site Owner) to share the site. Find the rest api details to add the user to a group

URI: _api/web/sitegroups(groupId)/users

Method: POST

Request Body: {‘LoginName’:’i:0#.f|membership|Emailaddressoftheuser’}

To get the SharePoint group id, navigate to the url and click the group name and copy the URL which will have the groupid at the end.


Find the action with the configurations

SP HTTP request action

Execute the flow by adding the user to the list from the PowerApps interface, the flow gets triggered which will in turn grant the user access to PowerApp & SharePoint. Tada!!!

To revoke the access to a user, if you scroll back to the admin interface image for managing the user there is a delete button. Assume that the delete button click will update the column status on the User Roles list to “Revoke” for a user which would then trigger the same flow. On the same flow add a Switch which would then based on the value in the RoleStatus (Add/Revoke) column, add steps to revoke the access. This could be achieved in multiple ways. For e.g After the delete button is clicked the item on the UserRoles list can be deleted which will in turn call a flow created using the trigger “When an Item is deleted” with actions to revoke access

Action to Revoke Power App access, its the same action we used for adding user to an app but with some different parameters as shown below

Edit Role assignment – Remove user

The rest api details for revoking the user access from a SharePoint group

URI: _api/web/sitegroups(groupId)/users/removeByLoginName

Method: POST

Request Body: {‘loginName’:’i:0#.f|membership|Emailaddressoftheuser’}

The action to grant access to Power App can also be called from a Power App by creating a connection to the data source “PowerAppsforAppMakers” as below

Editapproleassignment from powerapp

Summary:This approach would help the super users of the app to manage user permissions for the Power App within Power Apps interface. On this post we have seen adding the user permission to SharePoint data source. Based on needs there should be ways to add users to different data sources if there’s an api endpoint or with the help of standard connectors available in Power Platform. Let me know any feedback or comments on the comment section below