Skip to main content
Version: 2023 R3

Add SP privileges

The action is used to grant privileges to a specific object located in the SharePoint environment site users. These can be privileges to the entire SharePoint site, SharePoint list, element or an object of a SharePoint list.


The action is executed in "Pending in transaction" mode, i.e. its execution is postponed until the transaction is completed.
For more information, see THIS ARTICLE on our technical blog.

Add SP privileges

1. Connection

Specify the SharePoint site collection on which the action will be executed. This choice also affects the available privilege options that may be assigned in the action configuration.


The Default connection is only available for actions created in earlier versions of the system. For newly created actions, this connection is unavailable.

2. Object URL address

After defining a Connection, enter the relative address of the object for which privileges will be granted. It is possible to target: the entire SharePoint site, SharePoint list, single element/object of a SharePoint list.


The relative object address is a link without https://. The Connection field is responsible for this value.

Alternatively, the object address may be constructed dynamically using values from the Variables editor.
In such a case, the full address of the object should be comprised of the connection definition and the relative address of the object: connection/configuration address.

3. User

Details of the SharePoint group user can be entered in two ways: statically (by specifying the relevant Form field) and in Dynamic mode (using Variables editor).

Choosing a user by a form field involves inputting the user's name on a form into a Person or group field. It is also possible to use Item list as a form field and then specify its column of the Person or group type.

4. Privileges

Add the required privilege levels. The selector should contain all default levels of privileges that can be granted on a SharePoint site:

  • Full Control – this privilege level contains all privileges. It is assigned to the SiteOwners SharePoint group by default. This privilege level cannot be customized or deleted.
  • Design – allows to create lists and document libraries, edit pages and apply themes, borders, and style sheets onsite. By default not assigned to any SharePoint group.
  • Contribute – allows to add, edit, and delete items in existing lists and document libraries. By default assigned to the Site name Members SharePoint group.
  • Read – read-only access to SharePoint site. Users and SharePoint groups with this privilege level can view items and pages, open items, and documents. By default assigned to the Site name Visitors SharePoint group.
  • Limited Access – the privilege level designed to be combined with fine-grained privileges to give users access to a specific list, document library, item, or document, without giving them access to the entire site. However, to access a list or library, for example, a user must have privilege to open the parent site and read shared data such as the theme and navigation bars of the site. The Limited Access privilege level cannot be customized or deleted.

By using the Add and Delete buttons you can control level of granted privileges.

5. Variables editor

Dynamically generated tree containing all variables that may be used in the current location of Designer Studio. Information on how to use variables in WEBCON BPS, as well as a list of variables can be found in the dedicated section.


For more details on the action, see the article SharePoint Online – privileges on our technical blog.