This post is part of a series where we examine the advantages and disadvantages of a document approval process, and then build an example automated solution with SharePoint and PowerAutomate.
Posts in this series:
- Should you automate your document approval process?
- Building a basic document approvals automation with SharePoint and PowerAutomate
In the previous step we finished building our new PowerAutomate Flow that will orchestrate the document approval and publishing process.
We now need to make that flow available to members of the Finance authoring group.
Connections used by the flow
The screenshot below is from the Information Screen of our Finance document approval PowerAutomate Flow.
It shows that the flow depends on three connections:
- Office 365 Outlook
- To send an email to the approver.
- SharePoint
- To read the draft document and to upload the final PDF to the Published Documents Repository SharePoint Site.
- OneDrive for Business
- To create, convert and delete temporary files from OneDrive.
Currently the flow is configured to use connections that are authorised by Lynne. This essentially means the connections will provide the flow access to Outlook, SharePoint and OneDrive with the same permissions as Lynne has.
The only connection that really needs to have Lynne’s permissions is the SharePoint connection since only Lynne has write access to the PDR. The other two connections could be provided by the user running the flow.
Select connections for use by other flow users
To allow users other than Lynne to run the flow, we need to share it with them.
We do not want these users to be able to edit the flow in any way, we therefore configure them as Run only users.
Before we nominate which users can run the flow, we’ll configure the connections that will be used for those users.
In the Manage run-only permissions side-panel, scroll down to the Connections Used section where, for each connection type, we choose whether to use the flow’s original connection (with the owner’s permissions) or a connection provided by the run-only user.
Set the SharePoint connection to use the flow’s original connection.
Ensure the Outlook and OneDrive connections are configured to be provided by the run-only user. This means the email will appear to be sent by the run-only user, and the PDF file conversion will make use of the run-only user’s OneDrive account.
Click the Save button before making further changes.
Share the flow with the Finance authoring group
Next we are going to share the flow with the document library belonging to the Finance authoring group. Doing this will allow any users with Edit permissions on the document library to launch the flow.
From the flow information screen, click the Edit link again for Run only users.
On the Manage run-only permissions side-panel, click the SharePoint tab.
Select the Finance authoring group’s SharePoint Team Site and the document library within that site.
Click the Add button and then scroll down and click the Save button.