Nintex SharePoint Online Create SharePoint Group with Contribute permissions

Nintex Workflow has actions “Web Request” and “Call HTTP Web Service” which can be used to make calls to the REST API of SharePoint Online/2013 to automate creation of SharePoint groups in a site collection.

Add the following steps to the workflow

  1. Create a Text variable GroupName and Use “Set Workflow Variable” to assign it to a value.GroupNameVariable
  2. Get request digest from targeted site collection. Please note that workflow app permissions need to amended to give site collection full control access.        App Step to get request digest
    • Add “App Step” action
    • Add “Web Request” action. Fill in the following fields
      • URL: <siteURL> /_api/ContextInfo
      • Method : POST
      • Content type : application/x-www-form-urlencoded
      • Header Name (Key) : Accept     Header value: application/json;odata=verbose

        WebRequestToGetRequestDigest

      • Body : Choose “Content” option  and enter “{}” in text field
      • UserName: Credentials who has access to targeted site
      • Password: password of above UserName
      • Store response content in : Create a variable “digest token”WebRequestToGetRequestDigest_2
    • Add “Query XML” action. Fill in the following fields
      • XML source: Choose “Content” and pick variable “digest token”
      • XPath query: /d:GetContextWebInformation/d:FormDigestValue
      • Return result as :Text
      • Query result in : create a text variable strDigestInfoQueryXMLRequestDigest
    • Add “Log to History” action. Print the strDigestInfo to make sure valid request digest are used  QueryXMLRequestDigest
  3. Create SharePoint Group using REST API ‍/_api/web/sitegroups  AppStepToCreateSpGroup
    • Add “App Step” action. Optionally add “Log to History List” action to log status of workflow.
    • Add “Build Dictionary” action to build “Request Headers”.
      •  Add the following key value pair as Text- content-type:  application/json; odata=verbose
        – X-RequestDigest : {Variable:strDigestInfo}
      • Save Output into RequestHeadersRequestHeaders
    • Add “Build Dictionary” action to build “Metadata”
      •  Add the following key/value pair- key: type    Type:Text  Value: SP.Group
        BuildMetadataForGroup
    • Add “Build Dictionary” action to build “Parameters”
      •  Add the following key/value pair- Key: __metadata   Type:Dictionary   Value: Workflow Variable GroupMetadata
        – Key: Description  Type: Text  Value: Group created automatically from Nintex workflow
        – Key: Title  Type:Text  Value:{Variable:GroupName}
      • Assign Output to a dictionary variable GroupParameters
        BuildDictionaryGroupParameters
    • Add “HTTP Web Service”action to create group
      • Fill in Address : <SiteURL>/_api/web/sitegroups
      • Set Request Type to “HTTP Post”
      • Set Request Headers to dictionary variable RequestHeaders
      • Set Request Content to dictionary variable GroupParameters
      • Set Response Headers to new dictionary variable GroupResponseHeaders
      • Set Response Content to new dictionary variable GroupResponseContent
      • Set Response Status Code to new text variable GroupResponseStatusCodeWebRequestToCreateGroup
    • Log to History list the responseLogResponseOfGroupCreated
  4. Retrieve SharePoint Group using REST API ‍ ‍/_api/web/sitegroups/getbyname AppStepToGetGroupCreated
    • Add “Add Step” action
    • Optionally add “Log History List” action to log workflow status.
    • Add a “Web Request” actionWebRequestToGetGroupCreated
      • Set URL to <SiteURL>/_api/web/sitegroups/getbyname(‘‍{Variable:GroupName}‍’)?$select=Id
      • Choose  Get for Method
      • Click Add Header
      • Set Header Key to “Accept”
      • Set Header Value to “application/json;odata=verbose”
      • Set UserName to user who has access to site collection
      • Set Password to password of specified user
      • Set Store response content in a Text variable GroupRequestIDXMLAdd
    • Add “Log History List” action to log response GroupRequestIDXMLAdd from web request. The response is in JSON format. Nintex does not have a JSON parser action to retrieve value of property. Use “Regular Expression” action as described in the next step is used to retrieve Id value
    • Add “Regular Expression” actionRegularExpressionToGetID
      • Set String to ‍{Variable:GroupRequestIDXML}
      • Set String Operation to Extract
      • Set pattern to (?<=”Id”:).*?(?=})
      • Save Output to text variable strGroupIDCol
    • Add “Get Item from Collection” action.GetGroupIDFromCollection
      • Set Target Collection to variable strGroupIDCol
      • Set Index to 0
      • Set Output to SPGroupId
    •  Add “Log History List” action to log strGroupIDCol
  5. Add Contribute Role to new Group
    • Add App Step action  AppStepToAddContributeRoleToGroup
    • Add “Call HTTP Web Service” Action WebRequestToAddContributeRole
      • Set URL to <siteURL>‍/_api/web/roleassignments/addroleassignment(principalid=‍{Variable:SPGroupId}‍,roleDefId=1073741827)
      • Set Request Type to “HTTP Post”
      • Set Request Headers to dictionary “RequestHeaders”
      • Set Response Headers to new dictionary variable RoleAssignResponseHeaders
      • Set Response Content to new dictionary variable RoleAssignmResponseContent
      • Set Response Status Code to new text variable RoleAssignmResponseStatusCode
    • Add “Log to History List” action to log response of web request

Save and Publish the workflow. If the workflow runs succesfully

WorkflowHistory

 

 

Advertisements

11 thoughts on “Nintex SharePoint Online Create SharePoint Group with Contribute permissions

  1. Hello I am following your steps but in the step 2 ◾Add “Query XML” action I get the following error: XML content is invalid.
    6/28/2016 6:55 AM Comment {“d”:{“GetContextWebInformation”:{“__metadata”:{“type”:”SP.ContextWebInformation”},”FormDigestTimeoutSeconds”:1800,”FormDigestValue”:”0xF62EFE5E7
    6/28/2016 6:56 AM Comment XML content is invalid. Data at the root level is invalid. Line 1, position 1..

    Liked by 1 person

    • It looks as if the result is returned in JSON format. Can you please try to change the content type to text/xml when making request to /_api/ContextInfo and see if it works?

      Like

  2. Hello Reshmee,

    Great tutorial!
    I could confirm that the content type has to be text/xml (as described above).

    But when I try to create the Group. I got the following error message:
    “Access denied. You do not have permission to perform this action or access this resource”

    Liked by 1 person

  3. Hi Jeroen

    Thanks for the comment.

    The permissions of the workflow app need to be configured. I have described it at the beginning of another post https://reshmeeauckloo.wordpress.com/2015/11/28/nintex-workflow-sharepoint-online-create-sub-site-http-web-service/

    In summary, workflow needs to be enabled to use app permissions and be given full control from appinv.aspx page. Follow the instructions from msdn link below.
    https://msdn.microsoft.com/en-us/library/office/jj822159(v=office.15).aspx

    Like

  4. Hi, I’ve done both the workflow app permissions feature and also the app permissions to full control as above but i’m getting “Unauthorized” being returned from the Create Group HTTP call?

    Any ideas?

    Like

  5. Same issue for me, receive the message “Access denied. You do not have permission to perform this action or access this resource.” on the create group HTTP call. All actions and the workflow itself are running with site collection admin credentials. Stuck on next steps……great tutorial thus far though!

    Like

  6. The effective permissions of the workflow are an intersection of user permissions and the app permissions similar to SharePoint apps. If the user running the workflow does not have permissions to create group then access denied error will be thrown.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s