What is Role Definition ID:
In SharePoint, we are all familiar with SharePoint Permissions and Permission levels such as Full Control, Edit, and Contribute etc. We use these permission levels to manage accessibility at the site, list, and item levels. At times, custom permissions may be created to meet specific business requirements. These permissions are defined in SharePoint with a unique identifier, referred to as the “SharePoint Role Definition ID”.
Why it is needed:
Typically, it is not necessary to use Role Definition IDs to grant permissions to a user or group in a site, list, or list item. This can be achieved through the out-of-the-box process by following a few simple steps. However, when setting permissions through REST calls, the permission level names cannot be used. In these cases, the Role Definition IDs are required. For example, if you need to modify a user or group’s permission through a REST call, the process would look like this:
How to get Role Definition ID
Therefore, the question arises: how can we obtain these SharePoint Role Definition IDs or permission level assigned IDs? For the majority of common permission levels, the Role Definition IDs can easily be found online. Below are some of the out-of-the-box Role Definition names (permission levels) and their corresponding Role Definition IDs.
|Role Definition Name||Role Definition Id|
But what about any custom permission level which is being created for some specific purpose in that site. Now step by step, we will walk through the process how to get the SharePoint Custom Role Definition ID. To get the custom permission’s role definition id we have to use rest call. And with this rest call we will also get the above out of the box role definition ids.
Let’s create a custom permission in the site collection and get the role definition id for that as an example with the following steps.
- First go to the site settings of the site collection.
- Click on Site Permissions. For Modern site, site permission option is available in the Settings option on the right corner of top menu bar as shown in the bellow image (fig 1).
- Site permission window will open.
- Click on the “Permission Levels” menu from the top menu as shown in the bellow image (Fig 2).
- Permission levels window will be opened as in the following image.
- We can get all the permission levels for this site collection, both out of the box and custom ones. We can also change the permission details of this role definition.
- Now click on the “Add a permission Level” link as shown in the above image (fig 3).
- This will open a new window to create new permission level as shown in the following image (fig 4).
- Now, provide your custom permission’s name in the text box.
- We can provide a description for future understanding.
- Now we have an option for selecting different types of permissions which are being categorized with “List Permissions”, “Site Permissions” and “Personal Permissions”.
- We need to check the needed permission as shown in the image (fig 4).
- Click in the “Create” button.
- Now our custom permission level “TestPermission” has been created as we can see in the above image.
- Now, let’s get the role definition id of this custom permission level. To do that we have to call the rest api which we already discussed before.
- For me the REST API URL is as following:
- This is a “GET” request. So we can request this url in our web browser. We will get the response in XML format where we can get all the Role Definitions and Role Definition ID.
- For better visibility we can use any online XML beautification tools or XML (XML to JSON Converter). Here is the result I got:
- We can find our custom permission level as well as out of the box permission level’s role definition id and other details here.
- So, for our custom permission level “TestPermission”, the role definition id is “1073741928”.
Thus, this is the method to locate the SharePoint Role Definition IDs. With the impending retirement of SharePoint 2010 Workflows, it is necessary to use either SharePoint 2013 workflows or Microsoft Power Automate. In these processes, the Role Definition IDs are required to set permissions through REST calls.
I hope this article will help. This article has also been published on C# Corner. Be Safe. Happy Coding. 😊