Office 365: SharePoint List Item Level Security

How to set permission in list so that, the user who created the list item can see it and edit, the manager can see all and edit all but other team members should not be able to view the items created by other users.


SharePoint List Settings -> Break inheritance if it is trickled down from parent

Add a SharePoint Group-> Called ‘Managers’, include the users who are managers in the group. Group can have Full Control/ Edit/Contributor access as per your site/list requirement. Here you can see there are three groups, one such could be your Managers with Full Control and Site Members with Edit.


Once that part is done, Open your list in SharePoint Designer 2013 via List Settings->Edit ListItemPermission3

Once in your Sharepoint Designer 2013, create/ Add New SharePoint Designer 2010 workflow to the list. Why 2010? Because of its ‘Impersonation Step’ action that allows you to add/edit/remove item level permissions for a user or a SharePoint Group. Very handy action that for reasons beyond my understanding is not available in SharePoint Designer 2013.

Essentially what happens in the Impersonation Step in this solution is, the item in the list

  1. Inherits the parent permission(list permission) and then, you
  2. Remove ‘Edit’ rights of the items in the list for ‘Site Members’, which they need when they create their item.
  3. The Add ‘Edit’ rights to the user who Created the item in the list.


As simple as that was to setup. It was pretty scary until I could set this level of granular permission to the list. Especially to the ones that  contained sensitive data that was a big NO NO for others to see who submitted what.

You can follow that with any other actions that your specific need calls for. In this instance, I notify the managers with a dynamic link to the created item. So they click that and get redirected to view the newly submitted item in the list.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s