SharePoint 2013 list item level permission using REST API

This SharePoint rest api tutorial explains, how to give item level permission to SharePoint 2013/2016 or SharePoint Online list items using the REST API.

If you are new to REST API then you can visit the REST API in SharePoint 2013 tutorial. Apart from this, you can also check out some SharePoint REST API examples.

Table of Contents

SharePoint 2013 list item level permission using REST API

In this example, I have a SharePoint 2013 custom list name as PermissionTestList. And here I am trying to give unique permission to a particular item.

If you want to know how to give item level permission using a browser then check how to Implement SharePoint Item Level Permissions Step by Step Tutorial.

Here I have put the code inside a script editor web part in one page and on some button clicks I am doing. According to your requirements, you can modify the code.

sharepoint list item level permissions rest api

1st Button: Break Permission of the SharePoint List using Rest API

By default whenever you will create a list it will inherit permission from the parent list in SharePoint. So in the first button click we are breaking the permission for the list. Here we need to give reference to the jquery.min.js and SP.RequestExecutor.js.

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script src="https://SiteURL/_layouts/15/SP.RequestExecutor.js"></script>
<script>
$(function(){
$("#btnClick").click(function(){
var requestUri = _spPageContextInfo.webAbsoluteUrl + "/_api/web/lists/GetByTitle('PermissionTestList')/breakroleinheritance";
$.ajax({
url: requestUri,
type: "POST",
success: onSuccess,
error: onError
});
function onSuccess(data) {
alert('Success');
}
function onError (error) {
alert(JSON.stringify(error));
}
});
});
</script>
<input type="button" id="btnClick" value="Break Permissions of List"/>

2nd Button: Give Read Access to the User to the SharePoint list using Rest API

In this code, we are trying to give read access to the particular user (User ID) and the permission level (in this case I am giving read access). Here principalid is the User ID and roleDefId is the id of the permission group. To get the User Id of the logged in user you can follow the block of code (Retrieve UserId and Roledefination UR) I have written at the end of the post.

<script>
$(function(){
$("#btnClick1").click(function(){
var requestUri = _spPageContextInfo.webAbsoluteUrl + "/_api/web/lists/GetByTitle('PermissionTestList')/roleassignments/addroleassignment (principalid=277, roleDefId=1073741826)";
$.ajax({
url: requestUri,
type: "POST",
success: onSuccess,
error: onError
});
function onSuccess(data) {
alert('Success');
}
function onError (error) {
alert(JSON.stringify(error));
}
});
});
</script>
<input type="button" id="btnClick1″ value="Give Read Permission to User ID 277 To List"/>

Now if you will click on this button and then check the list permission, you will see the particular user will have the same permission that you have defined in the roleDefId.

3rd Button: Break Permissions for List Item Id 3 using Rest API SharePoint

In this button I am trying to break the permission for the list item id=3, For this item, we are going to give full control to a particular user who can edit, delete the item also.

<script>
$(function(){
$("#btnClick2").click(function(){
var requestUri = _spPageContextInfo.webAbsoluteUrl + "/_api/web/lists/GetByTitle('PermissionTestList')/getItemById(3)/breakroleinheritance";
$.ajax({
url: requestUri,
type: "POST",
success: onSuccess,
error: onError
});
function onSuccess(data) {
alert('Success');
}
function onError (error) {
alert(JSON.stringify(error));
}
});
});
</script>
<input type="button" id="btnClick2″ value="Break Permissions for List Item Id 3″/>

4th button: Give Full Control Permission to User (User ID=277) for Item (Item ID-3) using Rest API

In this button click, I am trying to give full control (roleDefId = 1073741829) to a particular user whose id is 277 to a particular list item whose id is 3.

<script>
$(function(){
$("#btnClick3").click(function(){
var requestUri = _spPageContextInfo.webAbsoluteUrl + "/_api/web/lists/GetByTitle('PermissionTestList')/getItemById(3)/roleassignments/addroleassignment (principalid=277, roleDefId=1073741829)";
$.ajax({
url: requestUri,
type: "POST",
success: onSuccess,
error: onError
});
function onSuccess(data) {
alert('Success');
}
function onError (error) {
alert(JSON.stringify(error));
}
});
});
</script>
<input type="button" id="btnClick3″ value="Give Unique Permissions to Item ID-3 User ID-277″/>

After this if you will go an open the list and see for item id =3, you will see the particular user will have full control where s/he can edit or delete the items. But for other items s/he can only view items.

Retrieve UserId and Roledefination URL in SharePoint

<input type="button" id="btnClick" value="Click Here"/>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script>
$(function(){
$("#btnClick").click(function(){
var userid = _spPageContextInfo.userId;
var requestUri = _spPageContextInfo.webAbsoluteUrl + "/_api/web/roledefinitions";
alert(userid);
alert(requestUri);
});
});
</script>

You may like the following SharePoint Rest API tutorials:

I hope this article will be helpful to you to give list item-level permissions using rest api in SharePoint 2013/2016 or SharePoint Online.

Bijay Kumar

After working for more than 15 years in Microsoft technologies like SharePoint, Office 365, and Power Platform (Power Apps, Power Automate, and Power BI), I thought will share my SharePoint expertise knowledge with the world. Out audiences are from the United States, Canada, United Kingdom, Australia, New Zealand, etc. For my expertise knowledge and SharePoint tutorials, Microsoft has been awarded a SharePoint MVP(8 times), check out My MVP Profile. I have also worked in companies like HP, TCS, KPIT, etc.