Display the SharePoint list item permissions using REST API

Lets see how we can display the SharePoint list item permissions using REST API

I am going to use the SharePoint hosted app and SharePoint online. You could use an on premises installation as well.

Lets start by creating a SharePoint hosted app. Update the App.js as follows:

'use strict';

var hostweburl;
var appweburl;
var executor;

$(document).ready(function () {

// retrieve the hostweb url and appweb url from the query string
function getCustomPermission() {
  $(document).ready(function () {
    hostweburl =
    appweburl =

    var scriptbase = hostweburl + "/_layouts/15/";

    $.getScript(scriptbase + "SP.RequestExecutor.js", getRoleAssignments);

//make the rest call
function getRoleAssignments() {
  executor = new SP.RequestExecutor(appweburl);

            appweburl +
            "/_api/SP.AppContextSite(@target)/web/lists/getbytitle('Test')/items(1)?$expand=RoleAssignments/Member/Users&@target='" +
            hostweburl + "'",
        method: "GET",
        headers: { "Accept": "application/json; odata=verbose" },
        success: successHandler,
        error: errorHandler

//display results
function successHandler(data) {
  var jsonObject = JSON.parse(data.body);
  var roleAssignmentHTML = "";

  var results = jsonObject.d.RoleAssignments.results;
  for (var i = 0; i < results.length; i++) {

    roleAssignmentHTML = roleAssignmentHTML +
          "<p><b>" + results[i].Member.OwnerTitle +
    var users = results[i].Member.Users.results;
    if (users) {
      for (var u = 0; u < users.length; u++) {
        roleAssignmentHTML = roleAssignmentHTML + "<p>" + users[u].Title + "</p>";
  document.getElementById("message").innerHTML =

function errorHandler(data, errorCode, errorMessage) {
  document.getElementById("message").innerText =
      "Could not complete cross-domain call: " + errorMessage;

function getQueryStringParameter(paramToRetrieve) {
  var params =
  var strParams = "";
  for (var i = 0; i < params.length; i = i + 1) {
    var singleParam = params[i].split("=");
    if (singleParam[0] == paramToRetrieve)
      return singleParam[1];

Notice that we are using the $expand=RoleAssignments/Member/Users to get the user information present in each assignment.

App Permissions

In deploying to production you need to try out the different permission levels to ensure you are using the minimum required permissions.

This approach requires that we have a high enough permission level because we are listing the information of other users also.

When you build and execute the code, it should list the users and SharePoint groups which have the permission on the item.

Item Level Permissions Output

I have uploaded the code for this solution in github at ItemLevelPermissions

Create a list item in another site collection

It is much easier to create or update a list item in another site collection using JSOM. We can easily do it as follows:

I recommend using this method instead of the REST API to create a list item in another site collection.

var listName;
var item;
var itemType;

var otherClientContext = new SP.ClientContext("other site url");
var oList = otherClientContext.get_web().get_lists().getByTitle(listName);

var itemCreateInfo = new SP.ListItemCreationInformation();
var oListItem = oList.addItem(itemCreateInfo);
oListItem.set_item('Title', "SharePoint");

own1ClientContext.executeQueryAsync(onQuerySucceeded, onQueryFailed);

function onQuerySucceeded() {

function onQueryFailed(sender, args) {
   alert('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace());

Continue reading “Create a list item in another site collection”