How to restrict SharePoint list items so each user only sees entries from their own department?

Norouzi, Manouchehr 0 Reputation points
2026-06-19T12:29:56.9833333+00:00

Hi all,

I have a SharePoint site with a list used to collect feedback/complaints. Each entry has a "Department" column.

What I need:

  1. Department-based visibility: We have a column for the department as an input. Each employee should only see complaints belonging to their own department which is recorded (15+ departments total).
  2. Special access group: A small admin/management group should see and access all entries across every department.
  3. Landing page protection: The landing page should not be editable/deletable by normal users — currently everyone has Edit access, so anyone can modify the page itself.

Current situation: Everyone has Edit permissions right now, so users can see all entries regardless of department, and can edit/delete the landing page.

Question: What's the cleanest native way to achieve this in modern SharePoint (Lists + a Site Page as landing page)? I tried per-item permission breaking via Power Automate based on the department value, but it got fragile with 15+ departments. Is there a better recommended approach?

Thanks in advance!

Microsoft 365 and Office | SharePoint | Development
0 comments No comments

1 answer

Sort by: Most helpful
  1. Gabriel-N 19,595 Reputation points Microsoft External Staff Moderator
    2026-06-19T13:34:27.2066667+00:00

    Hello @Norouzi, Manouchehr

    Based on my research, I would recommend considering a separation by container approach instead of relying heavily on item-level permissions, as this is generally more stable and easier to maintain over time.In this approach, you can:

    • Create either one list per department or one site per department
    • Assign permissions using Microsoft 365 (Entra ID) groups
      • Each department group can only access its own list
      • The admin or management group can access all lists

    This design helps keep the structure simple, avoids complex permission handling, and reduces long-term maintenance effort. The main trade-off is that you will have more lists or sites to manage.

    If you prefer to keep a single submission point, your idea of combining a Drop-off list with Power Automate is also a practical option. You can organize it like this:

    1> Secure the landing page and submission list

    • Set users to the Visitors group (read-only) so they cannot edit or delete the page
    • In the Drop-off list, go to List Settings > Advanced Settings and configure: Read access: only items created by the user || Create/Edit access: only items created by the user

    This allows users to submit feedback but not see other users’ entries

    2> Create separate lists for each department

    • Create one list per department (for example: HR, IT, Finance)
    • Break permission inheritance on each list
    • Grant access only to the corresponding department group and the admin group

    This ensures each department only sees its own data

    3> Use Power Automate to move the data

    • Trigger: when a new item is created in the Drop-off list
    • Actions:
      • Check the Department field
      • Create a new item in the correct department list
      • Optionally remove the original item from the Drop-off list

    Because administrators have access to all department lists, they can also create a unified view by using appropriate web parts on a restricted admin page, allowing them to review all submissions in one place without navigating multiple lists.

    Please note that this Power Automate–based approach is mainly based on my own research and theoretical understanding, and I haven’t had a chance to fully test it yet. As a result, it may not apply perfectly to your specific scenario.

    Also, Power Automate scenarios are not deeply supported within the Q&A forums. If you need more detailed or scenario-specific guidance, you may consider posting your question in the official Power Platform Community, where subject matter experts are more active. In addition, since your case may involve tenant-specific configuration, if you have the appropriate permissions, I would recommend opening a support request through the Power Platform Admin Center so that Microsoft support engineers can assist you further.


    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?


Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.