SharePoint Groups using nested Security Groups not picking up correct Form Set

I have a form with Default and PM form sets - the PM form set is for the project managers.

I set up a communication site, and placed the Project Managers 'Security Group' nested inside the 'Site Members' group and 'Everyone' i.e. the non project manager users, in the 'Site Visitors' group.

I've then updated the form sets in Plumsail to point the PM form to the members group and exclude the visitors group, however all Project Managers are still seeing the Default form set. If I directly add members into the SharePoint Group then the added members can see the PM form as expected.

Is there an issue with Plumsail Forms which means it does not support Security Groups, I have also tried this with Mail Enabled Security Groups and they don't work either.

Any ideas?

Dear @abolam,
Yes, that's how it works - there is currently no easy way to check for nested group members, unfortunately. Users need to be placed directly into the group.

In the future, we plan to expand routing to work with Azure groups instead of SharePoint security groups, but that's some time away, and I can't say when it will be available.

I see... as it is a very commonly used scenario I look forward to seeing that implementation, as a lot of our larger clients use nesting to reduce admin overhead on the SharePoint side. I will have to develop something to deal with this as it is a client requirement.

I wonder if there is a way of checking group membership via the graph api... could I do that and then trigger a redirect perhaps?

Any suggestion as to where I can get started with that?

Kind regards, Andy

Dear @abolam,
You can already check some samples of checking AD groups with Graph client in our documentation - Personalize SharePoint forms for user groups — SharePoint forms

Hi Nikita,

I've tried that, got the display name of the 365 group, however it doesn't seem to be working for my client. I've not yet been able to see if there are any browser errors, but I presume that the code in the article is to be used in the 'routing' section.

Hopefully I'll get a chance to work with one of the client's users, to see what is happening, as I'm unable to place my account in the specified group for security reasons.

Will update this when I get a chance to investigate.