Symptoms

We have successfully configure CRM and K2 to use ADFS and we can both login into the application independently. But there are two problems we faced now

1. If we login from K2 and access CRM, it will be SSO, but if we login from CRM first then go to K2 Smart Form, it prompt the login screen, and we cannot login even we type the correct password

2. We iframe the SmartForm with Worklist into the CRM dashboard, even we login successfully, it show a login screen and we type username and password to login, there is no response.
 

Diagnoses

When user first log in to CRM, there are a few cookies that are being generated. After that, when user attempt to log in to K2 Designer, ADFS sees the cookies, and attempts to use it. For some reason, ADFS has a problem with the cookies and as a result, is unable to login and redirect user to K2 Designer.
 

Resolution

Microsoft has a KB article on this issue, and has a solution for it. The solution is to change your CRM domain to a subdomain. The idea is to avoid using the same namespace as your ADFS. The downside to this is that you need to perform extra configuration on your CRM and update your relying party trust in ADFS.

Reference:
http://crmtipoftheday.com/2015/12/23/avoid-using-the-same-domain-for-adfs-and-crm/
https://support.microsoft.com/en-us/kb/3045286