Exchange Online Permission Removal Implications
With the update of the K2 for Office 365 app corresponding to the Appit 1.5 Update 3 release, existing K2 blackpearl customers may be affected by the removal of Exchange Online permissions.
Scenario and Workaround
The scenario is as follows:
- You have a K2 blackpearl server
- You use K2 integration with one or more SharePoint Online tenancies
- You use the Microsoft Online OAuth resource to interact with Exchange Online
If one or more of these facts do not apply to you, you do not need to be concerned about this change. However, if you use the Microsoft Online OAuth resource to interact with Exchange Online, those permissions have been removed as of February 2017 from the K2 for Office 365 app.
To workaround this change, you must create a new OAuth resource based on your own Azure AD app, and use that OAuth resource when interacting with Exchange Online. The following two permissions were requested in previous releases of this app but have been removed as they are not necessary for K2 out-of-the-box functionality.
- Access mailboxes as the signed-in user via Exchange Web Services
- Use Exchange Web Services with full access to all mailboxes
For some guidance on creating your own app and OAuth resource, see How To: Restrict K2 for SharePoint to Minimum Permissions