Skip to main content

Hi Mates,

We had a cloud environment configured for our client.  we are using the K2 Dev integration account to authenticate with K2. 

To test the workflow Rest api. I had used the postman. In Postman we are trying to retrieve the list of all workflows. Using my id it's working fine. but when I used K2 Dev integration account (*personal details removed*). I am getting below error 

"Message": "Authorization has been denied for this request.".

I am using the Basic Authentication mode to call the workflow API from Postman. will it work? K2 Dev integration account has global administrator permission on AAD. I have granted Admin, Export & impersonate rights server rights to this account. 

 

Can you please let me know what permission is required? how it can be works

Hello  @Tan ,

 

Please have a look at these documents to help your authentication issue

 

How to configure REST Workflow API with Oauth Authentication on PostMan: Click here Tan...

 

 

How To: Use Postman to Test the Workflow REST API using OAuth: Click again Tan

 

All the best

Hi,
Thanks for your reply. Can we have APP to APP authentication? What kind of rights and configuration is required to set up that?

Hi  @Tan ;


 


As per this kb (https://help.k2.com/kb002838) you need to add the K2 delegated API permission to your Azure AD App, as it's necessary for K2 to authorize the OAuth request from your AAD identity.


 


-Widson.

Hello @Tan 

Please have a look at the following documents with information that you need,

 

Standard K2 Site Authentication:

https://help.k2.com/onlinehelp/k2five/icg/5.1/default.htm#Configure/SF/Authentication.htm

 

Configuring a Service Instance to Use a Custom OAuth Resource 

https://help.k2.com/kb001702

 

How to configure REST Workflow API with Oauth Authentication on PostMan

https://help.k2.com/support-services/kbt153745

 

How To: Use Postman to Test the Workflow REST API using OAuth

https://help.k2.com/kb002838

 

Configure AAD and K2 Services for Inbound OAuth

https://help.k2.com/kb002784

 

Enjoy

Good day Tan


In addition to the information that “Widson” has provided I believe that you will need to make use of Inbound OAuth which means 'incoming' integration where third-party systems need to interact with K2 APIs. Examples include custom applications that need to start workflows, retrieve and complete workflow tasks, or execute SmartObject methods via K2 APIs. In this scenario, the bearer token is verified and used by K2 to authorize the incoming request. These incoming tokens are not cached by K2. This article describes how to set up and use inbound OAuth.


 


Please see the following KB article which describes how to Configure AAD and K2 Services for Inbound OAuth: https://help.k2.com/kb002784


 


Kind regards,


Dumisani


 

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings