Skip to main content
Nintex Community Menu Bar
Question

K2 SmartObject OAuth Authentication – Prevent First-Time Redirect to Authorize URL (Consent Prompt) – K2 5.4 FP23

  • February 19, 2026
  • 2 replies
  • 9 views
S
Forum|alt.badge.img+2

We are using K2 SmartObject with Authentication Mode configured as OAuth in K2 5.4 FP23.

The issue is that when a user executes the SmartObject via a SmartForm for the first time, the system always redirects the user to the OAuth authorize URL and requires the user to manually provide consent.

We would like to know if there is a way to prevent this first-time redirect and consent prompt.

Is there any configuration or approach (e.g., admin pre-consent, service account configuration, or token pre-authorization) that would allow users to execute the SmartObject without being redirected to the authorize URL on first use?

Our goal is to avoid requiring each end user to manually grant consent when accessing the SmartObject for the first time.

Environment:

  • K2 Version: 5.4 FP23

  • Authentication Mode: OAuth

  • SmartObject executed via SmartForm

2 replies

ScottCaseIT
Forum|alt.badge.img+4
  • ScottCaseIT
  • Novice
  • February 19, 2026

It depends. The need for a consent prompt during the user flow is handled by your configured IdP (Identity Provider such as Entra ID).

With user flow, the first time a user logs into your application and attempts to take some sort of action that requires to use of a smart object configured with OAuth, the user will be presented with a authentication prompt so that K2 can request and cache that user’s OAuth Token. So it will always happen at least once.

If as part of that flow, the user is asked to consent to K2 accessing or having some sort of right as part of the authentication process, then that is a configuration issue on the part of the IdP. You would need to review the app registration for K2 in your environment with that particular IdP.

K2 itself does not control that flow; it merely presents the prompts for each step dictated by the IdP.

S
Forum|alt.badge.img+2
  • SumitSu
  • Author
  • Rookie
  • February 20, 2026

It depends. The need for a consent prompt during the user flow is handled by your configured IdP (Identity Provider such as Entra ID).

With user flow, the first time a user logs into your application and attempts to take some sort of action that requires to use of a smart object configured with OAuth, the user will be presented with a authentication prompt so that K2 can request and cache that user’s OAuth Token. So it will always happen at least once.

If as part of that flow, the user is asked to consent to K2 accessing or having some sort of right as part of the authentication process, then that is a configuration issue on the part of the IdP. You would need to review the app registration for K2 in your environment with that particular IdP.

K2 itself does not control that flow; it merely presents the prompts for each step dictated by the IdP.

 

Thank you for your explanation.

In our scenario, K2 SmartForms is using Forms Authentication, while the SmartObject Authentication Mode is configured as OAuth.

Is it possible to configure the SmartObject to connect to the OAuth API using an app-to-app (client credentials), server-to-server flow, or by specifying a dedicated service account instead?

Our goal is to avoid prompting end users for consent, since they are already authenticated via Forms Authentication in SmartForms. We would prefer not to require users to click the consent screen when executing the SmartObject.

Could you please advise whether this approach is supported and what configuration would be required on the IdP and K2 side?

Sidebar Buttons
Nintex Community Home Contact Nintex Support Email Nintex Community Check Nintex Status
Terms & ConditionsCookie SettingsAccessibility statement