Issue
The following error shows up when you try to access K2 forms or deploy your workflow.
ID4223: The SamlSecurityToken is rejected because the SamlAssertion.NotOnOrAfter condition is not satisfied
Diagnosis
Each user's session has an expiry date and time. A user will face this error if their session has already expired and they have yet to refresh their session.
This can also happen when your K2 server's time is out of sync. If you have configured your K2 environment to use ADFS, it is also possible your ADFS server's time is out of sync.
Resolution
First off, you can try to clear your browser cache, close and reopen your browser, then try to login to K2 again to see if that refreshes the session.
If clearing the browser cache does not resolve the issue, go to your K2 server, and make sure your K2 server's time is correct. Next try rebooting your entire K2 server. If your K2 server's time has gone out of sync at one point in time, rebooting your entire K2 server can help to bring the entire environment back in sync.
If you have configured K2 to use ADFS, please check out this KB on what you can do to resolve this error.
If all the above does not resolve the issue, please log a support case with Nintex Support to seek further assistance.
Additional Information
Related Links