Symptoms
K2 for SharePoint workflows and forms are inaccessible.
Multi-factor authentication was enabled on my Global Admin account which I use to register all the K2 for SharePoint apps.
This has now caused any interaction with K2 for SharePoint to give the following error message:
AAD Authorization
OAuth Error: Code=interaction_required : Description=AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000002-0000-0000-c000-000000000000'.
Trace ID: 23ee1cce-d6f3-4eab-8c6b-5059b49fb33f
Correlation ID: 1c59d8b0-c4d2-43c3-9ebf-1ea45e6d9180
Timestamp: 2016-12-01 17:19:54Z : ResourceID=d8b0bc6d-f11c-417c-9db5-78d1244d00dc : PrimaryCredentialID=453b29e9-1b85-45bf-9dfc-bcbffe17d9f8 : ResourceAudience=https://graph.windows.net
Diagnoses
n/a
Resolution
MFA was disabled on the account used to register all the K2 for SharePoint applications and this allowed registration to go through successfully.
As this was a temporary measure, we subsequently created a new account which will be used solely for the purpose of registering the K2 for SharePoint apps.
This account was granted Global Admin rights and we did not enable MFA on this account.
We then started the process to re-register all the K2 for SharePoint applications throughout all of our SharePoint sites in order to move them away from the previous account where we would eventually need to re-enable MFA.
