K2 Workflow REST API uses Basic authentication by default. If you have requirements to use the API with OAuth, then additional configurations will be required. Please note that this article only applies to scenario where you want AAD users to have access to the Workflow REST API via OAuth.
You may have come across this article (Configure K2 for Inbound OAuth) which demonstrates what you need to configure to allow the Workflow REST API to use OAuth. That article states you have to add the permission from the "K2 API" app your AAD app.
However, you may not be able to find this "K2 API" app when you try to search for it. This article will guide you through on how to create your own "K2 API" app.
Your K2 environment needs to be configured to allow AAD users to login to K2. Please refer to this document (Manually Configure K2 for Azure Active Directory) if you have not done so.
With the API app created, all that is left is to configure your K2. Refer to the article Configure K2 for Inbound OAuth, and follow Step 3: Configure the Bearer Token OAuth resource in K2 and Step 4: Enable the relevant K2 API.