See Identity and Data Security in K2 Cloud for SharePoint for the updated K2 Cloud version of this document.

K2 Appit® for SharePoint applications act as a hub of information in the enterprise. In this role Appit handles data from many different systems which is exposed to users through Forms, Reports and consumed in Workflows. The way Appit authenticates users and communicates with line-of-business (LOB) systems is secure and reliable. This document describes some technical aspects of identity and data flow in the context of K2 Appit for SharePoint applications.

This document describes how Appit:

  • Protects your data, allowing only your users access to your company's information
  • Integrates securely with Azure AD for authenticating users
  • Uses standard protocols, such as OAuth, for communicating with LOB systems
  • Makes use of the Office 365 framework for requesting administrative consent
  • Employs secure technologies for data encryption and does not store or cache business data
  • Includes information about security when using the K2 Mobile app on iOS and Android devices

Originally published: July 6th, 2016
Updated February 11th, 2016 with K2 Mobile for Android information
Updated February 10th, 2017 with information on token changes, handling, and storage