Beginning with K2 Appit 1.5 Update 6 and continuing in K2 Cloud, identities from Azure Active Directory (AAD) and SharePoint Online are synchronized to the Identity Cache using the Identity Microservice. This service eliminates the need for the K2 server to resolve identities on-demand and to expire identities, resulting in better performance and handling of identity information.
The identity microservice automatically synchronizes identities and updates from AAD and SharePoint Online to K2. Supported identities include users and groups stored in Azure Active Directory, Office 365 groups (which are AAD groups), and SharePoint groups.
When K2 is provisioned, an AAD sync job is created and all AAD groups and users are synced to the identity cache in K2. This process can take some time to complete, depending on the number of AAD users and groups you have. Additionally, when you run the K2 for SharePoint Site Collection Activation Wizard, a SharePoint sync job is created for that SharePoint site collection and then SharePoint groups and memberships are synced. Once the full sync is completed, differential syncs occur every 15 minutes. You can contact K2 Support if you need to change this interval.
For Appit instances that are upgraded from K2 Appit 1.5 Update 5, the SharePoint sync functionality occurs when you run the SharePoint Registration Wizard. This ensures that sync jobs are created for previously-activated site collections.
The following properties are synced from AAD:
The following properties are synced from SharePoint:
* related to members in the group
There are several considerations to keep in mind when working with identities in K2.