K2 and upcoming changes to Exchange Online authentication


On 20 September 2019, Microsoft shared updated information regarding plans to turn off Basic Authentication for Exchange Web Services (EWS) for Exchange Online on 13 October 2020. These Microsoft articles have more information about the upcoming change:

This notification from Microsoft may lead to questions about your K2 environments and whether they will be affected by these changes. This article attempts to address the most common questions arising from the upcoming authentication change.

FAQs about the authentication change

Q: Does K2 use EWS + Basic Authentication for Exchange Online integration?
A: Yes

Q: Which K2 components are affected by the change?
A: Workflow SmartActions, Workflow Notifications and the Workflow Email Step.

Q: Which K2 versions are affected?
A: All currently supported products are affected: K2 Cloud, K2 Five and K2 blackpearl.

Q: Will this upcoming Microsoft change affect supported Exchange on-premises versions?
A: No. Exchange on-premises will not be affected by this change.

Q: Does K2 have a plan to address this change prior to the 13 October 2020 deadline?
A: Yes. K2 will update Exchange Online integration to utilize OAuth authentication in the April 2020 release for K2 Cloud and K2 Five. K2 blackpearl customers who use Exchange Online will need to upgrade to K2 Five to receive the update.

Q: Are SmartObjects that use the Exchange Management, Exchange Administration and Exchange Metadata Service Types affected? 
A: No. These Service Types do not support Exchange Online and therefore are not affected

Q: Are the Exchange Wizards affected?
A: No. These wizards do not support Exchange Online and therefore are not affected.

Q: Are the SmartObjects using the Exchange Online Service Broker affected?
A: It depends on the Authentication Mode used for the Service Instance:   

  • Using OAuth Authentication: Not affected - OAuth Authentication will remain fully supported after this change.
  • Using Impersonate Authentication: Not affected - Impersonate Authentication is only supported for Exchange On-premises which will not be affected by this change.
  • Using Static Authentication for Exchange On-premises: Not affected - Exchange On-premises is not affected by this change.
  • Using Static Authentication for Exchange Online: Affected - Static Authentication credentials are passed using Basic Authentication which will no longer be supported. Change the service instance to use OAuth Authentication instead.