Greetings from K2!

Today Microsoft unexpectedly changed the common consent scopes without notifying the partners who have built applications with a dependency on this framework. K2 relies on this framework for OAuth token flows between SharePoint Online and K2 blackpearl 4.6.9.

The result of Microsoft's change is that any tokens issued after 12pm PST are no longer valid. You will see an "Access Denied" message when accessing the K2 app when the OAuth tokens expire.

Note: This change only affects K2 blackpearl with SharePoint Online configurations. SharePoint on-premises configurations are not affected.

The steps for fixing your environment are detailed in KB001671: Troubleshooting K2 for SharePoint with SharePoint Online (

We are working with Microsoft to implement processes to prevent these unexpected maintenance issues from impacting our customers in the future. 

K2 Product Team