This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided “as is” with no warranties.
Deployment of event-based workflow fails with 401. Only workflows that are set to start based on SharePoint Events (like Item Added) will fail. This affects K2 Designer and P&D deployments of workflows.
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
Additional info: The remote server returned an error: (401) Unauthorized.x-ms-diagnostics : 3000003;reason='Invalid audience Uri '00000003-0000-0ff1-ce00-000000000000/SITE-my.sharepoint.com@TENAND ID'.';category='invalid_client' SPRequestGuid : 00f8e99d-b0eb-3000-eaba-cbb56d556978 Broker Method : RegisterEvent
When you run the K2 App Activation against a my-site / one drive site it changes the audience URL, meaning events based workflow deployment will only work on a my site and running the activation on a team site then will change this around with events based deployments working on the team site but not in the my site
This is a known issue in the App Only Token feature that shipped in Appit Update 3.
Workaround: Run the site collection Activation from the site collection. This will update the OAuth resource values and resolve the issue untill the activation is run again on a My-site/OneDrive site.
If there is no reason to uset the K2 app on a Mysite/OneDrive site you can remove the app by removing it from the Deplyoment paths in App Deployments.
Navigate - AppCatalog > K2 App > Manage App Deployment. Remove ALL PATHS and only add sites and teams. This will remove the app from the rest of the my-sites.