Deployment of event-based workflow fails with 401
kbt129721
PRODUCTIssue
Deployment of event-based workflow fails with 401. Only workflows that are set to start based on SharePoint Events (like Item Added) will fail. This affects K2 Designer and P&D deployments of workflows.
Symptoms
Sample Error:
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at SourceCode.SmartObjects.Services.SharePoint.TransientPlanExecutor.ExecutePlan()
Additional info: The remote server returned an error: (401) Unauthorized.x-ms-diagnostics : 3000003;reason='Invalid audience Uri '00000003-0000-0ff1-ce00-000000000000/SITE-my.sharepoint.com@TENAND ID'.';category='invalid_client' SPRequestGuid : 00f8e99d-b0eb-3000-eaba-cbb56d556978 Broker Method : RegisterEvent
Cause
When you run the K2 App Activation against a my-site / one drive site it changes the audience URL, meaning events based workflow deployment will only work on a my site and running the activation on a team site then will change this around with events based deployments working on the team site but not in the my site
Resolution
This is a known issue in the App Only Token feature that shipped in Appit Update 3.
Workaround: Run the site collection Activation from the site collection. This will update the OAuth resource values and resolve the issue untill the activation is run again on a My-site/OneDrive site.
If there is no reason to uset the K2 app on a Mysite/OneDrive site you can remove the app by removing it from the Deplyoment paths in App Deployments.
Navigate - AppCatalog > K2 App > Manage App Deployment. Remove ALL PATHS and only add sites and teams. This will remove the app from the rest of the my-sites.