< class="prominent-subhead ">

Using a Non-Default Security Label account as the Recipient User in a Workflow

This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.


When a K2 Workflow Process is assigned using the specific user's email address, K2 will search the default security Label first. If the user is found, the default label FQN will be used as the destination user.

Under certain environmental setups, a user might have synchronised user accounts across different authentication platforms, (i.e. Active Directory and Azure Active Directory). As both accounts will have matching information an additional step will be required to identify the account against the non-default K2 label.

Before You Begin

You will need to have SmartObject create rights.

The name of the Non-Default Security Label needs to be known.

How-to Steps

In this example, steps will be explained to configure a recipient in a K2 Five Workflow to an AAD user account. An email address entered as a Workflow Input Data Field will be used as the Workflow Task destination user.

1. Using the SmartObject Tester Tool or K2 Management > Integration > Service Instances, create a new SmartObject from the User Role Management Service Instance > URM Service > User.

2. Create the SmartObject in a relevant category i.e. Wolkflow.

3. Create a Workflow containing an Input Variable (i.e. EmailAddress) and a user Task


4. On the User Task, open the Recipients tab and select Type/Construct my own.


5. In the Context Browser, select the SmartObjects Tab, and select [SmartObject name created above] > Get Users method > FQN property and drag it into the Recipient field.


6. Configure the SmartObject with the following values:

  - Email – The EmailAddress input Property
  - Label Name – The required label i.e. AAD


7. Deploy the Workflow

8. Start a new Instance with an AAD user email address at the input Data Field.

9. Verify if the Task is displayed on the correct AAD user Worklist.