Preparing SharePoint Online

SharePoint Online, because it is setup and maintained my Microsoft, does not need anything specifically setup before adding the K2 for SharePoint app. However, you must make sure that you are a Tenant admin to install the app for the first time and that you have an App Catalog and a target site collection created. Also, as mentioned in other topics, the Remote Event Receiver service in K2 must be available on the internet and signed by a root authority certificate in order for SharePoint to make the call when events occur in a list or library.

The Remote Event Receiver service in K2 must be available on the internet and signed by a root authority certificate in order for SharePoint to make the call when events occur in a list or library.

Prerequisites for SharePoint Online Integration

The following section discusses specific integration preparation steps required for SharePoint Online and K2 prior to installation.

SSL for K2 Site

SharePoint Online is always SSL-enabled and therefore it is mandatory for the K2 site to also be enabled for SSL. The K2 for SharePoint app registration wizard prevents you from proceeding if this configuration has not been completed.

Internet-Accessible K2 Sites

The Remote Event Receiver service in K2 must be available on the internet and signed by a root authority certificate in order for SharePoint to make the call when events occur in a list or library.

When using the K2 for SharePoint app with SharePoint Online there is communication that must take place between your on-premises K2 Servers and K2 sites (Runtime), and your SharePoint Online environment. This may require opening ports and sites through your corporate firewall. There are two scenarios listed below, each with their own requirements. Follow the steps for the scenario that best fits your needs.

  1. All users of your SharePoint Online environment are behind your corporate firewall.
    • The SP15EventService on the K2 Server that SharePoint calls when SharePoint events occur must be publicly available on the web. This is the service that is used for initiating workflows from SharePoint events (Example: File Uploaded, Item Added, etc.).
  2. Some or all of your users will access your SharePoint Online environment from outside your corporate firewall.
    • The entire K2 site and your K2 smartforms sites must be made publicly available on the web.

Azure Active Directory

SharePoint Online requires the use of Azure Active Directory (AAD). When you register the K2 for SharePoint app K2 automatically registers the appropriate resources against your AAD tenant for the purpose of authentication and authorization.

App Upload and Installation Permissions

There are a minimum set of permissions that are required of the user that will upload the K2 for SharePoint app into the SharePoint app catalog and of the user that will add the K2 for SharePoint app onto a SharePoint site.

  • Permissions required to add the K2 for SharePoint app to a SharePoint site
    • Contributor Rights on the SharePoint site
  • Permissions required to upload the K2 for SharePoint app to the SharePoint app catalog
    • Tenant Admin of the SharePoint environment