Skip to Main Content
Nintex Ideas

đź‘‹ Use this site to provide feedback and ideas for all Nintex Products. See our post on Nintex Community "Welcome to Nintex Ideas" for more details on Nintex Ideas, how an idea is handled by our product teams and more!

If you have questions about Nintex Ideas, please contact

If you require support, please visit Nintex Customer Central

If you have a sales inquiry, please contact

Workspace K2 Cloud
Categories Reporting
Created by Tin Bui
Created on Jan 10, 2024

MFA Support for when Setting Up AAD Consent and using K2 APIs

When setting up AAD Consent for K2 APIs, you have to disable MFA as per:

Turn off Multi-Factor Authentication before granting consent. You can then turn MFA back on once consent has been granted.

This is because the underlying code was created before Microsoft's latest MFA implementation and therefore the consent loop will not work unless MFA is disabled. Note that the consent loop does not affect runtime authentication. Once the app is consented, you can enable MFA again and the runtime authentication will operate as expected. In other words, disabling MFA is only required while you are granting consent.

However, it appears that using basic auth with MFA also does not work:

You cannot log in to the Workflow REST API and the SmartObject OData API using Basic Authentication with an Azure Active Directory account that has Multi-Factor Authentication (MFA) enabled.

It would be great if the underlying code is updated so that the consent loop works with MFA enabled and/or if a custom Oauth connector was created and released for PowerBI that supported Oauth.

  • Attach files