You can use Windows Authentication instead of SQL Server Authentication for the WorkflowGen back-end database and other external databases (e.g. usage of another application pool user; no password in any file).
To configure Windows Authentication, use one of the following connection strings in the WorkflowGen web.config file, located in the DRIVE:\Inetpub\wwwroot\wfgen folder:
-
Data Source=myServerAddress;Initial Catalog=myDataBase;Integrated Security=SSPI;OR
-
Server=myServerAddress;Database=myDataBase;Trusted_Connection=True;
You’ll also need to modify the WorkflowGen application pool identity for a service account. To do this:
-
In IIS Manager, right-click on the WorkflowGen application pool, then select Advanced Settings.
-
In the Process Model section, select Identity, then click the
...button. -
Select Custom Account, then click Set…
-
Enter your credentials, then click OK.
-
Make sure the application pools for the other WorkflowGen web applications (
auth,graphql,hooks,scim,ws, andwebforms) match thewfgenapplication pool. -
Make sure the custom account has read/write and modify permissions for the WorkflowGen SQL database and the WorkflowGen files and folders.
-
Use the same account as the application identity to run the WorkflowGen engine and directory synchronization services.
For more information on SQL Server connection strings, see https://www.connectionstrings.com/sql-server/.