<workflowgen url>
with the domain and path to your WorkflowGen instance; for example, localhost/wfgen
or mycompany.com/wfgen
.[email protected]
).WorkflowGen Web App
https://<workflowgen url>/auth/callback
to it.
https://<workflowgen url>/auth/logout/return
to it.WorkflowGen GraphQL API
https://<workflowgen url>/graphql
RS256
My APIs
my-apis
RS256
wfgen-graphql-full-access
Full access to the WorkflowGen GraphQL API
user.username
, user.email
, user.nickname
), just modify this rule or add your own. Make sure to populate https://api.workflowgen.com/username
with the value or to configure the ApplicationSecurityAuthUsernameClaim
option in your web.config
with the correct claim to take. Note that this option is used both in the authentication application and the GraphQL API.web.config
web.config
file and add the following properties under <appSettings>
:<CLIENT ID>
with the client ID of the WorkflowGen Regular Web App in Auth0.
<CLIENT SECRET>
with the client secret of the WorkflowGen Regular Web App in Auth0.
<METADATA URL>
with the URL that you built earlier from your domain name in Auth0. The METADATA URL
is https://[YOUR_AUTH0_DOMAIN].auth0.com/.well-known/openid-configuration
.ApplicationSecurityAuthUsernameClaim
key is set to the value entered in the rule earlier. Therefore, you can use any value here as long as you also modify the rule.web.config
.web.config
file and add the following properties under <appSettings>
:<SECRET>
with a value that can't be guessed, such as a UUID.web.config
files of certain modulesAdvantys.Security.JWTAuthenticationModule
WorkflowGen authentication module, but certain other modules should not because they are either public or aren't part of the global authentication system.web.config
, add the following property:auth
module's web.config
, add the following property:hooks
and scim
modules as well.
\wfgen\bin
to each custom webform's \bin
folder (\wfgen\wfapps\webforms\<custom webform>\bin
):
Advantys.My.dll
Advantys.Security.dll
Newtonsoft.Json.dll
jose-jwt.dll
SELF_PROVISIONING
(or something else)Self-provisioning
WorkflowGen Plus
Native
workflowgenplus://oidc
.
workflowgenplus://oidc
.Your script name
machine-to-machine
My Server Application
Non-interactive Client
The OAuth2 implicit grant is notorious for being the grant with the longest list of security concerns in the OAuth2 specification. And yet, that is the approach implemented by ADAL JS and the one we recommend when writing SPA applications. What gives? It’s all a matter of tradeoffs: and as it turns out, the implicit grant is the best approach you can pursue for applications that consume a Web API via JavaScript from a browser.
Your SPA name
Single Page Web Applications
https://localhost/login/callback
).
https://localhost/logout/return
).Authorization
header.WorkflowGen CLI
Native
http://127.0.0.1:8888/callback
.8888
is defined by default; you can change it if it's already in use on your computer.Implicit
, Authorization Code
, and Refresh Token
checkboxes are checked.Client credentials
mode.workflowgenplus://
auth.init
auth0
https://mycompany.com/wfgen
)
7gdj4hs92y
)
mydomain.auth0.com
)
https://mycompany.com/wfgen/graphql
)ws
application.