Important Notes Before Upgrading
WorkflowGen 7.22.11 requires .NET 4.6.1, so you must install it before proceeding with this upgrade. .NET Framework and ASP.NET 4.7.2 are supported for runtime and webform development.
As of version 7.15.5, the optional
BACKURL_CANCELHTTP parameters used in custom WorkflowGen URLs (for example, when launching a new request and starting the first action within another website) now ONLY support absolute URLs (starting with
https://), relative URLs (starting with
/), or URLs defined in the
PortalRedirectAllowedHttpUrlsconfiguration parameter (e.g.
As of version 7.15.0, the SMTP server account and Remote Approval incoming server account passwords are no longer encrypted in the
Before upgrading an existing WorkflowGen server, you must manually reset the passwords in cleartext for the
RemoteApprovalIncomingServerPasswordparameters in the
web.config. Alternately, you can use the provided
convert-web-config-pwd.ps1PowerShell script in
\wfgento decrypt and convert the passwords in the
Microsoft SQL Server 2008/2012 are no longer supported. While these versions will still be compatible with WorkflowGen, support for any performance issues or bugs resulting from using SQL Server 2008/2012 will no longer be provided.
For clients currently hosting WorkflowGen on a database server older than MS SQL Server 2014, we highly recommend upgrading to the latest MS SQL Server version for the best performance.
This database compatibility upgrade is mandatory before migrating the WorkflowGen database from MS SQL Server 2005/2008 to 2014 and above.
It is not required if your WorkflowGen database is already running in MS SQL Server 2012.
To do this, launch the
Update\Databases\MsSQLServer\Update_WFG-V7-0_SQL_Triggers_2012.sqldatabase update script in your SQL Server Management Studio tool.
Oracle database is no longer supported as of WorkflowGen 7.16.0.
The Node.js modules include the GraphQL API, webhooks, SCIM, and Auth. For instructions on how to enable them, see the WorkflowGen Node.js-based web applications section.
As of WorkflowGen version 7.10.0, if you're using incoming webhooks or GraphQL to upload files when starting a new request or completing an action, you must set the
HooksMaxInputFileContentSizeconfiguration parameters with the appropriate values (see the When upgrading from version 7.9.1 and earlier section).
HooksFileInputAllowedFolders: These parameters should contain the physical paths of folders that contain files used in uploads.
HooksMaxInputFileContentSize: These parameters should contain the maximum file size in kilobytes when uploading files using the file content method.✏️ Note: We recommend limiting the file content size to small files under 1 megabyte.
If you are using custom web forms configured in .NET 2.0, you can keep using them in .NET 2.0 or migrate them to .NET 4.
WorkflowGen.My.dllin version 2.x.
- 2.Use a .NET 2.0 application pool.
- 3.Disable Web apps secure mode in the Security section on the General tab in the Configuration Panel.
- 4.Define or update the following nodes in the web form’s
web.config:<configuration><system.web><pages validateRequest="false" enableSessionState="true" /></system.web></configuration>
- 5.If your web form’s authentication is configured to use the built-in WorkflowGen authentication mode, then the new password hashing mode (One-way Hashing) introduced in version 6.1 will not be compatible with your web form. There are two solutions:
- Use Version 5 password management mode instead. Make sure to use the
Advantys.Security.dllfiles from version 5.x in the web form’s
- Migrate your web form to .NET 4. Make sure to use the
Advantys.Security.dllfiles from WorkflowGen version 7.x in the in the web form’s
\binfolder. For instructions on how to do this, see the next section.
WorkflowGen.My.dllin version 4.x.
- 2.Use a .NET 4 application pool.
- 3.Define or update the following nodes in the web form’s
web.config:<configuration><system.web><httpRuntime requestValidationMode="2.0" /><pages validateRequest="false" enableSessionState="true" clientIDMode="AutoID" controlRenderingCompatibilityVersion="3.5" /></system.web></configuration>
- 4.If your web form’s authentication mode is configured with the built-in WorkflowGen authentication, then make sure to use the
Advantys.Security.dllfiles from version 7.x.x in the web form’s
These instructions apply only to configuring web forms to run properly without configuration errors. They do not cover potential migration or compatibility issues that may arise due to changes in the latest version of WorkflowGen.My. You must fully retest all of your web forms before production.
The WorkflowGen.My and Workflow Web Controls assemblies are no longer strong-named in order to allow non-specific version dependency when referenced by other applications such as custom assembly SDK Workflow applications in WorkflowGen.
This simplifies the deployment procedure of an assembly SDK Workflow application to WorkflowGen 6.2.0 and later, and allows upgrading WorkflowGen to a newer version without having to rebuild the application's assembly that was referencing an older version of WorkflowGen.My.
There are some considerations when deploying a custom assembly SDK workflow application in WorkflowGen, namely the assembly location, the reference to WorkflowGen.My, and the reference to other software libraries.
There are two ways of deploying an assembly file in WorkflowGen.
The assembly file must be copied to the three bin folders containing the WorkflowGen executable files:
The assembly file can be copied to a custom folder such as
DRIVE:\MyWorkflowApps\Assembly.dll, and then use that specific path in the workflow application's definition.
WorkflowGen.My versions 3.1.0 and earlier are strong-named, which means your assembly must be built with and use the same version as your target WorkflowGen. This requires recompiling your assembly whenever you upgrade WorkflowGen to a newer version.
You can use one of the following workarounds to overcome this requirement:
- 1.Install the required WorkflowGen.My version in the system's Global Assembly Cache (GAC). For instructions on how to do this, see https://msdn.microsoft.com/en-us/library/6axd4fx6(v=vs.110).aspx.OR
- 2.Add a delegate to handle the assembly resolve event in order to load the current WorkflowGen.My version. For instructions on how to do this, see the How to add an assembly resolve event delegate to overcome WorkflowGen.My dependency issue when deploying custom assembly SDK workflow application WorkflowGen Knowledge Base article.OR
- 3.Add a web configuration setting to redirect the required version to the current version of WorkflowGen.My. For more information, see https://msdn.microsoft.com/en-us/library/twy1dw1e(v=vs.110).aspx.
If your assembly is built with WorkflowGen.My version 3.1.0 or earlier, it can be used in WorkflowGen versions 6.2.0 and later if one of the above workarounds has been implemented.
As of version 3.2.0, WorkflowGen.My is no longer strong-named in order to allow non-specific version dependency when referenced by your assembly. You can simply deploy your assembly file using one of the two methods in the Assembly location section above in WorkflowGen version 6.2.0 and later.
If your assembly is built with WorkflowGen.My version 3.2.0 or later, it can be used in WorkflowGen versions prior to 6.2.0 if you have implemented either workaround 2 or 3 above.
If your assembly uses third-party libraries, then these must also be deployed into the three WorkflowGen executable
\binfolders. Alternatively, they can be installed into the system's Global Assembly Cache (GAC) if they are strong-named assemblies.
WorkflowGen is FIPS compliant as of version 7.10.0. If you want to enable FIPS compliance in your Windows environment, you have to configure the configuration password management and user password management modes beforehand.
In the Security section on the Configuration Panel General tab, set Configuration password management mode to AES (FIPS Compliant) and enter a 32-character encryption key. When you click Save, the application passwords will automatically be converted to the new symmetric encryption mode.
In the Authentication section on the Configuration Panel General tab, set Password management mode to One-way Hashing (SHA256 FIPS Compliant) mode.
- If you're using Applicative authentication in Version 5 (Legacy) password management mode, users' passwords will automatically be converted into One-way Hashing (SHA256 FIPS Compliant) the next time they log into WorkflowGen.
- If you're using Applicative authentication in One-way Hashing (SHA256) password management mode:
- 1.Select IIS authentication mode.
- 2.Select One-way Hashing (SHA256 FIPS Compliant) password management mode, then click Save.
- 3.Re-enter all user passwords.
- 4.Reset the authentication mode to Applicative.
WorkflowGen no longer supports Internet Explorer 8, 9, or 10; Windows XP; or Windows Server 2003 or 2008.
MS SQL Server 2005 is no longer supported as of WorkflowGen version 6.2.0, and MS SQL Server 2008 is no longer supported as of WorkflowGen version 7.10.0.
Oracle database is no longer supported as of WorkflowGen 7.16.0.
The following applications are deprecated and are no longer provided as of WorkflowGen version 6:
However, if any of your processes still use these workflow applications, you can keep them declared under the WorkflowGen website as in version 5.
Edge document mode is required to properly display the WorkflowGen website in Internet Explorer 11.
<meta http-equiv="X-UA-Compatible" content="IE=edge">meta tag is included in both
\wfgen\admin\default.aspx, which instructs Internet Explorer to render WorkflowGen in Edge document mode.
Internet Explorer users must add the WorkflowGen website to the Local intranet or Trusted site security zone.
The following software is distributed with WorkflowGen (Apache 2.0, BSD, MIT and other compatible licenses):
- chai/chai-http/chai-fs/chai-things/chai-date-string (see https://github.com/chaijs/chai/blob/master/LICENSE)