Sunday, February 17, 2013

SharePoint 2013: Workflow Manager Installation and Configuration

SharePoint 2013 introduced a new way of workflow management. Now workflow can be hosted in separate server – so scalable and reduces load on SharePoint Web Front End server. However this introduce a new level of complexity that we need to be aware of.



To use a windows server as workflow manager you need to install/configure Workflow Manager in the windows server. Workflow manager is a new kind of application server that host/manage workflow execution. SharePoint 2013 workflow is based on .net framework 4.0. Workflow Manager is designed with Window Azure hosting in mind, but now it supports on-premise installation. If organizations now want to host the workflow on-premise they can still use Workflow Manager but in future if they want to move to Windows Azure hosting for their workflow, the migration will be smoother with this Workflow Manager.


You should Know

Before start installing/developing SharePoint Manager you need to know few points:

  • You should not use SharePoint ‘system account’ to test workflow. If you use ‘system account’ to develop/run workflow, the workflow will fail to run.
  • You need to make sure User Profile Service (UPS) is running and the user who is running workflow has profile in UPS. Workflow Manager use UPS under the hood.
  • Make sure App Management Service is created and running. You don’t need to configure SharePoint 2013 App settings in the server, just creating App Management service (with proxy) will do.
  • SharePoint 2013 workflow is declarative – means you can only define workflow in XML. You can’t write any C# code inside workflow as you used to do before. All your custom logic should be put outside of SharePoint, inside WCF Service. Then you will call the service from workflow to implement your custom logic in code.
  • To register workflow Server with SharePoint, a SharePoint site collection URL is provided (see the section Register Workflow Service with SharePoint later in the post). Apparently it seems, each and every site collection need to be registered with workflow server. But it’s not, registering a single SharePoint site  collection, will enable workflow manager for all SharePoint web applications/site collections.


Install/Configure Workflow Manager

The first step in workflow setup/configuration is to install workflow manager in the workflow server (either Web Front End or a separate server). To install the workflow Manager download it from Microsoft Site or alternatively you can download it from Web Platform Installer. The installation contains few components:

  • Workflow Manager: This is the host that runs workflows.
  • Workflow Manager Client: It contains the API to allow clients to communicate with Workflow host.
  • Workflow Tool: It needs to be installed in the development server to develop SharePoint 2013 workflow. It supports the workflow development in Visual Studio 2012.

Workflow Manager client needs to be installed in every SharePoint WFE server.

After installing Workflow Manger, you can configure workflow manager with Workflow Manager Configuration Wizard. The configuration involves two steps: Workflow Manager Configuration and Service Bus Configuration.

  • Workflow Manger Configuration (first step in the wizard) is the configuration related to work host server
  • Service Bus configuration (second step in the wizard): Service Bus is used to manage communication between Workflow Server and it’s client (so, SharePoint). Service Bus queues the income request to workflow manage, provide REST interface for Workflow Manager etc.

In workflow configuration wizard don’t use any admin or SharePoint setup user, create a new service user for workflow and use that user:


Figure 1: Workflow Manager Service Account


If you want SharePoint Server to communicate with Workflow Server over HTTP, you can select the option shown below. But please make sure this is secure in your case. For public site, this might not be secure but in case of Local Intranet with firewall, this might be secure.


Figure 2: Communication over HTTP


If you want to use the same service account (as well as auto generated key for certificate), you can use so as shown below:


Figure 3: Same service account and certificate key is used for both Workflow Manager and Service Bus Configuration. 

In the final step of the workflow configuration wizard you can generate PowerShell script that you can reuse across different SharePoint Farms.


Register Workflow Service with SharePoint

Once you have installed/configured Workflow Server, you need to register the workflow service to SharePoint Server. The registration depends on how the SharePoint and Workflow server is connected to each other. You can find more details at technet site. The workflow manager creates an HTTPS endpoint at port 12291 and HTTP port at 12290. If you use HTTP for communication you need to provide ‘AllowOAuthHttp’ switch in the PowerShell command. The PowerShell command looks like below:

Communication over HTTP

Register-SPWorkflowService –SPSite http://sharepointsite –WorkflowHostUri http://workflowhost:12291 –AllowOAuthHttp


Communication over HTTPS

Register-SPWorkflowService –SPSite http://sharepointsite –WorkflowHostUri https://workflowhost:12290


PowerShell Script to Install/Configure Workflow Manager

I have modified the wizard-generated PowerShell script a bit to make it more reusable. The Script reads configuration values from xml file and apply the configuration. The script uses auto-generate key for certificate. Also the database name are hard-coded in the script, but you can add prefixes (like dev, test, prod) to the database from xml file. The script also configure App Management Service, if the service is not already created. The sample PowerShell Script is provided below:

#Get current user full login name
$CurrentUserLoginName=[Environment]::UserName + '@' + [Environment]::UserDomainName;
#Get current server fully qualified domain name

#Load SharePoint Snapin
if ( (Get-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue) -eq $null ){
Add-PsSnapin Microsoft.SharePoint.PowerShell

#Get DB Connection String
function GetDBConnectionString([string]$connectionStringFormat, [string]$dbPrefix, [string]$dbName){
if($dbPrefix -ne ""){
$dbFullName=$(GetDBName $dbPrefix $dbName);
return [string]::Format($connectionStringFormat,$dbFullName);
else {
return $dbName;

#Add Dev, Test etc. environment prefix, if needed
function GetDBName([string]$dbPrefix,[string]$dbName){
if(($dbPrefix) -and ($dbPrefix -ne "")){
return $dbPrefix + "_" + $dbName;
return $dbName;

#Get current Script directory
function Get-ScriptDirectory
$Invocation = (Get-Variable MyInvocation -Scope 1).Value
Split-Path $Invocation.MyCommand.Path

function ConfigureWFManager([string]$settingsFile){
[xml]$wfsettings = Get-Content $settingsFile
$ConnectionStringFormat="Data Source=$databaseServer;Initial Catalog={0};Integrated Security=True;Encrypt=False";

# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.
# Create new Service Bus Farm
$SBCertificateAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String $CertificateKey -Verbose;

New-SBFarm -SBFarmDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'SBManagementDB') -InternalPortRangeStart 9000 -TcpPort 9354 -MessageBrokerPort 9356 -RunAsAccount $RunAsAccount -AdminGroup 'BUILTIN\Administrators' -GatewayDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'SBGatewayDB') -CertificateAutoGenerationKey $SBCertificateAutoGenerationKey -MessageContainerDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'SBMessageContainerDB') -Verbose;

# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.

# Create new Workflow Farm
$WFCertAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String $CertificateKey -Verbose;

New-WFFarm -WFFarmDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'WFManagementDB') -RunAsAccount $RunAsAccount -AdminGroup 'BUILTIN\Administrators' -HttpsPort 12290 -HttpPort 12291 -InstanceDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'WFInstanceManagementDB') -ResourceDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'WFResourceManagementDB') -CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;

# Add Service Bus Host
$SBRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String $RunAsPasswordPlain -Verbose;

Add-SBHost -SBFarmDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'SBManagementDB') -RunAsPassword $SBRunAsPassword -EnableFirewallRules $true -CertificateAutoGenerationKey $SBCertificateAutoGenerationKey -Verbose;

# Create new Servie Bus Namespace
New-SBNamespace -Name $WorkflowNamespace -AddressingScheme 'Path' -ManageUsers $RunAsAccount,$CurrentUserLoginName -Verbose;

Start-Sleep -s 90
Catch [system.InvalidOperationException]

# Get Service Bus Client Configuration
$SBClientConfiguration = Get-SBClientConfiguration -Namespaces $WorkflowNamespace -Verbose;

# Add Workflow Host
$WFRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String $RunAsPasswordPlain -Verbose;

Add-WFHost -WFFarmDBConnectionString $(GetDBConnectionString $connectionStringFormat $dbPrefix 'WFManagementDB') -RunAsPassword $WFRunAsPassword -EnableFirewallRules $true -SBClientConfiguration $SBClientConfiguration -EnableHttpPort -CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;

Write-Host "Registering workflow host (HTTP) to site: $SharePointSiteUrl";
Register-SPWorkflowService –SPSite $SharePointSiteUrl –WorkflowHostUri $("http://$HostFQDN" + ":12291") –AllowOAuthHttp

function ProvisionAppManagementService([System.Xml.XmlNode] $settings){

$appManagementServices=Get-SPServiceApplication | Where-Object { $_.GetType().ToString() -eq "Microsoft.SharePoint.AppManagement.AppManagementServiceApplication"}
If($appManagementServices -ne $null)
Write-Host "An App Managemetn service is already running. Returning.." -ForegroundColor Yellow

Write-Host "Provisioning App Management Service";
$appPool=$(GetAppPool $appManagementService)
$dbName=$(GetDBName $settings.DBPrefix $appManagementService.DBName);
$appAppSvc = New-SPAppManagementServiceApplication -ApplicationPool $appPool -Name $appManagementService.Name -DatabaseName $dbName
New-SPAppManagementServiceApplicationProxy -ServiceApplication $appAppSvc

function GetAppPool([System.Xml.XmlNode] $appManagementService){
$pool = Get-SPServiceApplicationPool -Identity $AppManagementService.AppPoolName -ErrorVariable err -ErrorAction SilentlyContinue
If ($err) {
# The application pool does not exist so create.
Write-Host -ForegroundColor White " - Getting $($appManagementService.ManagedAccountUserName) account for application pool..."
$managedAccount = (Get-SPManagedAccount -Identity $appManagementService.ManagedAccountUserName -ErrorVariable err -ErrorAction SilentlyContinue)
If ($err) {
If (($appManagementService.ManagedAccountPassword -ne "") -and ($appManagementService.ManagedAccountPassword -ne $null))
$appPoolConfigPWD = (ConvertTo-SecureString $appManagementService.ManagedAccountPassword -AsPlainText -force)
$accountCred = New-Object System.Management.Automation.PsCredential $appManagementService.ManagedAccountUserName,$appPoolConfigPWD
$accountCred = Get-Credential $appManagementService.ManagedAccountUserName
$managedAccount = New-SPManagedAccount -Credential $accountCred
Write-Host -ForegroundColor White " - Creating applicatoin pool $($appManagementService.AppPoolName)..."
$pool = New-SPServiceApplicationPool -Name $appManagementService.AppPoolName -Account $managedAccount
return $pool;

Function ShouldIProvision([System.Xml.XmlNode] $node)
If (!$node) {Return $false} # In case the node doesn't exist in the XML file
# Allow for comma- or space-delimited list of server names in Provision or Start attribute
If ($node.GetAttribute("Provision")) {$v = $node.GetAttribute("Provision").Replace(","," ")}
ElseIf ($node.GetAttribute("Start")) {$v = $node.GetAttribute("Start").Replace(","," ")}
ElseIf ($node.GetAttribute("Install")) {$v = $node.GetAttribute("Install").Replace(","," ")}
If ($v -eq $true) { Return $true; }
Return $false;

Write-Host "Configuring WF Manager"
ConfigureWFManager "$location\WFFarmSettings.xml"

Code Snippet: PowerShell Script to configure Workflow Manager

The following XML file provides the input settings for the above PowerShell script (named as WFFarmSettings.xml in the above PowerShell script). Though you will use a site collection to register the workflow and SharePoint communication, I’ve found that workflow work for all others site collections/web application in the SharePoint Server.

  <!--Delete DBPrefix tag, if you don't want any prefix-->
  <!--Key used to generate certificates-->
  <!--Database server name, database names are hardcoded in powershell-->
  <!--Format should be USERNAME@DOMAIN-->

  <!--dot (.) not allowed-->
  <!--To work with workflow, app management service need to be provisioned-->
  <AppManagementService Provision="true">
    <Name>App Management Service Application</Name>
    <!--If managed account already exists with the same name, the existing one will be used-->
    <AppPoolName>App Management Service App Pool</AppPoolName>


  1. Thanks, for article!

    I install all components that is required for develop workflow in sharepoint 2013. I create simple workflow on list with one code activity WriteToHistoryList, "Message" property set to "test1".
    Than deploy this project, everything good - "test1" is display in WorkflowHistoryList. After I change the property "Message" to "test2" and redepoy solution, but in WorkflowHistoryList is display old value "test1". Why is it? How I redeploy workflow in Workflow Manager in sharepoint 2013?

  2. Did you used SharePoint 2010 template to create workflow? In SharePoint 2013, you can create code activity, all are declarative. You might need to recreate workflow association.

  3. I have the same problem such as here:
    I can't deploy new version of WF.
    Is this a bug?

  4. Had you tried to restart workflow related services? I'm not sure but maybe the workflow related service caches the workflow?

  5. Can you see this?
    Do you have the same problem?

  6. I have installed workflow manager and verified that I am able to run the sharepoint 2013 workflow from sharepoint designer.
    I am also able to deploy and run sharepoint hosted app. Now I have added a new item workflow in sharepoint hosted app , it contains write to history. after deploying I noticed my workflow is not working as history list does not contain any data.
    Can any body provide few idea? similar example is in msdn
    I have also tried to run this example but it is giving error workflow1 can not be added in app project.

  7. @Ashish, Have you created/test a SP Designer workflow running?Please use the tools/techniques described here ( to diagnose the issue. Using the tool/techniques, you can find out where's the problem is.

  8. Workflow Manager 1.0 is an Azure service introduced with SharePoint 2013 for running and managing workflows. In order to use the external service, you must download and install Workflow Manager then configure it to communicate with your SharePoint 2013 farm in SharePoint Development Services.

  9. Sohel, thanx for reply.I have created and successfully run sharepoint 2013 workflow from sharepoint designer.the issue is when i use workflow in sharepoint hosted app.I have enabled diagnostics logging as per "" it contains no error. I have inserted breakpoint in workflow.xaml,as per "" but not able to debug as application does not start after attaching process.In database log my 'debug trace' table does not contains any data.

  10. I think the issue is- workflow is not being triggered when I add any item in the list instance.May be workflow is not being associated correctly with the list instance. I have also noticed in msdn article in workflow there is element.xml file, when I added a workflow in my sharepoint hosted app there is no element.xml file only workflow.xaml file is there.

    1. The same problem am facing , how to rectify this? workflow is not being triggered when I add any item in the list instance.

  11. I deployed my visual studio workflow to my appdomain url, now workflow is working when we add items in list of sharepoint hosted app.

  12. Very Nice Article.

    Here is one more article explaining Sharepoint 2013 basics

  13. Sohl, thank you for your blog. We share the same name. i just have an extra i. My name is Soheil :). I have installed and configured workflow for one of my client on a 4 server environment ( 2 app, 2 webfrontend). Now they are asking me for high availability. I installed and configured the workflow on one of the app server and then installed and configured workflow client on all other servers to join to the server that i installed workflow initially. I don't care about the workflow DB at this point. I do understand that i have to have at-least 3 server with service bus running in order to make it high available. Do i already have service bus running by installing workflow client on other server? Does this mean the workflow is already high available? since all the workflow client has been configured to point to that specific server i don't believe it s highly available. I would appreciated if you could guide me to right direction.

  14. @Soheil, If I understand you correctly, your workflow manager is running in only one server which means it's not highly available. Workflow client is a client component whereas workflow manager is server components. Workflow clients allows clients to communicate with workflow servers. In the new app server, install the workflow manager and then when you will run the wizard, you will get the 'join an existing workflow manager farm'.

  15. Thank you for your response. I forgot that workflow manager has the option to join to existing server as well. I will try that on the staging environment next week.

  16. This comment has been removed by the author.

  17. Sohel,

    I see you say that your script configures the App Management Service, but I don't see that it does that anywhere. Was that omitted or removed after the fact, or perhaps I'm just completely missing it?


  18. @Wes, Thanks for pointing out the error. I've updated the script, now it'll provision the app management service.

  19. thanks for getting nice information

  20. Excellent. Very nicely explained..I also had an article about sharepoint .. visit my article

  21. Hi Sohel,

    I get an error while publishing workflow using SharePoint designer 2013. Error is : "System.InvalidOperationException: Operation failed with error Microsoft.Workflow.Client.WorkflowCommunicationException: The request was aborted: The request was canceled. Client ActivityId : 4c7d4f9c-2f53-30a1-1a90-9c43d13b8ad0. ---> System.Net.WebException: The request was aborted: The request was canceled. ---> System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.pipe://localhost/SecurityTokenServiceApplication/appsts.svc that could accept the message. This is"


  22. Hi Sohel
    Can I choose to only use workflow using SharePoint 2010 features? I don't want to use the workflow manager at all, don't want to use Azure at all and want the level of control that C# provides. I specifically DONT want to use the downloadable Workflow Manager at all.

  23. @Sean Achim, If you just want to use SharePoint 2010 workflows, you don't need to install Workflow Manager. The SharePoint 2013 installation includes support for SharePoint 2010 workflows.

  24. I am stuck at "runAs" account, I have created a new account in AD, no special permission granted but getting error "specified runas account is invalid", I have tried with other spfarm and spadmin accounts but same error.

  25. Hi! Great post. I have an issue and i cant seem to find out what is wrong. If anyone can provide any advice it, it would be appreciated.
    When i provision the Workflow Proxy, i lose access to open up the Workflows page when selecting it from the ellipsis next to each item. This is when using a regular user account (non admin privileged) When i remove the Proxy, the ability to access the workflows page is restored. I have followed all of the steps as far as i can see.

  26. Nice Post...
    I have one question :
    I have configured the Workflow Manager Service using the domain\hbpatel service account.
    Then I have created SharePoint 2013 Workflow on the List. and Create custom form which submit the entry using elevated privileged of domain\SP_Service Account.
    But while creating the task in the workflow task list, it provides the "access denied" error for SP_Service Account.
    So what is the reason?
    And How can I change the already configured Service account domain\hbpatel to Domain\SP_service.???

  27. I have installed workflow manager and verified that I am able to run the sharepoint 2013 workflow from sharepoint designer.
    created a list workflow and published successfully, but it does not initiate on any of the option like manual, create , changed item into the list
    please help

  28. hi I am also facing the same issue as Krishna Kumar. I can sucessfully create and publish the workflow with out errors from the designer. When i go to the list and check for teh work flow under settings ,none of 2013 workflows are listed. I used evnt viewer and could see a warning logged. Scope not found at http://xxx.xx/sharepoint (Workflow service URL). I tried to register the service with differnt scope using witches -Force and -scope but that didnt help.

  29. Sohel - Does the Workflow Service Account has to be a domain account? or local account will do?


  30. @Khushi, It should be domain account. All service accounts in SharePoint should be domain account as the account might require to access network resources (like database)

  31. Thanks Sohel. I have one more confusion. Do I need to have separate accounts for workflow installation, workflow service account and bus service account? or Can I use single account for all? Also, should I need to add workflowservice account to the SharePoint Server Administrator's group?


  32. Also, what account should I use to logon to install Workflow Manager , SharePoint account or workflow service account?

  33. I was able to install configure and create a new 2013 workflow. But when I start the workflow it says started for a while and then shows the message canceled.Nothing in the logs. What can I look for?

  34. Hi Sohel,
    I have two seperate farms (SharePoint, and Enterprise Search) with APP, WFE, and DB on each farm.I am confused. Can you please clear:
    1) Do i install workflow manager, and configure workflow in all servers or only in WFE's?
    2) Do i install workflow manager, and configure workflow in Enterprise farm also. If so, in WFE only or in all servers?

  35. Hi Sohel,
    When im registering my workflow with a site collection, using register-spworkflowservice command, i am getting an error - unable to connect to remote service at .
    I cannot understand why this is not running because I can browse my workflow uri and see xml returned.
    All my services are started related to service bus, window fabric, service bus.
    My app management service and user profile service is also running. i can see the profile of the user in user profile SA.
    The only thing not stated is user profile synchronization service, but if my user profile exists then do I really need synchronization service?

    Any help would be extremely appreciated.

  36. Hello,

    You have mentioned that "The workflow manager creates an HTTPS endpoint at port 12291 and HTTP port at 12290."

    But and in example 12291 used for HTTP and 12290 for HTTPS Please clarify.

    And Also I have one question regarding Service registration with site collection,

    It is mentioned that "Each and every site collection need to be registered with workflow server. But it’s not, registering a single SharePoint site collection, will enable workflow manager for all SharePoint web applications/site collections."

    But in my scenario When I have deployed workflow on another SiteCollection on which Workflow service was not registered Workflow didn't worked It used to stuck on Started State but then I register service again on with new scope name with that site collection and It worked and started causing issue on previously registered Site Collection.

    What can be the reason for this?

  37. @Jignesh, the post is 3 years old and some of the instructions might not be valid anymore. Please find/follow new documentation.

  38. Would there be any issues if i install my Workflow Manager Client on my Search server?


Note: Only a member of this blog may post a comment.