Warming up anonymous EmpowerID workflows using Windows PowerShell

1. Login to any Windows server that has Windows PowerShell installed and execute the following command:

Set-ExecutionPolicy RemoteSigned

Press Y and hit ENTER to accept the Windows PowerShell execution policy change. This will configure Windows PowerShell to run any scripts that you write yourself and to run scripts downloaded from the Internet only if those scripts have been signed by a trusted publisher.

2. Copy the following Windows PowerShell script to the Clipboard. We will be modifying the section listed in red:

$anonymousWorkflows = @("WorkflowName1","WorkflowName2")
$siteUrls = @("https://server1.domain.com/EmpowerIDV5","https://server2.domain.com/EmpowerIDV5")

$unixEpoch = Get-Date -Date "01/01/1970"

$Provider = New-Object Microsoft.CSharp.CSharpCodeProvider
$Compiler= $Provider.CreateCompiler()
$Params = New-Object System.CodeDom.Compiler.CompilerParameters
$Params.GenerateExecutable = $False
$Params.GenerateInMemory = $True
$Params.IncludeDebugInformation = $False
$Params.ReferencedAssemblies.Add("System.DLL") > $null
namespace Local.ToolkitExtensions.Net.CertificatePolicy
public class TrustAll : System.Net.ICertificatePolicy
public TrustAll() {}
public bool CheckValidationResult(System.Net.ServicePoint sp,System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Net.WebRequest req, int problem)
return true;
## We create an instance of TrustAll and attach it to the ServicePointManager
$TrustAll = $TAAssembly.CreateInstance("Local.ToolkitExtensions.Net.CertificatePolicy.TrustAll")
[System.Net.ServicePointManager]::CertificatePolicy = $TrustAll

function request($url, $postData) {
try {
$req = [System.Net.WebRequest]::Create($url)
$req.Method = "POST"
$req.ContentType = "application/json"
$stream = $req.GetRequestStream()
$stream.Write($postData, 0, $postData.Length)
$res = $req.GetResponse()
write-host "Successfully requested url " + $url

catch [Exception] {
write-host "Exception making request to " + $url + ": " + $_.Exception.Message

function getPostData($workflow) {
$now = Get-Date
$secondsSinceEpoch = (New-TimeSpan -Start $unixEpoch -End $now).TotalSeconds.ToString()
$secondsSinceEpoch = $secondsSinceEpoch.Substring(0, $secondsSinceEpoch.IndexOf(".") + 4).Replace(".", "")
$data = "{`"Id`":0,`"Name`":`"" + $workflow + "`",`"InstanceId`":`"00000000-0000-0000-0000-000000000000`",`"CorrelationId`":`"00000000-0000-0000-0000-000000000000`",`"IsApproval`":false,`"Parameters`":[{`"Name`":`"_`",`"Value`":`"" + $secondsSinceEpoch + "`"},{`"Name`":`"name`",`"Value`":`"" + $workflow + "`"},{`"Name`":`"controller`",`"Value`":`"Workflows`"},{`"Name`":`"action`",`"Value`":`"Anonymous`"},{`"Name`":`"UniqueID`",`"Value`":`"" + [guid]::NewGuid().ToString() +"`"}]}"
$enc = [system.Text.Encoding]::UTF8
return $enc.GetBytes($data)

foreach($siteUrl in $siteUrls)
if ($siteUrl -ne $null)
if (!$siteUrl.EndsWith("/"))
$siteUrl += "/"
$siteUrl += "Workflows/Run";

foreach($anonymousWorkflow in $anonymousWorkflows) {
$postData = getPostData($anonymousWorkflow)
request $siteUrl $postData

3. To get the name of the anonymous workflow(s) you wish to warm up, navigate to the workflow in the EmpowerID web interface and look at the URL in your web browser. The workflow type follows the # (number sign), and the workflow name follows the / (slash) after the workflow type.

Anonymous workflows will have the following format:
Note the #aw/ indicating it is an anonymous workflow.

Collect the list of anonymous workflow URLs you wish to warm up.

4. Edit the $anonymousWorkflow variable to contain the name of the anonymous workflow(s) that you wish to warm up - for example, PasswordResetCenter and AccountRequest. Use quotations (") around the workflow name and a comma (,) in between to separate multiple anonymous workflows. For example:

$anonymousWorkflow = @("WorkflowName1","WorkflowName2")

would become:

$anonymousWorkflow = @("PasswordResetCenter","AccountRequest")

5. Edit the $siteUrls variable to contain the URL(s) of your EmpowerID servers. Use quotations around the server URL and a comma (,) in between to separate multiple EmpowerID servers. For example:

$siteUrls = @("https://server1.domain.com/EmpowerIDV5","https://server2.domain.com/EmpowerIDV5")

would become:

$siteUrls = @("https://sso.empowerid.com/EmpowerIDV5","https://idm.empowerid.com/EmpowerIDV5")

NOTE: If you are using a load balanced URL, be sure to specify the individual server names for the $siteUrls variable that the load balanced URL is pointing to.

6. To provide an example, I have modified the script to warm up an anonymous workflow, PasswordResetCenter, for an EmpowerID server located at https://sso.empowerid.com:

$anonymousWorkflows = @("PasswordResetCenter")
$siteUrls = @("https://sso.empowerid.com/EmpowerIDV5")

7. Save the Windows PowerShell script to a designated folder and provide a .ps1 extension. In our example, I will be saving the script to C:\EIDwarmup.ps1

8. Open Task Scheduler and click the Create Task... button. On the General tab, provide a Name and Description as desired. Under the Security Options section, click on the "Run whether user is logged on or not" radio button. If you need the Scheduled Task to run under a different user than the user you are currently logged in as, click the Change User or Group... button.

9. On the Triggers tab, click New. On the New Trigger window, ensure the "Begin the task:" drop down is set to "On a schedule". Under the Settings section, click on Daily. Choose a Start: date that is one day in the future. Choose a Start: time that is before your normal business hours, such as 6AM. Ensure that Recur every: 1 days is set. Under the Advanced Settings section, check "Repeat task every:" and set it to 15 minutes, and change "for a duration of" to 12 hours.

10. On the Actions tab, click New. On the New Action window, ensure the "Action:" drop down is set to "Start a program". Under the Settings pane, set the "Program/script:" to powershell.exe and set "Add arguments (optional): to the file name and path of the .ps1 file. In our example, I would set this to C:\EIDwarmup.ps1. Adjust the file name and path as needed.

NOTE: The file name and path cannot contain any spaces or you will have to use an ampersand (&) in front of the path and single quotes (') to escape it. For example, if your Windows PowerShell script is located at C:\My Stuff\EIDwarmup.ps1, you would need to use the following for your "Add arguments (optional):" field:

&'C:\My Stuff\EIDwarmup.ps1'

11. Adjust any other settings as desired and click OK to create the Scheduled Task. You will be prompted for the password of the specified account that will be running the task - enter the password and click OK. If you change the password for this account, you will need to come back to this Scheduled Task and update the password or it will fail to execute.

12. In Task Scheduler, click on the Task Scheduler Library, right click the Scheduled Task you created earlier and click Run. In the Task Scheduler window, press F5 or right click and click Refresh and look at the Last Run Result column. After some time passes you should see "The operation completed successfully. (0x0)" if the Scheduled Task is configured properly.

13. Navigate to the anonymous workflow URL(s) you specified in the script to confirm they are snappy and responsive to the end user.

NOTE: Authenticated workflows cannot be warmed up in the same manner as anonymous workflows. Thankfully, authenticated workflows will also benefit from an anonymous workflow being warmed up as the Internet Information Services (IIS) application pool and the EmpowerID workflow engine will be loaded into memory by accessing any anonymous workflow.

Please feel free to contact us by e-mail at support@empowerid.com or by phone at (877) 996-4276 (Option 2) if you have any questions or concerns regarding this guide.

Have more questions? Submit a request


Powered by Zendesk