# On-prem agent installation using Windows package
PREREQUISITES
You must create an on-prem group before you can set up an on-prem agent.
Complete the following steps to create an on-premise (on-prem) agent for a Windows operating system (OS):
Sign in to your Workato account. The Orchestrate platform displays by default.
Go to Tools > On-prem groups and select the group where you plan to add an agent.
Click Add agent. The Add agent dialog opens.
Provide an Agent name, use the Operating system drop-down menu to select Windows, and then click Next.
Select Windows as your operating system
Click Download installer and click Next.
Click Download agent package
Run the installer. The installer stores the agent in C:\Program Files\Workato Agent
, creates a Workato group in the Start menu, and installs a Windows service called Workato on-prem agent
by default.
OPA WINDOWS SERVICE USER ACCOUNTS
From OPA version 2.18.0 onwards, the Workato OPA Windows service user account is set to Local Service
instead of Local System
, which was used in previous versions.
Complete the following steps to access the settings of an OPA Windows service user account:
Press Win + R
, type services.msc
, and press Enter
.
Go to the Services window and locate the agent.
Right-click the agent and select Properties
Copy and paste the Activation command from Workato when prompted. The code is valid for one hour. Click Regenerate code to generate a new code if it expires.
Alternatively, you can select Activate agent manually and activate the OPA after installation by starting the Workato on-prem agent Windows service or using the activation script, depending on your setup.
Copy and paste the Activation command
ALLOW TRAFFIC TO WORKATO FROM YOUR SERVER
Ensure traffic to Workato is allowed from your server to use OPA. Refer to security allowlists to add Workato to your allowlist.
Return to Workato and click Next.
Click Test agent to confirm that your on-prem agent is working as expected.
Test the on-prem agent
Click Done to complete the installation.
PRIVATE KEY
Workato does not have access to your private key file, cert.key
, in the OPA conf
folder. Ensure you protect this file from unauthorized access.
Last updated: 5/2/2025, 2:34:45 PM