Enhanced security for databases

Table of Contents

Our customers are using Workato more than ever to perform critical business tasks on their databases. Everyday, recipes power bots and API endpoints across Workato to pull essential data from databases to empower various teams.

What concerns are there?

Database attacks are top of mind of any database administrator and manager who look for solutions that minimize risk. One of the most common database attacks is SQL injection, where third parties may attempt to retrieve more data than allowed. Read more about SQL injection here

Note – Our actions before prevented critical vectors of SQL injection i.e. dropping tables. 

Additional layers of security to database connections such as SSL certificates provide added security so only specific authorized users can access your database.

Preventing SQL injection with parameterized queries

You can now build recipes that guard against any SQL injection attack through the introduction of bind variables. Bind variables allow you to create a variable in your WHERE conditions and define a matching parameter in the action. These parameters accept inputs from any source and will automatically raise errors for jobs where malicious inputs are found. Read more about parameterized queries here.


SSL connections for MySQL Databases

Connections to MySQL databases can now be coupled with SSL certificates to comply with organizational security requirements.


How you can use it

  1. Secure your API endpoints against SQL injection

John manages the IT team for a large MNC. Using Workato, they’ve built multiple API endpoints which allow multiple partner organizations to push or pull invoice data from their production SQL server database. With the introduction of parameterized queries, John onboard partners faster than ever before without fear of any SQL injection attacks that might compromise his company’s data.

Pulling invoice data via API

2. Power chatbots securely

Marlene’s team manages the database storage of her company’s customers. They use Workbot to enable sales and support teams to quickly pull up information about customers. With the introduction of parameterized queries, Marlene can prevent any potential abuse by even internal teams to pull more data than they should. This gives Marlene peace of mind that her company’s data is secure whilst still providing immense value to her teammates.

Pulling contact information via Workbot

Available for


  1. MySQL (SSL connections)
  2. SQL Server
  3. Snowflake
  4. Postgresql
  5. Oracle


  1. Select rows
  2. Select rows using custom SQL (coming soon)


Was this post useful?

Get the best of Workato straight to your inbox.

Table of Contents