# Additional Information
## SOAP services support
WorkflowGen only supports requests to the SOAP API using classic authentication methods. If you still need to use this API, you have to perform some additional steps to configure it properly.
1. Create a new separate WorkflowGen directory for the SOAP API users.
2. Provision it with users and groups as needed.
3. In the **IIS Manager**, enable the **Basic** authentication method for the `\ws\wfgen` application.
4. In the `web.config` file (located in `\Inetpub\wwwroot\wfgen`), add the following under `` :
```html
```
## Configurable options
This table lists all configurable options in WorkflowGen that you can use to customize your authentication experience; these are located in the WorkflowGen `web.config` file.
| **Option** | **Description** |
| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `ApplicationSecurityAuthSessionTokenCookie` | The name of the session cookie that is generated by the authentication module. Default: wfgen\_token
✏️ Note: This is useful when you have multiple instances of WorkflowGen running and you want to have access to both and be authenticated on both instances at the same time.
|
| `ApplicationSecurityAuthSessionTimeOut` | The duration of the session in seconds. It defaults to the ID token expiration time received. Default: the exp value of the ID token |
| `ApplicationSecurityAuthMobileSessionTimeOut` | The duration of the session in seconds when requested from mobile devices on the token endpoint. Default: 7200 seconds |