Database Activities
Run SQL queries against SQL Server, SQLite, MySQL, and PostgreSQL directly from your workflows. All database activities share a connection string and support parameterised queries to prevent SQL injection.
Connection String Formats
Paste one of these into the Connection String field of any database activity:
| Database | Connection String |
|---|---|
| SQL Server | Server=myserver;Database=mydb;User Id=myuser;Password=mypass; |
| SQLite | Data Source=C:\path\to\mydb.sqlite; |
| MySQL | Server=myserver;Database=mydb;Uid=myuser;Pwd=mypass; |
| PostgreSQL | Host=myserver;Database=mydb;Username=myuser;Password=mypass; |
{{secret:db_password}} to pull from the Orchestrator Secrets Vault at runtime.ExecuteQuery (SELECT)
Runs a SELECT statement and returns a DataTable variable containing the result set.
| Parameter | Type | Required | Description |
|---|---|---|---|
| Connection String | String | Yes | Database connection string (see above) |
| SQL | String | Yes | The SELECT query to execute |
| Parameters | Key–Value pairs | No | Named parameters for safe query binding |
| Timeout | Int32 | No | Command timeout in seconds (default: 30) |
| Connection Name | String | No | Reuse an open connection — all activities with the same name share a connection |
| Output | DataTable variable | Yes | Result set |
| 1 | ExecuteQuery: |
| 2 | ConnectionString: "Server=localhost;Database=orders_db;User Id=app;Password={{secret:db_password}};" |
| 3 | SQL: "SELECT order_id, customer, total FROM orders WHERE status = @status AND created > @since" |
| 4 | Parameters: |
| 5 | @status: "shipped" |
| 6 | @since: "2026-01-01" |
| 7 | Output: ordersTable |
| 8 | |
| 9 | ForEachRow: ordersTable |
| 10 | Log: "Order #{{CurrentRow.order_id}} — {{CurrentRow.customer}} — ${{CurrentRow.total}}" |
ExecuteNonQuery (INSERT / UPDATE / DELETE)
Runs a statement that modifies data and returns the number of affected rows as an Int32.
| Parameter | Type | Required | Description |
|---|---|---|---|
| Connection String | String | Yes | Database connection string |
| SQL | String | Yes | The INSERT, UPDATE, or DELETE statement |
| Parameters | Key–Value pairs | No | Named parameters |
| Output | Int32 variable | Yes | Number of rows affected |
| 1 | ExecuteNonQuery: |
| 2 | ConnectionString: "Server=localhost;Database=orders_db;User Id=app;Password={{secret:db_password}};" |
| 3 | SQL: "UPDATE orders SET status = @newStatus WHERE order_id = @orderId" |
| 4 | Parameters: |
| 5 | @newStatus: "completed" |
| 6 | @orderId: "{{currentOrderId}}" |
| 7 | Output: rowsAffected |
| 8 | |
| 9 | If: rowsAffected == 0 |
| 10 | Log: "Warning — order {{currentOrderId}} not found" |
@parameterName in your SQL and add corresponding key-value pairs in the Parameters section. This prevents SQL injection attacks.Reusing Connections
If your workflow runs multiple database activities against the same server, set the Connection Name property to the same string (e.g., main_db) on each activity. The engine reuses the open connection instead of opening a new one each time, which is faster and avoids connection-pool exhaustion.
Working with DataTable Output
Once you have a DataTable from ExecuteQuery, you can:
| Action | How |
|---|---|
| Iterate rows | Use a ForEachRow activity — access columns via CurrentRow.column_name |
| Export to Excel | Pass the DataTable to a WriteRange activity |
| Filter rows | Use a FilterDataTable activity with column conditions |
| Get row count | Access myTable.RowCount as an Int32 variable |