The idea is:
Add a new callerPolicy option — workflowsFromProjectsList, which would allow
sub-workflow calls from a list of specific projects, not just from a list of
specific workflow IDs or a single project.
This would allow specifying a list of project IDs in settings:
{
“settings”: {
“callerPolicy”: “workflowsFromProjectsList”,
“callerProjectIds”: [“project-id-1”, “project-id-2”, “project-id-3”]
}
}
My use case:
I have centralized utility workflows (error handling, notifications, database operations)
that should be callable from multiple projects, but not from all projects.
Currently, I have to:
- Use workflowsFromAList and manually maintain a huge list of workflow IDs from different
projects — inconvenient and doesn’t scale - Or use “any” — which is insecure
- Or duplicate utility workflows in each project — violates DRY principle
Every time I add new workflows to trusted projects, I need to manually update the
callerIds list in centralized workflows.
I think it would be beneficial to add this because:
Simplifies management of shared workflows across projects
Improves security through granular access control at the project level
Enhances scalability in organizations with many workflows
Automatically grants access to new workflows in trusted projects without manual list updates
Enables following best practices (DRY, centralization of common logic)
Any resources to support this?
Current Caller Policy documentation: Settings | n8n Docs
Currently available options:
- any
- none
- workflowsFromAList
- workflowsFromSameOwner
Missing option for a list of projects (workflowsFromProjectsList).
Are you willing to work on this?
Happy to test the functionality and provide feedback.
Can also help with use case documentation.