we would like to run n8n and have a public endpoint for webhooks, but I might be missing something: the configuration variables seems a bit confusing.
I have a private host (say 192-168-10-10.nip.io) with n8n in it, http only, and a public host (say n8n.example.com) that should forward only the webhook traffic and keep all the other endpoint safe and closed.
To do this, I used the following envvars:
# internal address N8N_HOST=192-168-10-10.nip.io # reverse proxy WEBHOOK_URL=https://n8n.example.com/
But running n8n with this configuration will result in OAuth Redirect URL (e.g. when configuring GitHub OAuth credentials) to be
Though, this means that /rest/ endpoints should be exposed as well via the proxy, but here Jan mentions that “only the webhook-endpoints and /healthz should work without authentication”.
I am unsure on how to proceed here: it seems that either oauth2 endpoints shouldn’t depend on
WEBHOOK_URL, but I might be missing something in the configuration. I tried using the
VUE_APP_URL_BASE_API but had no effect on the OAuth Redirect URL.
What’s the path here? Should I allow
/rest/oauth2-credentials/callback to be public as well? What are the other endpoints that should be public? Isn’t
/rest/* supposed to be private?