Credentials could not be decrypted since 1.75.0 to 1.75.2

Questions
1

Describe the problem/error/question

I´m running n8n on AWS EC2 Instance, since 1.75.0 to the latest 1.75.2 I get this weird behaviour.

For the Admin user: Credentials could not be decrypted.

BUT for all other users it works fine. Additionally the “encryptionKey” has never been changed and this started with 1.75.0.

log:

Error: Credentials could not be decrypted. The likely reason is that a different “encryptionKey” was used to encrypt the data.
1|n8n | at Credentials.getData (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/node_modules/n8n-core/src/Credentials.ts:32:10)
1|n8n | at CredentialsService.decrypt (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:333:31)
1|n8n | at /home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:116:59
1|n8n | at Array.map ()
1|n8n | at CredentialsService.getMany (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:113:31)
1|n8n | at processTicksAndRejections (node:internal/process/task_queues:95:5)
1|n8n | at CredentialsController.getMany (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.controller.ts:59:23)
1|n8n | at handler (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/decorators/controller.registry.ts:105:12)
1|n8n | at /home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/response-helper.ts:158:17

What is the error message (if any)?

Please share your workflow

(Select the nodes on your canvas and use the keyboard shortcuts CMD+C/CTRL+C and CMD+V/CTRL+V to copy and paste the workflow.)

Share the output returned by the last node

Information on your n8n setup

  • n8n version: 1.75.0 - 1.75.2
  • **Database (default: SQLite):Postgres
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • **Running n8n via (Docker, npm, n8n cloud, desktop app):NPM (with pm2)
  • **Operating system:AWS Linux AMI 2023
2

It looks like your topic is missing some important information. Could you provide the following if applicable.

  • n8n version:
  • Database (default: SQLite):
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • Running n8n via (Docker, npm, n8n cloud, desktop app):
  • Operating system:
3

I am facing same issue

1 Like
4

Hi @Kool_Baudrillard ! Thank you for bringing this up.

  • From which version did you upgrade to 1.75.0?
  • Did this start immediately after upgrading or did you create/edit/view any of the affected credentials?
5

Also to help narrow this down, which Node’s credential was it? And was it an Oauth credential?

6

Hi, upgraded from 1.74.2 and 1.74.3.

No change to anything, encryption key never changed and it´s only affecting the admin user. All other users (3) work fine and are able to edit etc.

7

it´s ALL credentials under the new credentials tab. Admin user only and logs state the above posted error.

8

@tomi updated my test env to 1.76.0 and the error still persists:

log:

Error: Credentials could not be decrypted. The likely reason is that a different “encryptionKey” was used to encrypt the data.
1|n8n | at Credentials.getData (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/node_modules/n8n-core/src/Credentials.ts:32:10)
1|n8n | at CredentialsService.decrypt (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:333:31)
1|n8n | at /home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:116:59
1|n8n | at Array.map ()
1|n8n | at CredentialsService.getMany (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.service.ts:113:31)
1|n8n | at processTicksAndRejections (node:internal/process/task_queues:95:5)
1|n8n | at CredentialsController.getMany (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/credentials/credentials.controller.ts:59:23)
1|n8n | at handler (/home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/decorators/controller.registry.ts:105:12)
1|n8n | at /home/ec2-user/.nvm/versions/node/v20.14.0/lib/node_modules/n8n/src/response-helper.ts:158:17

For Admin credentials tab they do not load, throwing the above error. For all other users credentials are decrypted and available

9

This is how it looks like:

Admin account not loading credentials:

Bildschirmfoto 2025-01-23 um 12.27.04
Bildschirmfoto 2025-01-23 um 12.27.041624×1062 101 KB

Running workflow from Admin account:

Bildschirmfoto 2025-01-23 um 12.27.16
Bildschirmfoto 2025-01-23 um 12.27.161624×1062 136 KB

User Account loading and decrypting Credentials:

Bildschirmfoto 2025-01-23 um 12.26.24
Bildschirmfoto 2025-01-23 um 12.26.241624×1062 124 KB

it´s even possible to create credentials:

Bildschirmfoto 2025-01-23 um 12.30.29
Bildschirmfoto 2025-01-23 um 12.30.291624×1062 99.6 KB

10

Hey @Kool_Baudrillard

Could you check the credentials_entity table in your database and locate the credentials that stopped working? E.g. by using this query

SELECT p."name" AS "projectName", c."name" AS "credentialName", c."type", c."createdAt", c."updatedAt", "isManaged"
FROM credentials_entity AS c
JOIN shared_credentials AS sc ON c.id = sc."credentialsId"
JOIN project AS p ON p.id = sc."projectId"
ORDER BY c."updatedAt" DESC
;

Do the admin credentials have the same updatedAt timestamp? Or completely different?

I’m afraid it might not be possible to recover those secrets, so you might have to recover them from a backup or recreate them :frowning_face:

11

Hey there, I’m having the same exact credentials issue on my end.

12

@Gentleman9914 Sorry to hear that. Is it ALL admin credentials on your case as well, or other users as well? Could you share the names and types of the credentials that are not working?

Also could you try exporting the credentials with export:credentials cli command and seeing what the data looks like? And if at all possible, share it with me in a private message (redact any sensitive data like password or refresh tokens)?

13

Hi,

i had a look this morning at the db. There were in total 8 credentials, where the ID seemed not to be encrypted.

After deleting those credentials update worked fine. What´s weird until 1.74.3 it worked fine and reverting to 1.74.3 worked fine aswell.

Did anything change on your side?

I´m not concered about the credentials, which can be set up again, I´m more concerned that this will cause user to be unable to update.

14

This is only on admin credentials, I’ll fetch what I can and send it to you.

EDIT : Funny thing, there is not even one admin credential on my end, but I still can’t access credentials from the admin account. I should be able to see all user’s credential ?

The error I get is :

2025-01-27T12:50:16.279Z | error | Credentials could not be decrypted. The likely reason is that a different "encryptionKey" was used to encrypt the data.                              ││ Error: Credentials could not be decrypted. The likely reason is that a different "encryptionKey" was used to encrypt the data.                                                          │
│     at Credentials.getData (/usr/local/lib/node_modules/n8n/node_modules/n8n-core/dist/credentials.js:24:19)                                                                            │
│     at CredentialsService.decrypt (/usr/local/lib/node_modules/n8n/dist/credentials/credentials.service.js:228:37)                                                                      │
│     at /usr/local/lib/node_modules/n8n/dist/credentials/credentials.service.js:109:77                                                                                                   │
│     at Array.map (<anonymous>)                                                                                                                                                          │
│     at CredentialsService.getMany (/usr/local/lib/node_modules/n8n/dist/credentials/credentials.service.js:106:43)                                                                      │
│     at processTicksAndRejections (node:internal/process/task_queues:95:5)                                                                                                               │
│     at CredentialsController.getMany (/usr/local/lib/node_modules/n8n/dist/credentials/credentials.controller.js:86:29)                                                                 │
│     at handler (/usr/local/lib/node_modules/n8n/dist/decorators/controller.registry.js:93:24)                                                                                           │
│     at /usr/local/lib/node_modules/n8n/dist/response-helper.js:110:26
1 Like
15

@Gentleman9914 yeah the UI doesn’t seem to handle that case correctly. Would you be able to access the database directly? Or use the export:credentials command from cli?

1 Like
16

@Kool_Baudrillard the ID field is a random, unique identifier for the credential, and it’s not encrypted. What I’m interested in what type of credentials (type column) were those that didn’t work anymore and if they had been updated recently (updatedAt column).

17

Done, in DMs

1 Like
18

ok,

this is how it looks like:

createdAt updatedAt id
2022-11-04 11:17:02.075+00 2022-11-06 18:23:40.197+00 1
2022-11-08 09:01:49.702+00 2022-11-08 09:02:07.011+00 2
2023-02-17 11:54:39.229+00 2023-02-17 11:54:39.222+00 6
2023-02-25 13:34:49.035+00 2024-07-16 07:23:50.81+00 7
2023-02-26 21:50:27.199+00 2024-07-15 07:47:20.576+00 8
2023-02-26 22:33:40.657+00 2023-02-26 22:33:40.655+00 9
2023-02-27 16:23:44.395+00 2024-07-15 07:47:59.217+00 10
2023-03-07 13:08:30.301+00 2023-03-07 13:08:30.298+00 11
2023-04-25 20:03:20.193+00 2024-10-08 20:09:30.347+00 13
2023-06-12 09:11:48.56+00 2024-07-17 08:58:23.396+00 14
2023-06-22 14:21:21.626+00 2023-08-14 15:28:57.822+00 16
2023-06-22 14:28:01.21+00 2023-08-20 20:17:41.52+00 17
2023-06-29 15:30:29.135+00 2023-06-29 15:30:49.894+00 18
2024-10-24 11:38:47.272+00 2024-10-24 11:38:47.27+00 056hezmGOISM3qzc
2024-09-18 13:12:59.094+00 2024-09-18 13:12:59.092+00 0eZSwcggmfASJWcH
2023-08-27 18:08:23.841+00 2023-08-27 18:08:55.412+00 0k4217DzB8aRWLH0
2024-07-01 07:05:23.87+00 2024-07-01 07:05:12.576+00 0kDPxDtPpN5aSPpV
2023-08-02 08:40:41.559+00 2023-08-02 08:47:03.218+00 1ZyqqlYTXJV8Uw1Z
2024-09-04 12:38:35.127+00 2024-09-04 12:38:35.123+00 2eMDThPeouIBCs5c
2024-07-01 07:00:26.134+00 2024-07-01 07:00:13.678+00 3anHKe4bKHycX2oV
2024-11-25 16:30:09.811+00 2024-11-25 16:31:23.403+00 3pF2IrB96laqChy4
2023-09-01 11:23:20.876+00 2023-09-01 11:28:28.417+00 42wFuLzOIKX6T1lK
2024-06-24 08:13:33.53+00 2024-06-24 08:13:04.571+00 4f0NGf2AjrjL3mwQ
2024-11-27 09:32:54.164+00 2025-01-27 08:25:44.033+00 5LTfQfEezlTzQfKf
2023-08-05 21:44:05.494+00 2023-08-05 21:44:05.49+00 5qyS3mgorwuvvWCd
2023-10-18 07:58:54.259+00 2023-10-18 13:47:09.892+00 64YqZb11oHf0xVWk
2023-10-09 09:44:14.603+00 2023-10-09 09:44:14.6+00 6ve6xfzWCr0o33Ei
2023-08-01 19:56:11.555+00 2023-12-13 13:00:00.153+00 976Kk1DQhPszN982
2025-01-27 10:27:25.61+00 2025-01-27 10:27:25.53+00 a3EyJUhhKKcuoi76
2023-10-16 14:29:46.954+00 2023-12-21 10:18:22.858+00 Aarn0wXJqGFlTRGE
2023-09-15 13:13:11.399+00 2023-09-15 13:13:11.397+00 Arrfzf9gRKrKD4by
2024-06-24 08:18:49.816+00 2024-06-24 08:18:09.562+00 Aub2R7f2lKkyQmot
2024-11-04 10:37:50.436+00 2024-11-04 10:37:50.435+00 b2AmlLJJfmZJbkSd

After deleting id 1 -18 I was able to load and access the credentials.

20

@Kool_Baudrillard and if you do

n8n export:credentials --id=1  --decrypted --output=file.json

how does the output look like in the json file? Does look to be OK or is there something weird?

21

Sorry, already deleted those aswell on prod and dev, I have back up and will restore it this evening.

1 Like