Embedded Integrations / Multi-tenancy

First of all, what a great project🙌🏻

I have spend the last month testing out pretty much all the iPaaS-vendors out there from Cloud Elements, Tray.io, Kloudless, Blendr.io, Cyclr etc. … - And randomly today you ended up in my inbox😊

Im curious about if multitenancy is part of the roadmap, so it would be possible as a SaaS service to support individual customer with their own instance of automations/workflows?

By that I mean, also let the individual customers/clients authenticate with the individual nodes and so forth.

Thanks a lot and happy to hear that n8n somehow made it to your inbox ;- ) Sorry for the late answer. I started to answer yesterday already and I think I got sidetracked and then forgot.

Yes, it is part of it. Especially for the reason that a hosted-n8n is supposed to be one of the sources of income to finance the further development of n8n. Sadly do not know when I will get to it.

However just to not waste your time in case you did not check the license of n8n. It prohibits people to offer a hosted version of n8n unless the right got specifically granted. You can find more details here:

If you want to however use it as an internal tool for your company that would be totally fine.

Hi @jan,
Just wanted to check if there was any progress with embedded, multi-tenant n8n? Or is there some estimation when it will be developed?
Just as @sbilde described, I also look to provide some kind of in-app app-integrations.
All the other solutions are super expensive and probably way too much for what I need.

Cheers,
Dan

Welcome to the community @danbars!

No, we are sadly not there yet. We hope to develop it in Q2.

I’m here for similar reasons! I think n8n will suit perfectly in my use case so I’m glad I stumbled upon this community

Team, Any update on this requirement. Does n8n embed address this for Sass companies. We have a urgent need for this.

Hey @RKk!

Welcome to the community

The team is actively working on this feature. I am assigning this to @maxT. He might be able to give you more information.

@RKk

Happy to provide some context here. The team is currently developing a user management feature - this would allow multiple users to co-exist on a single instance together. This feature will be rolled out in phases:

Phase 1 - basic user management; we plan to have a flag that disables sharing between users and so essentially users would only see their own workflows and credentials. This should enable various embed cases where team functionality is not required (i.e. multiple user co-existing on one “account”).

Phase 2 - we expect to roll out workspaces functionality. It’s designed with embed users in mind, so this would allow for 1 SaaS account to have multiple users on an instance (i.e. a LOB or team could be supported). We will have a few configurable permissions that essentially allow for a SaaS model to be implemented. Since n8n can be setup with a redis database and n number of workers, this along with workspaces should enable many SaaS embed usecases.

Generally, the auth system for user management is being built with embed users in mind (programatic provisioning of user accounts etc.).

Beyond user management, we do have more sophisticated multi-tenancy on our roadmap (i.e. for very large scale deployments) but we don’t expect to break ground on this during this quarter. So unless you’re dealing with very stringent data isolation requirements (i.e. HIPAA customers), or very large scale - user management phase 1 or 2 should unblock you realising your usecase.

Hope that helps - It would be great to know your requirements for auth/ multi-tenancy, and details like # of users you’d like to support. Feel free to DM me with any project specifics!

Thanks!

Any approximate timescales on phase 1?

I understand that is stalled for now?

Hey @alexander-potemkin,

It’s not stalled. The team is actively working on it!
Max briefly talked about it in our last community meetup.

hey @harshil1712 , that’s cool, thanks! Any rough estimate?

I am afraid I don’t have any. @maxT or @sirdavidoff are the best people to answer this.

We’re aiming to get user management v1 out this quarter. We just want to make sure it’s battle-tested first.

Makes sense, thanks!

Am I right in understanding, that this will let have 1 instance of n8n serving multiple users, as opposed to 1 user now?

If so, what’s the authentication you have in mind for that to work?

Yes, the first version of user management will allow you to sandbox different users on the same instance.

Regarding auth, it will be simple email/password for now. We’ll be looking into adding things like 2FA and SSO in later versions.

Hope that helps!

It does help, thank you!
And one more question - do you plan to preserve JWT auth (cause we rely on it now)?

I use n8n in Docker.
Is it possible to use it with combination of nginx as a reverse proxy with a third-party authentication provider?

For a new registered user a new docker container is spawned, each existing user is logged in into his/her own container. New containers are generated from the latest image that is stored on the server, for example. Each container can have a restart option enabled to minimize downtime if something goes wrong.

There are several other question regarding administration of each docker, how to conveniently update each container etc. I don’t have experience to estimate if it’s hard to do or not.

@alexander-potemkin user management will be an additional mode, so no existing functionality will be removed.

@Ed_P spawning new containers for each user is exactly how we run n8n.cloud right now. But it is definitely significantly more complex than it will be once user management is released.

Another vote for this functionality. It’s a minimum requirement for our use-case.
If we are embedding n8n directly inside our application, can we programmatically log the user in via stored credentials so that they don’t have to log in to our application, and then again into n8n?