Just started out with n8n, as it seems like a good fit. We already have some potential clients that want us to deploy the first email automation.
For me, this will be the first time using n8n for a client. I am currently on the starter plan.
It’s easy to manage my own personal credentials for like email and AI, now I want to onboard my first client.
What is the best practice regarding getting and keeping client credentials up to date?
Is there an easy way to have a client authorise their credentials without giving access to my n8n account or flow?
Or do I have to login on n8n on their laptop to authorise?
My clients are not tech-savvy and don’t want to deal with n8n themselves, they just want to enjoy the results of automation.
And when I have multiple clients, how can I make sure the credentials stay separated (on the same n8n account)? So I don’t accidentally swap these between clients.
Hi @maximized, welcome to the n8n community
The key thing here is separation. In the long run, the cleanest approach is to run one instance per client, because that gives you proper isolation and eliminates any risk of credential crossover. The Starter plan is fine for testing, but once you start working with multiple paying clients, isolation becomes critical very quickly. Since everything on Starter lives in the same account, you don’t get true separation, so if you choose to stay on that plan, the safest approach is to create completely separate credentials for each client and use a strict naming convention to make sure you never mix them up.
Hi @maximized Welcome to the community!
If someone is paying for a system you are building they want it to be extremely reliable, first consider self hosted n8n ALWAYS for client use cases, Also for the credentials just ask the client to setup the n8n instance but if they want you to setup the instance just have a quick meet on with them let them have access to your n8n instance and fill the credentials, what i recommend is that when you want the client to not see your work but to see outcomes, consider building web pages and forms as these 2 are very easy to setup and will act as a professional dashboard for your client to interact with your flow not to have access to the flow, you do not need their authorization just let them have your freshly installed n8n instance in the start and fill credentials like GMAIL,
So as you have said they are not from tech background and want you to deal with it, first CHARGE MORE! Cause you are not handling everything and giving them the results!
I did this mistake of having like 3 client works into a single personal instance, consider creating a fresh n8n self hosted instance using hostinger depending on the client use case like if the use case is heavy go with KVM 2 or above plans, and what i recommend is that with my personal experience that clients really do not care about what AI you are using what nodes you are putting in your flows they care about the outcome your workflow can be really messy but if you can understand it that is enough!
Honestly for client work you really want separate self-hosted instances per client, the Starter plan doesn’t give you real credential isolation and mixing client creds in one account is asking for trouble. For onboarding creds there’s no way around it, someone has to log into the n8n UI to do OAuth flows, so just hop on a quick call and walk them through it.
