Hi everyone,
I’ve successfully configured SSO for my n8n enterprise instance using our Keycloak realm. The authentication itself is working correctly.
However, my current setup allows any authenticated user from my Keycloak realm to log in to n8n. I would like to restrict this.
My goal is to allow access only to users who are members of a specific group in Keycloak (e.g., a group named n8n_users). Any user who is not a member of this group should be denied access to n8n.
I have been looking through the n8n documentation and my Keycloak client configuration but haven’t found a clear way to enforce this group membership rule.
Could someone please point me in the right direction?
Hi, did you find a solution? I have the same question.
Hello, I disabled sso login. I didn’t find solution.
+1, also interested if n8n can check SSO token attributes and allow/disallow access based on user group availability in token