I need to deploy my application to my client’s on-prem server. This is an air tight Windows system and my application relies on my n8n workflows to convert the unstructured data it gets into structured data.
I need a way of installing n8n on THEIR server, without giving them ability to see my workflows or executions ( My prompts and the flows themselves are my added value and I fear that they will be able to replicate and discard me if they figure out how I achieve what I do).
Is there a way to obfuscate my workflows and executions?
Unfortunately, n8n doesn’t have built-in workflow obfuscation features. Your workflows, including prompts and logic, will be visible to anyone with access to the n8n instance on their server.
Here are some alternative approaches to consider:
• **API-based solution**: Instead of deploying n8n on their server, keep your workflows on your own n8n instance and expose specific endpoints via API. Their system calls your APIs, and you maintain control over the logic.
• **Containerized black box**: Package your workflows in a Docker container with restricted access, but this still requires significant trust and technical implementation to truly hide the workflows.
• **Hybrid approach**: Deploy only the data processing parts on their server while keeping sensitive prompt engineering and core logic on your infrastructure, connected via secure APIs.
For true IP protection in on-premise deployments, an API-based architecture where you maintain control of the workflows is typically the most secure approach. Check out the [n8n documentation on securing instances]( Securing n8n | n8n Docs ) for additional security considerations.