The idea is:
Add Microsoft 365 and/or Google Workspace authentication to the built-in n8n Form node/trigger, with an option to require a user to be signed in via Microsoft or Google authentication to fill out the form and an ability to validate the user name/email within the workflow after form submission, in order to provide assurance that the form was filled out by an authorized user as defined in the rest of the workflow.
My use case:
When handling requests from clients, ensuring that the user is authorized by their existing Microsoft 365 (or Google, but less important for us) account so we are sure who is submitting the form and can take action such as approving requests or taking action based on user identity that’s been validated instead of someone knowing the form URL only would be a very helpful level of additional validation
I think it would be beneficial to add this because:
Adding user account validation to forms would create an exceptionally robust self-contained workflow system without requiring a form to be created and hosted/validated elsewhere and submitted into n8n externally. From allowing authenticated ticket support submission to validating users are authorized to submit requests for new user accounts or to approve purchases, this would be incredibly useful and I can see it being helpful to a widespread user base who would benefit from the extra authentication.
Any resources to support this?
Microsoft and Google both support SAML 2.0, OIDC, and OAuth 2.0 authentication flows that would make supporting this possible, in addition to supporting external user authentication workflows explicitly where they support third party logins as a service (with included monthly user count for free and a paid option if the free limit is exceeded). There are multiple considerations I’m sure that would go into what would be supportable from within n8n, but authentication across multiple tenants would be preferred, ideally without a specific Entra ID application installed in each tenant but that could also work if necessary.
Are you willing to work on this?
Unfortunately the implementation details of this are out of my capability and capacity in this case.