We’re building an n8n workflow (using n8n cloud) that creates draft invoices in a client’s Xero organisation. Unfortunately, Xero doesn’t have narrowly scoped OAuth permissions, so to create draft invoices, we need to grant n8n access to view and manage all of their Xero transactions.
The client is understandably weary about this, as it means if the n8n workflow gets compromised, an attacker could access, edit, and delete highly sensitive, business critical information.
Our current plan is to minimise access to the n8n account to as few people as possible, use good password hygiene, and activate 2FA. I’m wondering if there are any additional things we should do to protect the Xero credentials (e.g. limiting them to a single workflow) and the n8n workflow (e.g. locking it to prevent edits).
I’m looking to build confidence that if our n8n account gets compromised, we can quickly identify it and ask the client to revoke the OAuth access to their Xero account.
Has anyone encountered these concerns before?