Need help integrating Robokassa API with JWT in n8n (crypto/Buffer not available, 415 errors)

Help me Build my Workflow
1

Hi everyone,

I’m trying to integrate the Robokassa payment gateway API into an n8n workflow to generate payment links. The API requires a JWT token sent as a raw string in a POST request, but I’m hitting several roadblocks due to n8n’s Code Node sandbox limitations.

:clipboard: Robokassa API Requirements (as per their support)

According to their documentation and a support screenshot I received:

  1. Header and Payload must be JSON objects encoded in base64url.

  2. Signature is generated using HMAC-SHA256 over the string "{encodedHeader}.{encodedPayload}".

  3. The secret key for HMAC is a composite string: "{MerchantLogin}:{Password1}".

  4. Crucial detail: The resulting HMAC signature (binary hash) must be converted to base64 from the hash itself, not by encoding the hex string as text.

  5. The final JWT is assembled as "{encodedHeader}.{encodedPayload}.{signatureBase64Url}".

  6. The JWT must be sent in a POST request with Content-Type: text/plain and the raw JWT string as the body (no JSON wrapper).

:cross_mark: Problems encountered in n8n

  • Code Node limitations: Buffer, crypto, and btoa are all disallowed in the sandboxed environment. I cannot use them.

  • Crypto Node limitations: The built-in Crypto node requires a Credential to be saved for HMAC operations. However, saving a Credential is restricted on my plan (I believe it requires an Enterprise plan or a different setup), and I cannot pass dynamic secrets into the Credential form anyway.

  • Workaround attempt: I implemented a pure JavaScript HMAC-SHA256 and base64url encoder inside a Code Node. This worked to produce a JWT, but when I send it via an HTTP Request node (with Content-Type: text/plain and body = {{ $json.jwt }}), Robokassa returns a 415 Unsupported Media Type error.

I suspect the signature conversion step may still be incorrect (perhaps I’m mishandling the binary-to-base64 conversion), or there might be another subtle requirement I’m missing.

:red_question_mark: My questions for the community

  1. Is there a recommended way to perform HMAC-SHA256 with binary-to-base64url conversion in n8n without using built-in modules, that is known to work with services like Robokassa?

  2. Are there any community nodes that could simplify this (e.g., a JWT node that handles raw signing with custom secrets)?

  3. Has anyone successfully integrated Robokassa’s new JWT-based API in n8n and could share a working workflow snippet?

  4. Any idea why I’m still getting a 415 even with text/plain? Could it be related to the way I’m constructing the signature?

:paperclip: Additional context

  • n8n version: 2.13.2 (self-hosted)

  • I’m using the Code Node to generate the JWT because the Crypto node is blocked by credential requirements.

  • The workflow structure is: Set (input data)Code (encode header/payload)Code (HMAC + assemble JWT)HTTP Request (POST).

Any guidance, code snippets, or pointers to relevant community nodes would be greatly appreciated. Thank you in advance!

Attachments (optional): you can mention you’ll attach the support screenshot if needed.