OAuth not working

fabiansc · January 20, 2025, 7:47pm

I create a fresh N8N Deployment on Kubernetes. Traffic enters via K8 Loadbalancer (MetalLB) with SSL offloading at n8n.example.com (Port 443), forwards via ISTIO Ingress-Gateway at Port 80 to N8N-Service and from there via Port 5678 to N8N Pod:

What is the error message (if any)?

There is no error in the log, but google oAuth for connecting Google Drive returns “Error 400: redirect_uri_mismatch” and blocks access.

OAuth Redirect URL is:
https://n8n.example.com/rest/oauth2-credential/callback

it also returns a page, when opened manually:
grafik

Kubernetes Deployment

    apiVersion: v1
    kind: Service
    metadata:
      name: n8n
      namespace: n8n
      labels:
        app: n8n
    spec:
      type: ClusterIP
      ports:
       - name: http
         port: 80
         targetPort: 5678
      selector:
        app.kubernetes.io/name: n8n
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: n8n
      namespace: n8n
    spec:
      revisionHistoryLimit: 2
      selector:
        matchLabels:
          app.kubernetes.io/name: n8n
      replicas: 1
      template:
        metadata:
          labels:
            app.kubernetes.io/name: n8n
        spec:
          containers:
          - name: n8n
            image: docker.n8n.io/n8nio/n8n:latest
            imagePullPolicy: "Always"
            env:
            - name: N8N_LOG_LEVEL
              value: "debug"
            - name: N8N_EDITOR_BASE_URL
              value: "https://n8n.example.com/"
            - name: VUE_APP_URL_BASE_API
              value: "https://n8n.example.com/"
            - name: WEBHOOK_TUNNEL_URL
              value: "https://n8n.example.com/"
            - name: N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS
              value: "true"
            - name: N8N_HIRING_BANNER_ENABLED
              value: "false"
            - name: N8N_PROTOCOL
              value: "https"
            - name: N8N_HOST
              value: "n8n.example.com"
            - name: N8N_PORT
              value: "5678"
            - name: DB_TYPE
              value: "postgresdb"
            - name: DB_POSTGRESDB_DATABASE
              value: "n8n"
            - name: DB_POSTGRESDB_HOST
              value: "postgres.postgresql.svc.cluster.local"
            - name: DB_POSTGRESDB_PORT
              value: "5432"
            - name: DB_POSTGRESDB_USER
              value: "*******"
            - name: DB_POSTGRESDB_PASSWORD
              value: "*******"
            ports:
            - name: http
              containerPort: 5678
            resources:
                limits:
                  cpu: 500m
                  memory: 256Mi
                requests:
                  cpu: 100m
                  memory: 128Mi
            volumeMounts:
                - mountPath: "/home/node/.n8n"
                  name: n8n-pvc
          volumes:
            - name: n8n-pvc

Share the output returned by the last node

no errors in log

n8n · January 20, 2025, 7:47pm

It looks like your topic is missing some important information. Could you provide the following if applicable.

n8n version:
Database (default: SQLite):
n8n EXECUTIONS_PROCESS setting (default: own, main):
Running n8n via (Docker, npm, n8n cloud, desktop app):
Operating system:

Tina_Anit · January 20, 2025, 7:54pm

Hello, which version do you have ? I think last version n8n 1.74.3 has bugs with oauth2 , today I catch bug in google oauth2

Try deleting credential, and create it again.

fabiansc · January 20, 2025, 8:10pm

Dear @Tina_Anit,

following image is currently being used:

https://hub.docker.com/layers/n8nio/n8n/latest/images/sha256-1e5d0498759ccbc789f683db9a73e7378e3eb136ddfc8bdbc1729e42cb445364

It seems to be 1.74.3

It was never upgraded, but installed freshly from scratch. No previous credentials, database or persistence. Its a first-time installation.

Is there any workaround, e.g. going to :next instead of :latest?

Jon · January 22, 2025, 3:55am

In your error you mentioned the redirect uri mismatch that is Google saying the value in the app doesn’t match the value it is being sent although oddly it has redirected which is a bit odd.

One thing I noticed when looking at your configuration is you are using options that are not needed, did you follow a guide to set up n8n?

If you are only using one url can you replace editor base url, webhook tunnel url and vue app base url with just WEBHOOK_URL also make sure that your ingress service is not removing any headers or url parameters as that will cause issues.

It may also be worth thinking about if you actually need everything you have set up, for most users k8s is over the top and it can lead to issues if you are not familiar with it (it is also possible that you may be very familiar with it in which case ignore this)

system · April 22, 2025, 3:56am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.