OAuth2 authentication to access n8n Docker by Webhook

nrm · December 6, 2021, 7:17am

Hello. I’m not used to asking questions in the community so I may not be able to communicate well.

We’re running n8n on Docker and can access it from the outside by using Webhook node.

We need to ensure security in order to be accessible from the outside. To that end, we think of building an OAuth2 Server node-oauth2-server with n8n on Docker but we can’t find how to use it with Docker so we couldn’t.

Is there a way to implement OAuth2 authentication with n8n?

And (I don’t know if this can be asked in the n8n community) if anyone knows how to use node-oauth2-server or any other OAuth2 authentication server with n8n in Docker, please let me know.

Thank you.

ericfischereu · March 31, 2023, 4:51am

I think there’s some misunderstanding of OAuth2. If you need to secure your webhooks, N8N is your resource server and just needs to verify the token the clients sends in the Authorization: Bearer XXX header. So you would need a separate server for providing the authorization server functionality.

If you need to install NPM packages to N8N, you can create your own image like

FROM n8nio/n8n

RUN npm install keycloak-connect
ENV NODE_FUNCTION_ALLOW_EXTERNAL=keycloak-connect

However, I’ve filed a feature request for that since there are multiple problems with OAuth2 authentication right now: Secure Webhooks with OAuth2