Since this doesn’t have much in the way of security. Is there any reason you couldn’t use Okta or AuthO for user log in credentials? Simply to secure it if you wanted to use it for yourself and colleagues that u trust. Wouldn’t satisfy the each user has his or her workspace but the idea is to secure it mostly. I would love to use this and make videos about it. I am the video editor at my company, but I also tinker with servers, back end web development etc. Any thoughts here would be appreciated. Seems simple enough via okta devs here https://youtu.be/uPFirakhBtQ
Hello @Kevin_Marchese welcome to the community!
Ah yes, n8n does not have much for security but it has currently something in place which can be used:
Proper user-management will be added which will then fix all current shortcomings. Do currently sadly not have the resources to create a temporary solution which will only slow down the development of the proper one. But I promise you the proper solution will come!
It would be amazing if you would create videos about n8n! I am sure a lot of people would be very thankful including myself
Thank you for the welcome. Yes, I think it’s a good topic for creating videos. It easy enough for a lot of users. Other open source programs like Node-Red can be more complex and I think this strikes a better balance for ease of use.
AuthO and Okta claims to be able to secure anything you put in front of it, websites, apps, whatever that has a front end, so maybe we can create instructions on how to do this instead, or at least for now, it’s also free to do, at least in the meantime anyway. I’ll see if I can execute this and report back results.
What do you think of the Okta video below and do you see any issues I may run into preventing me for using Okta to secure N8N? anything you can think of would be helpful. In this video he secures a basic website and I’m thinking it would work the same way with node apps using express, hopefully anyway https://youtu.be/uPFirakhBtQ
I look forward to working with this more. Very nice work, this kind of platform is getting popular so Kudos!
I just watched the tutorial. The issue I see is that you would have to change the code of n8n itself. And because it is nothing which I would add to the project itself (as described above) it means that everybody who wants to “use it”, would have to check out n8n from GitHub, make the changes, build it and so on.
What would be better as a temporary solution, is a reverse proxy in front of the n8n docker container which would take care of authentication. That would leave n8n totally untouched and the authentication would happen externally.
And really great to hear that you enjoy working with n8n. Thanks!