Describe the problem/error/question

We have a proof of concept workflow setup from a Startup Weekend event we did this past weekend and it’s using a Gmail oAuth2 credential that’s stored as an n8n credential (hardcoded to one account).
At some point the goal would be to open this up so anyone can do oAuth to their Gmail and use the workflow. Is that possible?

I’ve reviewed this this and this thread and that last message from @maxT seemed to indicate this was a newly minted capability but the link he shared is 404 for me and I’ve not yet found a way to reference secrets dynamically nor pull these from an external db at runtime.
By chance is this a paid feature that’s not in the publicly-avail n8n cloud version? Is it avail via the community edition?

What is the error message (if any)?

No error but currently constrained to working only with the dummy Gmail oAuth account for the demo.

Please share your workflow

This is for behalf.bot:

Share the output returned by the last node

n/a

Information on your n8n setup

• n8n version:
• Database (default: SQLite): n/a
• n8n EXECUTIONS_PROCESS setting (default: own, main): ?
• Running n8n via (Docker, npm, n8n cloud, desktop app): n8n cloud
• Operating system: whatever n8n cloud uses

pasting the debug output from n8n cloud instance:

It looks like your topic is missing some important information. Could you provide the following if applicable.

• n8n version:
• Database (default: SQLite):
• n8n EXECUTIONS_PROCESS setting (default: own, main):
• Running n8n via (Docker, npm, n8n cloud, desktop app):
• Operating system:

Hi @scrollinondubs

Yes, what you’re looking for is an enterprise feature - You can read more on it in our docs:

On Cloud you can use the RBAC feature though, which at least allows you managing user access to workflows and credentials based on user roles and projects. You group workflows into projects, and user access depends on the user’s project role.

Thx for your response @ria.

the RBAC I don’t think gets us anywhere given that we would have one set of workflows serving all users and want to dynamically pass in their Google oAuth tokens so the system works multi-tenant.

I’m reading the external secret docs but this seems more geared towards supporting multiple environments like dev/test/staging/prod. Can you confirm this is indeed intended for the usecase I’m proposing here which would again involve customers oAuthing our app so we can access their Gmail account as them?

More preferable (given that our user db is in Supabase) would be to log the oAuth tokens for each user with their profile in Supabase then dynamically inject them into n8n as environment variables (if that’s possible). Do you know if n8n supports session-based environment vars as credentials? Or maybe this just means we can’t use the native Gmail integration in n8n but can still invoke a custom workflow that serves the same role but injects the user credential at runtime?

Thx for the guidance.
Sean

Hi Sean, we’re trying to do something similar. Did you manage to figure this out?

There’s a community note that a couple of other discussions reference but we haven’t been able to get it working yet: GitHub - bramkn/n8n-nodes-run-node-with-credentials

Would love any guidance if you managed to find another solution.

Thanks!

@Tim_Morris I do not have a working solution for this yet. Will update this thread if I figure something out. The Github repo you referenced looks promising.

Yeah it does look promising although definitely tricky to get working. I’ve tried contacting the developer for assistance but he is extremely unhelpful.

Let me know if you figure anything out and I’ll do the same.