Problem with unauthorized error on my own n8n instance

After the update of n8n I have an Unauthorized error on my OAuth2 callback link. I cannot add any new authorization, thus the ones created in the past work fine. I have tried with Google and Dropbox, neither worked.

I am running my n8n in Docker instance, on Synology NAS with ddns and reverse proxy.

Information on my n8n setup

  • n8n version: 1.27.3
  • Database (default: SQLite): default
  • n8n EXECUTIONS_PROCESS setting (default: own, main): own
  • Running n8n via (Docker, npm, n8n cloud, desktop app): Docker
  • Operating system: Synology

Hey @Artur_Witek,

Welcome to the community :cake:

Do you know what version you were using before the update and what is the URL you are using? I had a similar issue with a domain of mine which was like https://xxx-yyy.zzz.aaaa.net so I am wondering if maybe there is some kind of issue with some patterns.

1.14.2 - that is my previous version.

The domain is https://n8n.XXX.ddns.me/rest/oauth2-credential/callback

(XXX cut for safety)

Hey @Artur_Witek,

Interesting so I have a theory that maybe domains with 4 parts are failing For now if you have a backup I would recommend going back to 1.14.2

hej @Jon,

I have made it shorter n8n.mydomain.com - with no results, still getting 401 Unauthorized.

What is working for now is that I am authorizing myself in older version (running old container) and when positive I switch back to the newest one (I really need that AI Langchain functions!).

The trick is I am working on the same volume in the docker environment. It is really dirty solution, but it works…

I’ve already spent a lot of time redirecting and proxying, and I will stay with this setup until solved - have not time to check which version breaks.

1 Like

Interesting, I will keep an eye on other requests to see if anything else pops up. For me right now this is still working on 1.30.1 with my shorter domain.

Ok, I have finally figured it out, but the solution is that easy that I am ashamed with my stupidity. Yet here is the explanation:

I have the n8n hosted on my own server in my little homelab, using private address 192.168.x.x
I have the same n8n visible outside as ddns url.

What I didn’t write in above posts is that the case I was using it from outside is only to fix things where I am not in my house, so 90% of the time I am using the 192.168.x.x instance. And that is the thing - browser just doesn’t allow private addresses for oauth2 callback, when n8n received post message from 192.168.x.x it just said it’s compromised.

The solution here is to use n8n from the external address and everything works fine.

It’s simple stupid, yet it took me some time to figure out (and few instances of n8n set up…).

Hope nobody gets into the same rabbit hole…

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.