Single-sign on (SSO) support

The idea is:

Users can login with an IdP like Keycloak, Ory or paid solutions like Okta rather than using a regular user/password based account. This can provide things like 2FA, location-based threat detection, etc without n8n needing to support any specific feature.

My use case:

Nonprofits and communities use free tools like Keycloak for identity management on a budget, and being able to use n8n in this ecosystem would be fantastic.

I think it would be beneficial to add this because:

It would benefit everyone from small communities to large organizations. Many open-core products lock SSO behind an enterprise tier which puts it out of reach not just for communities but also for small and even midsize nonprofits that can’t afford enterprise level pricing (and don’t have enterprise-level needs for the most part).

Are you willing to work on this?

No idea how

Hey @ianhyzy,

Solid request and I suspect it be part of the future expansion plans once user management (User and Privilege Management [GOT CREATED]) has been released.

It may be worth popping a vote on that, I am not sure if @maxT & @sirdavidoff would count this as the same request or treat it as a different one though.

3 Likes

Thanks @Jon - definitely helpful to track this as it’s own feature as it’ll allow us to better prioritize what functionality we add to our initial version of user management.

2 Likes

for now you can use something like Cloudflare for teams, its what I use to expose my internal n8n externally, uses MFA and can support SSO(IIRC) if you so wish

1 Like

Absolutely this feature will be really helpful and it’ll bring more control to N8N Auth

+1 this is absolutely a security requirement for enterprise deployments

To echo the above, this is a day 1 requirement for any enterprise deployment, specially for regulated industries. Is there any visibility if this request has been accepted, where it sits with overall priorities and when you expect it would land in the product? Thanks and regards, Fuzz

3 Likes

Echoing everyone else expressing the need for this. In some cases it is a hard requirement to have SSO integration and it could be the difference between using this tool or not.

Any updates on this feature? We are using N8N heavily in PROD. And we’ve already have issues managing local users :frowning:

We strongly need it!

Thanks in advance!

Nico

Hey @Nicolas_Andres_Calvo,

Work has started on part of this, Out of interest what idp are you planning to use?

1 Like

Hey @Jon,

Ideally, Google, we have SSO with everything. Alternatively, we could use GitHub.

And at mid term, an specific tool such as Keycloak.

Thanks again @Jon :blush:

Nico