first of all: congrats and thanks for this nice tool.
We have an issue regarding the Thehive node, when used with Thehive-4.
In Thehive version 3.x all Cases (and all objects) were contained in a single Organisation. That means, once authenticated, the user has access to all data.
In Thehive version 4.x however, authentication (via password or API key) is not sufficient. You MUST provide the dedicated http header "X-Organisation: " in most of the API calls. Otherwise you will have no access to the objects (alerts/cases/observables) that belong to the specific organization.
I.e. you get an empty result from the API calls.
So currently, this is apparently not implemented in n8n. It basically does not work with TH4. (for some strange reason - which I cannot explain - API still can access data from the ‘default’ organization without headers, but thats it)
I have seen you provide the option in the credentials settings, to spcify API version 0 or 1 (TH3 or TH4) – but this does not handle the http headers.
Question: How do you plan to go about this ?
This would have to be somehow dynamic, because per each API request, you might want to access a different organisation in Thehive4.