My company just started using N8N since yesterday. Since great power comes with great responsibility, we immediately set up SS0 (SAML) to manage the users.
While the SSO sign in works, it also allows everyone from our organization to login, users are automatically created in N8N from the moment they first sign-in through SSO. The default member type is also “member” which means that everyone in our organization can start creating workflows.
For context, our company has over 10.000 employees but only a small subset of them will be allowed to use N8N.
Is there an option to disable this behavior? Ideally, we first create the user in N8N, assign a role (member, admin, etc) and subsequently, the user can login using SSO.
Or can this only be managed through the identity provider?
Hi @Sirolf Welcome!
Never heard of any way to actually prevent a user from creating account at the first SSO login, i guess you need to prevent giving access to the users which should not get the n8n access, via SAML i think: https://docs.n8n.io/user-management/saml/setup/
Although if you have a enterprise level license, you have an option to enable User role provisioning via SAML.
Thanks for the replies @barn4k@Anshul_Namdev !
We came to the same conclusion indeed. We will need to manage access through the IdP and not through N8N.
Other cloud tools in our landscape support to login via SSO while still managing user onboarding through the tool and I was hoping something similar existed for N8N. Maybe in the future
