Now n8n only have an optional basic credential auth method, but I think there should have a user management feature, so that users could mange their own workflows, and multi-users could share a n8n instance.
In addition, the ‘Group’ could be added to n8n – users in same groups could adjust shared workflows.
Any discussing or roadmap about this (user/group/privillege/security management)?
Yes, I totally agree! That is something very important and is on my list for a very long time now. Sadly never had time to work on it as there were always more pressing things to do because right now I am sadly the only person of the “n8n-team”. But it is very great to see that now more and more people are joining the community and started to contribute by building integration, fixing bugs and typos, creating tutorials and more. That frees up some of my time to work on other things like that.
Also, hope that I can launch the hosted version of n8n soon (for which user-management would also be very important) to generate some revenue to start working at some point full time on n8n. Right now I still have to work part-time somewhere else to earn my living as n8n currently does not just cost a lot of time it cost me money to run.
Yes, but adding User Management is sadly not a feature we are able to push out in a few hours and also nothing you want to get wrong. For that reason did we not get to it yet. It is however something we want to get out in the next few months.
Hi all! Excited to break ground on this feature. I’m currently performing research with users to iron out a spec for V1 User Management functionality. If you would be interested in getting on a short call to help inform that spec - please send me a direct message and I’ll reach out with a call link.
We’re compiling the various requirements you have for a User Management feature, so these can be used as a rubric when evaluating various implementation approaches.
On that note, please comment here requirements that you would like for us to consider. Here are a few examples:
"Ability to transfer ownership of a credential from one user to another" "Group workflows by project" "Group workflows by team"
Feel free to make these specific to fit your needs too, like “Give edit access to database credentials only to engineers, not marketers”. They give us great context, and then we can map these specific requirements to more abstract ones that ultimately make it into a feature spec.
As you do this, would be also amazing to understand how many users you’d potentially have on your instance, and their roles in the org (as it relates to interacting with workflows + credentials). Like, “We have growth engineers who create workflows and hand those off to growth marketers who use/ modify those flows”.
This is a great opportunity to ensure your voice is heard - so please don’t be shy, the more the merrier
For our instance, on a basic level we’ll definitely want to make sure that groups have credentials and workflows that only they can see.
As a step up, it would be nice to separately control privileges for ‘viewing’ the workflow and editing the workflow/credentials at a bare minimum. In the majority of cases I can think of, we’d want to extend view access to workflows to all members of a democratic org like a union (or even publicly via a share URL as mentioned before) and give edit rights to an ‘infrastructure committee’ or something.
At its extreme, if there was a separate credentials role, we might delegate management to one or two responsible folk with a bit of engineering understanding, but that level of granularity isn’t as important as the basics.
I also mentioned this before that because different people will be working on stuff, it would be great if there was some kind of action log of who’s changed what with some way to rollback.
And another extrapolation, and sorry, I think this is a real tangent from your question: I’m curious what the UX will be of two people editing the same workflow at once – how will differences be reconciled if they both save? I wonder if you could highlight that two people are editing the same doc all at once, Google Docs / Miro style, and sync the changes real time:
That’s a nice way of distilling this @sirdavidoff. I think probably Level 1 is doable at the beginning, to be fair, given how new and oblique this tooling is.
Level 2 would be ideal if you’re told who else is currently editing, so you can have a quick chat before either of you breaks the workflow. It would emphasise the collaborative nature of the work (similar to, say, Google Docs and contrasting, say, Zapier), but isn’t critical to the fact that there is an accessible automations tool.
In terms of roadmap, the V1 feature is currently in production. We’ll first roll out an update to credentials interface that is a dependency of user management, and afterwards will come the V1 - it’ll allow users to coexist on one instance and optionally share workflows and creds with other users. So soon, others will be able to use a shared credential in their workflows without having access to the underlying parameters (API keys etc).
I don’t have a firm estimate at the moment as it’s a non-trivial feature that touches many parts of n8n, but rest assured it’s being actively developed right now!