Using n8n API to build a SaaS with per-customer Google credentials – best practices?

Questions
1

Hi everyone,

I’m currently building a SaaS platform on top of n8n and I’m running into challenges around Google integrations and multi-tenant credential management. I’d really appreciate feedback from anyone who has already built something similar.

Project context:

  • Users of my platform can buy prebuilt AI agents

  • Each agent is defined by a JSON model with variables

  • User-provided values are injected to generate a custom JSON

  • This JSON is then sent to the n8n REST API to programmatically create the agent (workflow) for that specific customer

So far, the workflow creation via the API works fine.

The main challenge:
After the agent is created, the Google service nodes (Sheets, Drive, Gmail, etc.) inside each agent must use the customer’s own Google account, not a shared or global one.

I’m trying to figure out the best and cleanest way to handle:

  • OAuth per customer

  • Credential isolation per tenant

  • Mapping credentials to workflows created via the API

  • Avoiding credential overwrites or security issues in a multi-tenant setup

Questions:

  • Has anyone used the n8n API to build a SaaS with per-customer Google OAuth?

  • How did you manage Google credentials dynamically for workflows created programmatically?

  • Did you rely on credential overwrites, custom OAuth flows, separate projects, or another pattern?

  • Any architectural or security pitfalls to be aware of?

Any feedback, real-world experience, or pointers to docs/examples would be extremely helpful.

Thanks in advance :folded_hands:

2

I looked into this before and it’s tricky! You’ll probably need to use separate Google Cloud projects for each customer. Then, use the Google OAuth node to authenticate with each customer’s credentials when launching their specific workflow. Let me know if this works!

3

Okay, thanks for your input. Indeed, a Google credential would be needed for each customer, and I’ve been able to deploy that. The current problem is how to manage authentication. From my research, a UI session would be required because there’s no API endpoint for it, and we can’t use an n8n resource without authentication—that’s the issue now. But I’m currently analyzing possible alternatives.
Thank You !

4

Please also make sure you have the correct license to be allowed to do this.

5

Yes, I have a license to perform this action, because I have already installed N8N on a local machine.

6

Just making sure you understand the license and have the correct one purchased.
Your use case is not allowed with the community version of n8n.
The fact that you have installed n8n locally does not tell us anything about your license.
Do you have a license purchased? if not you need to have a chat with n8n sales for this usecase.

7

Ah, I see now. I didn’t buy a license.
Thank you!