centersl/n8n-docs
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n-docs.git synced 2026-04-02 20:38:47 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
982b4e9256da1e4d948b9188ca8dfdfe43438245
n8n-docs/docs/hosting/security.md
Deborah Barnard 1af0d7f05d clarify security page now that UM is live
2022-07-21 15:01:18 +01:00

1.1 KiB
Raw Blame History

Security

By default, anyone can access n8n. This is okay if it's running locally, but if you deploy it on a server which is exposed to the web, you have to make sure that n8n is secure.

User management

n8n provides built-in user management for self-hosted n8n instances. Refer to the User management documentation for more information.

Basic auth

You can choose to use basic auth instead of n8n's built-in user management. Activate it by setting the following environment variables:

export N8N_BASIC_AUTH_ACTIVE=true
export N8N_BASIC_AUTH_USER=<USER>
export N8N_BASIC_AUTH_PASSWORD=<PASSWORD>

JWT

There's limited support for JWT based authentication. If enabled, n8n will verify the token with the provided JSON Web Key Set URI. You can configure it using the following environment variables:

export N8N_JWT_AUTH_ACTIVE=true
export N8N_JWT_AUTH_HEADER=<HEADER>
export N8N_JWKS_URI=<URI>

Keep in mind that there is no built-in way of passing down the token in the request, so to use JWT you have to have the token in the request manually.

Reference in New Issue View Git Blame Copy Permalink