By default, anyone can access n8n. This is okay if it's running locally, but if you deploy it on a server which is exposed to the web, you have to make sure that n8n is secure.
n8n provides built-in user management for self-hosted n8n instances. Refer to the User management documentation for more information.
You can choose to use basic auth instead of n8n's built-in user management. Activate it by setting the following environment variables:
1 2 3
There's limited support for JWT based authentication. If enabled, n8n will verify the token with the provided JSON Web Key Set URI. You can configure it using the following environment variables:
1 2 3