HumationHuman + Automation
Back to Catalog

Host your own JWT authentication system with Data Tables and token management

Luka ZivkovicLuka Zivkovic
3421 views
2/3/2026
GitHubWebhookAutomationPull RequestDevelopment
Official Page

Description

A production-ready authentication workflow implementing secure user registration, login, token verification, and refresh token mechanisms. Perfect for adding authentication to any application without needing a separate auth service.

Get started with n8n now!

What it does

This template provides a complete authentication backend using n8n workflows and Data Tables:

  • User Registration: Creates accounts with secure password hashing (SHA-512 + unique salts)
  • Login System: Generates access tokens (15 min) and refresh tokens (7 days) using JWT
  • Token Verification: Validates access tokens for protected endpoints
  • Token Refresh: Issues new access tokens without requiring re-login
  • Security Features: HMAC-SHA256 signatures, hashed refresh tokens in database, protection against rainbow table attacks

Why use this template

  • No external services: Everything runs in n8n - no Auth0, Firebase, or third-party dependencies
  • Production-ready security: Industry-standard JWT implementation with proper token lifecycle management
  • Easy integration: Simple REST API endpoints that work with any frontend framework
  • Fully customizable: Adjust token lifespans, add custom user fields, implement your own business logic
  • Well-documented: Extensive inline notes explain every security decision and implementation detail

How to set up

Prerequisites

  • n8n instance (cloud or self-hosted)
  • n8n Data Tables feature enabled

Setup Steps

  1. Create Data Tables:
  • users table: id, email, username, password_hash, refresh_token
  • refresh_tokens table: id, user_id, token_hash, expires_at
  1. Generate Secret Keys: Run this command to generate a random secret:
  node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"

Generate two different secrets for ACCESS_SECRET and REFRESH_SECRET 3. Configure Secrets:

  • Update the three "SET ACCESS AND REFRESH SECRET" nodes with your generated keys
  • Or migrate to n8n Variables for better security (instructions in workflow notes)
  1. Connect Data Tables:
  • Open each Data Table node
  • Select your created tables from the dropdown
  1. Activate Workflow:
  • Save and activate the workflow
  • Note your webhook URLs

API Endpoints

Register: POST /webhook/register-user Request body:

{
 "email": "user@example.com",
 "username": "username",
 "password": "password123"
}

Login: POST /webhook/login Request body:

{
 "email": "user@example.com",
 "password": "password123"
}

Returns:

{
 "accessToken": "...",
 "refreshToken": "...",
 "user": {...}
}

Verify Token: POST /webhook/verify-token Request body:

{
 "access_token": "your_access_token"
}

Refresh: POST /webhook/refresh Request body:

{
 "refresh_token": "your_refresh_token"
}

Frontend Integration Example (Vue.js/React)

Login flow:

const response = await fetch('https://your-n8n.app/webhook/login', {
 method: 'POST',
 headers: { 'Content-Type': 'application/json' },
 body: JSON.stringify({ email, password })
});
const { accessToken, refreshToken } = await response.json();
localStorage.setItem('accessToken', accessToken);

Make authenticated requests:

const data = await fetch('https://your-api.com/protected', {
 headers: { 'Authorization': Bearer ${accessToken} }
});

Key Features

  • Secure Password Storage: Never stores plain text passwords; uses SHA-512 with unique salts
  • Two-Token System: Short-lived access tokens (security) + long-lived refresh tokens (convenience)
  • Database Token Revocation: Refresh tokens can be revoked for logout-all-devices functionality
  • Duplicate Prevention: Checks username and email availability before account creation
  • Error Handling: Generic error messages prevent information leakage
  • Extensive Documentation: 30+ sticky notes explain every security decision

Use Cases

  • SaaS applications needing user authentication
  • Mobile app backends
  • Internal tools requiring access control
  • MVP/prototype authentication without third-party costs
  • Learning JWT and auth system architecture

Customization

  • Token Lifespan: Modify expiration times in "Create JWT Payload" nodes
  • User Fields: Add custom fields to registration and user profile
  • Password Rules: Update validation in "Validate Registration Request" node
  • Token Rotation: Implement refresh token rotation for enhanced security (notes included)

Security Notes

:warning: Important:

  • Change the default secret keys before production use
  • Use HTTPS for all webhook endpoints
  • Store secrets in n8n Variables (not hardcoded)
  • Regularly rotate secret keys in production
  • Consider rate limiting for login endpoints

Support & Documentation

The workflow includes comprehensive documentation:

  • Complete authentication flow overview
  • Security explanations for every decision
  • Troubleshooting guide
  • Setup instructions
  • FAQ section with common issues Perfect for developers who want full control over their authentication system without the complexity of managing separate auth infrastructure.

Get Started with n8n now!

Tags: authentication, jwt, login, security, user-management, tokens, password-hashing, api, backend

n8n JWT Authentication System with Data Tables and Token Management

This n8n workflow provides a robust, self-hosted system for handling JWT (JSON Web Token) authentication, user data management, and token blacklisting. It leverages n8n's built-in Data Tables for storing user credentials and managing active/blacklisted tokens, offering a complete authentication solution without external databases.

What it does

This workflow acts as a comprehensive backend for JWT authentication, simplifying several key aspects:

  1. Receives API Requests: It listens for incoming HTTP requests via a webhook, serving as the entry point for authentication and token management.
  2. Validates JWTs: It checks for the presence and validity of JWTs in incoming requests, ensuring only authenticated requests proceed.
  3. Manages User Data: It interacts with an n8n Data Table to store and retrieve user credentials, acting as a user database.
  4. Handles Token Blacklisting: It maintains a separate n8n Data Table for blacklisting tokens, revoking access for compromised or logged-out users.
  5. Generates and Verifies Hashes: It uses the Crypto node to hash sensitive data (like passwords) and verify hashes, enhancing security.
  6. Conditional Logic: It employs an If node to route requests based on various conditions, such as token validity or request type.
  7. Responds to Requests: It constructs and sends appropriate HTTP responses, including success messages, error codes, and JWTs.
  8. Internal Workflow Execution: It can trigger other workflows or be triggered by them, allowing for modular and scalable authentication logic.
  9. Data Transformation: It uses Set and Code nodes to manipulate and prepare data for various steps, such as formatting responses or extracting information from requests.

Prerequisites/Requirements

  • n8n Instance: A running n8n instance (self-hosted or cloud).
  • n8n Data Tables: This workflow heavily relies on n8n's Data Tables feature for storing user information and blacklisted tokens. You will need to configure at least two Data Tables:
    • One for user credentials (e.g., users with columns like username, hashedPassword, salt).
    • One for blacklisted tokens (e.g., blacklistedTokens with a column like token).
  • JWT Secret Key: A strong secret key used for signing and verifying JWTs. This should be configured within the Crypto node or as an environment variable.

Setup/Usage

  1. Import the Workflow: Download the JSON content and import it into your n8n instance.
  2. Configure the Webhook: The "Webhook" node will provide a unique URL. This URL will be the endpoint for your authentication API.
  3. Set up Data Tables:
    • Create a Data Table named users (or similar) with columns for username, hashedPassword, and salt.
    • Create another Data Table named blacklistedTokens (or similar) with a column for token.
    • Ensure the "Data table" nodes in the workflow are configured to use these tables.
  4. Configure Crypto Node:
    • Update the "Crypto" node with your desired hashing algorithm and, crucially, your JWT secret key. Do not hardcode sensitive keys directly in the workflow; use environment variables or n8n credentials.
  5. Customize Logic (Optional):
    • Adjust the "If" nodes to modify authentication rules, such as password complexity or token expiration.
    • Modify the "Set" and "Code" nodes to tailor data processing or response formats to your specific application needs.
  6. Activate the Workflow: Once configured, activate the workflow to make your JWT authentication API live.

This workflow provides a solid foundation for a custom JWT authentication system. You can extend it further to include features like password reset, role-based access control, and more sophisticated token management.

Related Templates

Track competitor SEO keywords with Decodo + GPT-4.1-mini + Google Sheets

This workflow automates competitor keyword research using OpenAI LLM and Decodo for intelligent web scraping. Who this is for SEO specialists, content strategists, and growth marketers who want to automate keyword research and competitive intelligence. Marketing analysts managing multiple clients or websites who need consistent SEO tracking without manual data pulls. Agencies or automation engineers using Google Sheets as an SEO data dashboard for keyword monitoring and reporting. What problem this workflow solves Tracking competitor keywords manually is slow and inconsistent. Most SEO tools provide limited API access or lack contextual keyword analysis. This workflow solves that by: Automatically scraping any competitor’s webpage with Decodo. Using OpenAI GPT-4.1-mini to interpret keyword intent, density, and semantic focus. Storing structured keyword insights directly in Google Sheets for ongoing tracking and trend analysis. What this workflow does Trigger — Manually start the workflow or schedule it to run periodically. Input Setup — Define the website URL and target country (e.g., https://dev.to, france). Data Scraping (Decodo) — Fetch competitor web content and metadata. Keyword Analysis (OpenAI GPT-4.1-mini) Extract primary and secondary keywords. Identify focus topics and semantic entities. Generate a keyword density summary and SEO strength score. Recommend optimization and internal linking opportunities. Data Structuring — Clean and convert GPT output into JSON format. Data Storage (Google Sheets) — Append structured keyword data to a Google Sheet for long-term tracking. Setup Prerequisites If you are new to Decode, please signup on this link visit.decodo.com n8n account with workflow editor access Decodo API credentials OpenAI API key Google Sheets account connected via OAuth2 Make sure to install the Decodo Community node. Create a Google Sheet Add columns for: primarykeywords, seostrengthscore, keyworddensity_summary, etc. Share with your n8n Google account. Connect Credentials Add credentials for: Decodo API credentials - You need to register, login and obtain the Basic Authentication Token via Decodo Dashboard OpenAI API (for GPT-4o-mini) Google Sheets OAuth2 Configure Input Fields Edit the “Set Input Fields” node to set your target site and region. Run the Workflow Click Execute Workflow in n8n. View structured results in your connected Google Sheet. How to customize this workflow Track Multiple Competitors → Use a Google Sheet or CSV list of URLs; loop through them using the Split In Batches node. Add Language Detection → Add a Gemini or GPT node before keyword analysis to detect content language and adjust prompts. Enhance the SEO Report → Expand the GPT prompt to include backlink insights, metadata optimization, or readability checks. Integrate Visualization → Connect your Google Sheet to Looker Studio for SEO performance dashboards. Schedule Auto-Runs → Use the Cron Node to run weekly or monthly for competitor keyword refreshes. Summary This workflow automates competitor keyword research using: Decodo for intelligent web scraping OpenAI GPT-4.1-mini for keyword and SEO analysis Google Sheets for live tracking and reporting It’s a complete AI-powered SEO intelligence pipeline ideal for teams that want actionable insights on keyword gaps, optimization opportunities, and content focus trends, without relying on expensive SEO SaaS tools.

Ranjan DailataBy Ranjan Dailata
161

Generate song lyrics and music from text prompts using OpenAI and Fal.ai Minimax

Spark your creativity instantly in any chat—turn a simple prompt like "heartbreak ballad" into original, full-length lyrics and a professional AI-generated music track, all without leaving your conversation. 📋 What This Template Does This chat-triggered workflow harnesses AI to generate detailed, genre-matched song lyrics (at least 600 characters) from user messages, then queues them for music synthesis via Fal.ai's minimax-music model. It polls asynchronously until the track is ready, delivering lyrics and audio URL back in chat. Crafts original, structured lyrics with verses, choruses, and bridges using OpenAI Submits to Fal.ai for melody, instrumentation, and vocals aligned to the style Handles long-running generations with smart looping and status checks Returns complete song package (lyrics + audio link) for seamless sharing 🔧 Prerequisites n8n account (self-hosted or cloud with chat integration enabled) OpenAI account with API access for GPT models Fal.ai account for AI music generation 🔑 Required Credentials OpenAI API Setup Go to platform.openai.com → API keys (sidebar) Click "Create new secret key" → Name it (e.g., "n8n Songwriter") Copy the key and add to n8n as "OpenAI API" credential type Test by sending a simple chat completion request Fal.ai HTTP Header Auth Setup Sign up at fal.ai → Dashboard → API Keys Generate a new API key → Copy it In n8n, create "HTTP Header Auth" credential: Name="Fal.ai", Header Name="Authorization", Header Value="Key [Your API Key]" Test with a simple GET to their queue endpoint (e.g., /status) ⚙️ Configuration Steps Import the workflow JSON into your n8n instance Assign OpenAI API credentials to the "OpenAI Chat Model" node Assign Fal.ai HTTP Header Auth to the "Generate Music Track", "Check Generation Status", and "Fetch Final Result" nodes Activate the workflow—chat trigger will appear in your n8n chat interface Test by messaging: "Create an upbeat pop song about road trips" 🎯 Use Cases Content Creators: YouTubers generating custom jingles for videos on the fly, streamlining production from idea to audio export Educators: Music teachers using chat prompts to create era-specific folk tunes for classroom discussions, fostering interactive learning Gift Personalization: Friends crafting anniversary R&B tracks from shared memories via quick chats, delivering emotional audio surprises Artist Brainstorming: Songwriters prototyping hip-hop beats in real-time during sessions, accelerating collaboration and iteration ⚠️ Troubleshooting Invalid JSON from AI Agent: Ensure the system prompt stresses valid JSON; test the agent standalone with a sample query Music Generation Fails (401/403): Verify Fal.ai API key has minimax-music access; check usage quotas in dashboard Status Polling Loops Indefinitely: Bump wait time to 45-60s for complex tracks; inspect fal.ai queue logs for bottlenecks Lyrics Under 600 Characters: Tweak agent prompt to enforce fuller structures like [V1][C][V2][B][C]; verify output length in executions

Daniel NkenchoBy Daniel Nkencho
601

Automate Dutch Public Procurement Data Collection with TenderNed

TenderNed Public Procurement What This Workflow Does This workflow automates the collection of public procurement data from TenderNed (the official Dutch tender platform). It: Fetches the latest tender publications from the TenderNed API Retrieves detailed information in both XML and JSON formats for each tender Parses and extracts key information like organization names, titles, descriptions, and reference numbers Filters results based on your custom criteria Stores the data in a database for easy querying and analysis Setup Instructions This template comes with sticky notes providing step-by-step instructions in Dutch and various query options you can customize. Prerequisites TenderNed API Access - Register at TenderNed for API credentials Configuration Steps Set up TenderNed credentials: Add HTTP Basic Auth credentials with your TenderNed API username and password Apply these credentials to the three HTTP Request nodes: "Tenderned Publicaties" "Haal XML Details" "Haal JSON Details" Customize filters: Modify the "Filter op ..." node to match your specific requirements Examples: specific organizations, contract values, regions, etc. How It Works Step 1: Trigger The workflow can be triggered either manually for testing or automatically on a daily schedule. Step 2: Fetch Publications Makes an API call to TenderNed to retrieve a list of recent publications (up to 100 per request). Step 3: Process & Split Extracts the tender array from the response and splits it into individual items for processing. Step 4: Fetch Details For each tender, the workflow makes two parallel API calls: XML endpoint - Retrieves the complete tender documentation in XML format JSON endpoint - Fetches metadata including reference numbers and keywords Step 5: Parse & Merge Parses the XML data and merges it with the JSON metadata and batch information into a single data structure. Step 6: Extract Fields Maps the raw API data to clean, structured fields including: Publication ID and date Organization name Tender title and description Reference numbers (kenmerk, TED number) Step 7: Filter Applies your custom filter criteria to focus on relevant tenders only. Step 8: Store Inserts the processed data into your database for storage and future analysis. Customization Tips Modify API Parameters In the "Tenderned Publicaties" node, you can adjust: offset: Starting position for pagination size: Number of results per request (max 100) Add query parameters for date ranges, status filters, etc. Add More Fields Extend the "Splits Alle Velden" node to extract additional fields from the XML/JSON data, such as: Contract value estimates Deadline dates CPV codes (procurement classification) Contact information Integrate Notifications Add a Slack, Email, or Discord node after the filter to get notified about new matching tenders. Incremental Updates Modify the workflow to only fetch new tenders by: Storing the last execution timestamp Adding date filters to the API query Only processing publications newer than the last run Troubleshooting No data returned? Verify your TenderNed API credentials are correct Check that you have setup youre filter proper Need help setting this up or interested in a complete tender analysis solution? Get in touch 🔗 LinkedIn – Wessel Bulte

Wessel BulteBy Wessel Bulte
247