Skip to content

n8n Permissions Reference

This section describes all required scopes and access settings for SailPoint Entro's n8n integration.

Required Scopes

The API key must be created with the following scopes:

Scope Purpose
user:list Map workflow ownership to n8n user identities
workflow:list Enumerate all workflows for AI agent discovery

Permissions Justification

  • user:list is required to resolve which n8n user owns each workflow, enabling accurate identity attribution in SailPoint Entro's AI Agents Inventory.

  • workflow:list is required to retrieve workflow definitions and inspect node types for LLM usage.

  • No credential:* scopes are requested - SailPoint Entro does not access or retrieve credential values stored in n8n.

Access Summary

  • Authentication uses an API Key (X-N8N-API-KEY header)

  • All requests performed via the n8n REST API

  • All operations are read-only - no changes are made to workflows or credentials

  • API keys are stored encrypted in SailPoint Entro's Worker Group environment (AES-256)

  • All communication over HTTPS / TLS 1.3