n8n community node with automatic refresh token support
npm install n8n-nodes-refresh-token-auth
This community node provides automatic refresh token authentication support for n8n workflows. It enables seamless integration with APIs that use JWT tokens and require periodic token refreshing.
- Features
- Requirements
- Installation
- Credentials Configuration
- How It Works
- Usage Example
- Advanced Configuration
- Troubleshooting
- Contributing
- License
---
This community node provides a comprehensive solution for token-based authentication with automatic refresh capabilities:
- π Bearer Token Authentication - Automatic inclusion of access token in Authorization header
- π Automatic Token Refresh - Detects expired tokens and refreshes them automatically
- β° JWT Expiration Check - Validates JWT token expiration dates with configurable leeway
- π¨ 401 Error Handling - Automatically refreshes token on authentication failures
- ποΈ Flexible Refresh Modes - Choose when to refresh: Never, Always, On JWT Expiry, or On 401 Error
- βοΈ Customizable Field Names - Configure field names for your specific API (supports dot notation)
- π― Token Testing - Built-in credential testing to verify token validity
- π§ Flexible Configuration - Support for various token refresh mechanisms
- π Custom Request Configuration - Configure custom headers, body, and query string parameters for refresh requests
- π Common Request Template - Apply shared headers and query params to all requests (refresh, test, and main)
- π¦ Form-urlencoded Support - Supports both JSON and form-urlencoded refresh requests
- π Credential Placeholders - Use {{$credentials.accessToken}} and {{$credentials.refreshToken}} in configuration
---
To use this community node, you need:
- n8n version 1.54.4 or higher
- An API that supports token-based authentication with refresh tokens
- Valid access token and refresh token from your API provider
---
1. Open your n8n instance
2. Go to Settings β Community Nodes
3. Click Install
4. Enter: n8n-nodes-refresh-token-auth
5. Click Install
6. Restart n8n if required
``bashNavigate to your n8n installation directory
cd ~/.n8n
$3
If you're using n8n with Docker, add the package to your installation:
dockerfile
FROM n8nio/n8n:latestUSER root
Install the community node
RUN cd /usr/local/lib/node_modules/n8n && \
npm install n8n-nodes-refresh-token-authUSER node
`Or use Docker Compose:
yaml
services:
n8n:
image: n8nio/n8n:latest
environment:
- N8N_COMMUNITY_PACKAGES_ENABLED=true
volumes:
- ~/.n8n:/home/node/.n8n
command: /bin/sh -c "cd /usr/local/lib/node_modules/n8n && npm install n8n-nodes-refresh-token-auth && n8n start"
`---
π Credentials Configuration
$3
1. In your n8n workflow, create a new credential
2. Select Refresh Token Auth
3. Fill in the required fields:
| Field | Description | Example |
| --------------------- | -------------------------------------- | ----------------------------------------- |
| Access Token | Your current access token (JWT) |
|
| Refresh Token | Token used to obtain new access tokens | your-refresh-token-here |
| Refresh Token URL | API endpoint to refresh the token | https://api.example.com/auth/refresh |
| Test URL | Endpoint to test token validity | https://api.example.com/user/profile |$3
Click on Advanced Options to customize the authentication behavior:
| Option | Default | Description |
| --------------------------------- | --------------- | ------------------------------------------------------------------------------------------------------- |
| Access Token Field Name |
access_token | Field name in refresh response for new access token (supports dot notation, e.g., data.token) |
| Refresh Token Field Name | refresh_token | Field name in refresh response for new refresh token (supports dot notation, e.g., data.refreshToken) |
| Authorization Header Prefix | Bearer | Prefix for Authorization header (Bearer, Token, etc.) |
| Refresh Request Configuration | - | JSON configuration for custom headers, body, and query string parameters in refresh requests |
| Common Request Template | - | JSON template for headers and query params applied to ALL requests (refresh, test, and main) |
| Refresh Token Mode | onJwtExpiry | When to trigger token refresh: Never, Always, On JWT Expiry, or On 401 Error |
| JWT Expiry Leeway (seconds) | 60 | Seconds before JWT expiration to trigger refresh (only for "On JWT Expiry" mode) |$3
The Refresh Request Configuration field allows you to customize the refresh token request with:
- Custom Headers: Add any headers required by your API (e.g.,
User-Agent, X-API-Key)
- Custom Body Parameters: Include additional body parameters (e.g., grant_type, client_id, client_secret)
- Query String Parameters: Add query parameters to the refresh URL
- Credential Placeholders: Use {{$credentials.accessToken}} and {{$credentials.refreshToken}} to reference current token valuesThe refresh token location (header or body) is automatically determined based on whether the refresh token field name appears in the
headers or body section of the configuration.Example Configuration:
`json
{
"headers": {
"User-Agent": "MyApp/1.0",
"X-API-Key": "your-api-key"
},
"body": {
"grant_type": "refresh_token",
"refresh_token": "{{$credentials.refreshToken}}",
"client_id": "client_id_here",
"client_secret": "client_secret_here"
},
"qs": {
"version": "v1"
}
}
`Note: The actual refresh token value will be automatically inserted based on the
setting. If the field name appears in headers, the token will be sent in headers; if it appears in body, it will be sent in the body. If neither is specified, it defaults to the body.Credential Placeholders: You can use
{{$credentials.accessToken}} and {{$credentials.refreshToken}} placeholders anywhere in the configuration. These will be automatically replaced with the current token values from your credentials. This is useful when you need to reference tokens in custom headers or body parameters.$3
The Common Request Template field allows you to define headers and query parameters that will be applied to all HTTP requests (refresh requests, test requests, and main requests). This is useful for:
- Device identification headers
- API version parameters
- User-Agent strings
- Any other headers or query params that should be consistent across all calls
Example:
`json
{
"headers": {
"User-Agent": "MyApp/2.0",
"X-Device-ID": "device-12345",
"X-Access-Token": "{{$credentials.accessToken}}"
},
"qs": {
"api_version": "v2",
"stage": "production"
}
}
`Credential Placeholders: You can use
and {{$credentials.refreshToken}} placeholders in the template. These will be automatically replaced with the current token values and applied to all requests (refresh, test, and main).$3
The credential supports four different refresh modes:
| Mode | Description | When to Use |
| --------------------------- | ----------------------------------------------- | ----------------------------------------------------------------- |
| Never (Manual Only) | No automatic refresh | When you want to manage token refresh manually |
| Always | Refresh before every request | When tokens are short-lived or API requires fresh tokens |
| On JWT Expiry (default) | Refresh when JWT exp claim indicates expiration | Most common scenario - efficient and automatic |
| On 401 Error | Refresh only when API returns 401 Unauthorized | When JWT validation isn't reliable or tokens don't have exp claim |
JWT Expiry Leeway: When using "On JWT Expiry" mode, you can configure how many seconds before the actual expiration the token should be refreshed. Default is 60 seconds, which provides a safety buffer to account for clock skew and network delays.
---
π How It Works
$3
`
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. Node makes API request with access token β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 2. Check if token is expired (JWT validation) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββ΄ββββββββββββββββββ
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β Token Valid β β Token Expiredβ
ββββββββββββββββ ββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β Make Request β β Refresh Tokenβ
ββββββββββββββββ ββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β 200 Response β β Update Token β
ββββββββββββββββ ββββββββββββββββ
β β
β βΌ
β ββββββββββββββββ
β β Retry Requestβ
β ββββββββββββββββ
β β
βββββββββββββββββ¬ββββββββββββββββββββ
βΌ
ββββββββββββββββ
β Return Data β
ββββββββββββββββ
$3
The credential automatically handles:
- JWT Expiration: Checks token expiration date before making requests
- 401 Unauthorized: Detects authentication failures and triggers token refresh
- Token Refresh: Calls refresh endpoint and updates stored credentials
- Retry Logic: Automatically retries failed requests with new token
---
π‘ Usage Example
$3
Here's a simple workflow that uses the Refresh Token Auth credential:
1. Add the Refresh Token Example node to your workflow
2. Select your configured Refresh Token Auth credential
3. Configure the node:
- Operation: Get Request
- Base URL:
- API Endpoint:
4. Execute the workflowThe node will automatically:
- Add the Bearer token to the Authorization header
- Check if the token is expired
- Refresh the token if needed
- Make the API request
- Return the response data
$3
#### Example 1: Standard OAuth2 API
Access Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Refresh Token: refresh_abc123xyz
Refresh URL: https://api.example.com/oauth/token
Test URL: https://api.example.com/meAdvanced Options:
- Access Token Field Name: access_token
- Refresh Token Field Name: refresh_token
- Authorization Header Prefix: Bearer
#### Example 2: Custom Token API
Access Token: your-access-token
Refresh Token: your-refresh-token
Refresh URL: https://custom-api.com/auth/refresh
Test URL: https://custom-api.com/user/infoAdvanced Options:
- Access Token Field Name: token
- Refresh Token Field Name: refreshToken
- Authorization Header Prefix: Token
- Refresh Request Configuration:
{
"body": {
"grant_type": "refresh_token",
"refreshToken": "refresh token here",
"client_id": "your_client_id"
}
}
#### Example 3: API with Custom Headers and Query Parameters
Access Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Refresh Token: refresh_abc123xyz
Refresh URL: https://api.example.com/v1/auth/refresh
Test URL: https://api.example.com/v1/user/profileAdvanced Options:
- Access Token Field Name: access_token
- Refresh Token Field Name: refresh_token
- Authorization Header Prefix: Bearer
- Refresh Request Configuration:
{
"headers": {
"User-Agent": "MyApp/2.0",
"X-API-Version": "v1"
},
"body": {
"grant_type": "refresh_token",
"refresh_token": "{{$credentials.refreshToken}}",
"client_id": "client_id_here",
"client_secret": "client_secret_here"
},
"qs": {
"format": "json"
}
}
#### Example 4: Using Credential Placeholders
You can use
and {{$credentials.refreshToken}} placeholders in your configuration to reference current token values:`
Refresh Request Configuration:
{
"headers": {
"Authorization": "Bearer {{$credentials.accessToken}}",
"X-Refresh-Token": "{{$credentials.refreshToken}}"
},
"body": {
"grant_type": "refresh_token",
"refresh_token": "{{$credentials.refreshToken}}",
"token": "{{$credentials.accessToken}}"
}
}Common Request Template:
{
"headers": {
"X-Access-Token": "{{$credentials.accessToken}}",
"User-Agent": "MyApp/1.0"
},
"qs": {
"token": "{{$credentials.accessToken}}"
}
}
The placeholders are automatically replaced with actual token values before making requests.
---
βοΈ Advanced Configuration
$3
The credential supports n8n expression placeholders that allow you to reference current token values in your configuration:
-
- Replaced with the current access token value
- {{$credentials.refreshToken}} - Replaced with the current refresh token valueThese placeholders can be used in:
- Refresh Request Configuration - In headers, body, or query string parameters
- Common Request Template - In headers or query string parameters
Example Usage:
`json
{
"headers": {
"Authorization": "Bearer {{$credentials.accessToken}}",
"X-Refresh-Token": "{{$credentials.refreshToken}}"
},
"body": {
"grant_type": "refresh_token",
"refresh_token": "{{$credentials.refreshToken}}",
"current_token": "{{$credentials.accessToken}}"
}
}
`The placeholders are automatically replaced with actual token values before making requests. This is particularly useful when you need to include tokens in custom headers or when your API requires both tokens in the refresh request.
$3
If your API requires a specific format for refresh requests, you can customize:
1. Field Names: Adjust to match your API's expected field names
2. Request Location: Automatically determined by refresh request configuration (header or body)
3. Header Prefix: Change "Bearer" to "Token" or custom prefix
4. Custom Headers, Body, and Query Parameters: Use Refresh Request Configuration JSON
5. Credential Placeholders: Use
and {{$credentials.refreshToken}} to reference tokens$3
The Refresh Request Configuration field provides full control over the refresh token request format. This is especially useful for APIs that require:
- Additional authentication headers (API keys, custom headers)
- OAuth2-style requests with
grant_type, client_id, client_secret
- Query string parameters
- Custom request formats#### How Refresh Token Location is Determined
The system automatically determines where to send the refresh token:
- If the refresh token field name appears in the
section β token is sent in headers
- If the refresh token field name appears in the body section β token is sent in body
- If neither is specified β token defaults to body#### Example: OAuth2 API Configuration
`javascript
// Your API expects this refresh request format:
POST https://api.example.com/oauth/token
Content-Type: application/json
User-Agent: MyApp/1.0{
"grant_type": "refresh_token",
"refresh_token": "your-refresh-token",
"client_id": "your-client-id",
"client_secret": "your-client-secret"
}
// Configure the credential:
Refresh Token URL: https://api.example.com/oauth/token
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Refresh Request Configuration:
{
"headers": {
"User-Agent": "MyApp/1.0"
},
"body": {
"grant_type": "refresh_token",
"refresh_token": "{{$credentials.refreshToken}}",
"client_id": "your-client-id",
"client_secret": "your-client-secret"
}
}
`Note: Using
placeholder ensures the actual refresh token value is automatically inserted.#### Example: API with Refresh Token in Header
`javascript
// Your API expects refresh token in Authorization header:
POST https://api.example.com/auth/refresh
Content-Type: application/json
Authorization: Bearer your-refresh-token
X-API-Key: your-api-key{
"grant_type": "refresh_token"
}
// Configure the credential:
Refresh Token URL: https://api.example.com/auth/refresh
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Refresh Request Configuration:
{
"headers": {
"Authorization": "Bearer {{$credentials.refreshToken}}",
"X-API-Key": "your-api-key"
},
"body": {
"grant_type": "refresh_token"
}
}
`Note: Using
placeholder ensures the actual refresh token value is automatically inserted into the Authorization header.---
π§ Troubleshooting
$3
#### Token Not Refreshing
Problem: Token expires but doesn't refresh automatically
Solution:
- Verify the Refresh Token URL is correct
- Check that your refresh token is still valid
- Ensure field names match your API's response format
- Verify the Refresh Request Configuration JSON is valid
- Check if your API requires specific headers or body parameters in the refresh request
#### 401 Errors Persisting
Problem: Getting 401 errors even after token refresh
Solution:
- Verify the Authorization Header Prefix is correct (Bearer vs Token)
- Check if your API requires additional headers
- Confirm the access token is being updated in the credential
#### Invalid JSON Response
Problem: Refresh request fails with parsing error
Solution:
- Check your API's refresh endpoint response format
- Update field names in Advanced Options to match response
- Verify the refresh endpoint returns JSON
- Ensure the Refresh Request Configuration JSON is properly formatted
- Check that all required fields (headers, body, qs) are correctly structured
#### Refresh Request Configuration Issues
Problem: Refresh request fails or doesn't match API requirements
Solution:
- Validate your Refresh Request Configuration JSON syntax
- Ensure the refresh token field name appears in either
headers or body section
- Check that all required API parameters (client_id, client_secret, etc.) are included
- Verify custom headers match your API's requirements
- Test the refresh endpoint manually with the same configuration$3
1. Test Credential: Use the "Test" button in credential configuration
2. Check Logs: Enable n8n debug logs to see authentication flow
3. API Documentation: Refer to your API's authentication documentation
4. Manual Test: Use Postman/curl to verify refresh endpoint works
---
π€ Contributing
Contributions are welcome! Here's how you can help:
- Bug Reports: Open an issue describing the problem
- Feature Requests: Suggest new features or improvements
- Pull Requests: Submit code improvements or bug fixes
- Documentation: Help improve or translate documentation
$3
`bash
Clone the repository
git clone https://github.com/yourusername/n8n-nodes-refresh-token-auth.git
cd n8n-nodes-refresh-token-authInstall dependencies
pnpm installBuild the project
pnpm buildWatch for changes during development
pnpm dev
``---
MIT License - see LICENSE file for details
---
- n8n Documentation
- n8n Community Forum
- Creating Custom Nodes
- JWT Introduction
---
If you need help:
1. Check the Troubleshooting section
2. Search existing Issues
3. Open a new issue if your problem isn't covered
4. Join the n8n Community for discussions
---
Made with β€οΈ for the n8n community