Description
n8n-nodes-refresh-token-auth
This community node provides automatic refresh token authentication support for n8n workflows. It enables seamless integration with APIs that use JWT tokens and require periodic token refreshing.
π Table of Contents
- Features
- Requirements
- Installation
- Credentials Configuration
- How It Works
- Usage Example
- Advanced Configuration
- Troubleshooting
- Contributing
- License
- π Bearer Token Authentication – Automatic inclusion of access token in Authorization header
- π Automatic Token Refresh – Detects expired tokens and refreshes them automatically
- β° JWT Expiration Check – Validates JWT token expiration dates with configurable leeway
- π¨ 401 Error Handling – Automatically refreshes token on authentication failures
- ποΈ Flexible Refresh Modes – Choose when to refresh: Never, Always, On JWT Expiry, or On 401 Error
- βοΈ Customizable Field Names – Configure field names for your specific API (supports dot notation)
- π― Token Testing – Built-in credential testing to verify token validity
- π§ Flexible Configuration – Support for various token refresh mechanisms
- π Custom Request Configuration – Configure custom headers, body, and query string parameters for refresh requests
- π Common Request Template – Apply shared headers and query params to all requests (refresh, test, and main)
- π¦ Form-urlencoded Support – Supports both JSON and form-urlencoded refresh requests
- π Credential Placeholders – Use
{{$credentials.accessToken}}and{{$credentials.refreshToken}}in configuration - n8n version 1.54.4 or higher
- An API that supports token-based authentication with refresh tokens
- Valid access token and refresh token from your API provider
—
β¨ Features
This community node provides a comprehensive solution for token-based authentication with automatic refresh capabilities:
—
π Requirements
To use this community node, you need:
—
π Installation
Option 1: Install via n8n Community Nodes (Recommended)
1. Open your n8n instance
2. Go to Settings β Community Nodes
3. Click Install
4. Enter: n8n-nodes-refresh-token-auth
5. Click Install
6. Restart n8n if required
Option 2: Manual Installation
Navigate to your n8n installation directory
cd ~/.n8nInstall the package
npm install n8n-nodes-refresh-token-authRestart n8n
Option 3: Docker Installation
If you’re using n8n with Docker, add the package to your installation:
FROM n8nio/n8n:latestUSER root
Install the community node
RUN cd /usr/local/lib/node_modules/n8n &&
npm install n8n-nodes-refresh-token-authUSER node
Or use Docker Compose:
services:
n8n:
image: n8nio/n8n:latest
environment:
- N8NCOMMUNITYPACKAGES_ENABLED=true
volumes:
- ~/.n8n:/home/node/.n8n
command: /bin/sh -c "cd /usr/local/lib/node_modules/n8n && npm install n8n-nodes-refresh-token-auth && n8n start"
—
π Credentials Configuration
Basic Setup
1. In your n8n workflow, create a new credential
2. Select Refresh Token Auth
3. Fill in the required fields:
| Field | Description | Example |
| ——————— | ————————————– | —————————————– |
| Access Token | Your current access token (JWT) | eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... |
| Refresh Token | Token used to obtain new access tokens | your-refresh-token-here |
| Refresh Token URL | API endpoint to refresh the token | https://api.example.com/auth/refresh |
| Test URL | Endpoint to test token validity | https://api.example.com/user/profile |
Advanced Options
Click on Advanced Options to customize the authentication behavior:
| Option | Default | Description |
| ——————————— | ————— | ——————————————————————————————————- |
| Access Token Field Name | access_token | Field name in refresh response for new access token (supports dot notation, e.g., data.token) |
| Refresh Token Field Name | refresh_token | Field name in refresh response for new refresh token (supports dot notation, e.g., data.refreshToken) |
| Authorization Header Prefix | Bearer | Prefix for Authorization header (Bearer, Token, etc.) |
| Refresh Request Configuration | – | JSON configuration for custom headers, body, and query string parameters in refresh requests |
| Common Request Template | – | JSON template for headers and query params applied to ALL requests (refresh, test, and main) |
| Refresh Token Mode | onJwtExpiry | When to trigger token refresh: Never, Always, On JWT Expiry, or On 401 Error |
| JWT Expiry Leeway (seconds) | 60 | Seconds before JWT expiration to trigger refresh (only for “On JWT Expiry” mode) |
Refresh Request Configuration
The Refresh Request Configuration field allows you to customize the refresh token request with:
User-Agent, X-API-Key)granttype, clientid, client_secret){{$credentials.accessToken}} and {{$credentials.refreshToken}} to reference current token valuesThe refresh token location (header or body) is automatically determined based on whether the refresh token field name appears in the headers or body section of the configuration.
Example Configuration:
{
"headers": {
"User-Agent": "MyApp/1.0",
"X-API-Key": "your-api-key"
},
"body": {
"granttype": "refreshtoken",
"refresh_token": "{{$credentials.refreshToken}}",
"clientid": "clientid_here",
"clientsecret": "clientsecret_here"
},
"qs": {
"version": "v1"
}
}
Note: The actual refresh token value will be automatically inserted based on the Refresh Token Field Name setting. If the field name appears in headers, the token will be sent in headers; if it appears in body, it will be sent in the body. If neither is specified, it defaults to the body.
Credential Placeholders: You can use {{$credentials.accessToken}} and {{$credentials.refreshToken}} placeholders anywhere in the configuration. These will be automatically replaced with the current token values from your credentials. This is useful when you need to reference tokens in custom headers or body parameters.
Common Request Template
The Common Request Template field allows you to define headers and query parameters that will be applied to all HTTP requests (refresh requests, test requests, and main requests). This is useful for:
Example:
{
"headers": {
"User-Agent": "MyApp/2.0",
"X-Device-ID": "device-12345",
"X-Access-Token": "{{$credentials.accessToken}}"
},
"qs": {
"api_version": "v2",
"stage": "production"
}
}
Credential Placeholders: You can use {{$credentials.accessToken}} and {{$credentials.refreshToken}} placeholders in the template. These will be automatically replaced with the current token values and applied to all requests (refresh, test, and main).
Refresh Token Modes
The credential supports four different refresh modes:
| Mode | Description | When to Use |
| ————————— | ———————————————– | —————————————————————– |
| Never (Manual Only) | No automatic refresh | When you want to manage token refresh manually |
| Always | Refresh before every request | When tokens are short-lived or API requires fresh tokens |
| On JWT Expiry (default) | Refresh when JWT exp claim indicates expiration | Most common scenario – efficient and automatic |
| On 401 Error | Refresh only when API returns 401 Unauthorized | When JWT validation isn’t reliable or tokens don’t have exp claim |
JWT Expiry Leeway: When using “On JWT Expiry” mode, you can configure how many seconds before the actual expiration the token should be refreshed. Default is 60 seconds, which provides a safety buffer to account for clock skew and network delays.
—
π How It Works
Authentication Flow
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. Node makes API request with access token β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 2. Check if token is expired (JWT validation) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββ΄ββββββββββββββββββ
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β Token Valid β β Token Expiredβ
ββββββββββββββββ ββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β Make Request β β Refresh Tokenβ
ββββββββββββββββ ββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββ ββββββββββββββββ
β 200 Response β β Update Token β
ββββββββββββββββ ββββββββββββββββ
β β
β βΌ
β ββββββββββββββββ
β β Retry Requestβ
β ββββββββββββββββ
β β
βββββββββββββββββ¬ββββββββββββββββββββ
βΌ
ββββββββββββββββ
β Return Data β
ββββββββββββββββ
Error Handling
The credential automatically handles:
—
π‘ Usage Example
Example Workflow
Here’s a simple workflow that uses the Refresh Token Auth credential:
1. Add the Refresh Token Example node to your workflow
2. Select your configured Refresh Token Auth credential
3. Configure the node:
– Operation: Get Request
– Base URL: https://api.example.com
– API Endpoint: /api/users
4. Execute the workflow
The node will automatically:
Example API Configurations
#### Example 1: Standard OAuth2 API
Access Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Refresh Token: refresh_abc123xyz
Refresh URL: https://api.example.com/oauth/token
Test URL: https://api.example.com/meAdvanced Options:
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Authorization Header Prefix: Bearer
#### Example 2: Custom Token API
Access Token: your-access-token
Refresh Token: your-refresh-token
Refresh URL: https://custom-api.com/auth/refresh
Test URL: https://custom-api.com/user/infoAdvanced Options:
Access Token Field Name: token
Refresh Token Field Name: refreshToken
Authorization Header Prefix: Token
Refresh Request Configuration:
{
"body": {
"granttype": "refreshtoken",
"refreshToken": "refresh token here",
"clientid": "yourclient_id"
}
}
#### Example 3: API with Custom Headers and Query Parameters
Access Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Refresh Token: refresh_abc123xyz
Refresh URL: https://api.example.com/v1/auth/refresh
Test URL: https://api.example.com/v1/user/profileAdvanced Options:
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Authorization Header Prefix: Bearer
Refresh Request Configuration:
{
"headers": {
"User-Agent": "MyApp/2.0",
"X-API-Version": "v1"
},
"body": {
"granttype": "refreshtoken",
"refresh_token": "{{$credentials.refreshToken}}",
"clientid": "clientid_here",
"clientsecret": "clientsecret_here"
},
"qs": {
"format": "json"
}
}
#### Example 4: Using Credential Placeholders
You can use {{$credentials.accessToken}} and {{$credentials.refreshToken}} placeholders in your configuration to reference current token values:
Refresh Request Configuration:
{
"headers": {
"Authorization": "Bearer {{$credentials.accessToken}}",
"X-Refresh-Token": "{{$credentials.refreshToken}}"
},
"body": {
"granttype": "refreshtoken",
"refresh_token": "{{$credentials.refreshToken}}",
"token": "{{$credentials.accessToken}}"
}
}Common Request Template:
{
"headers": {
"X-Access-Token": "{{$credentials.accessToken}}",
"User-Agent": "MyApp/1.0"
},
"qs": {
"token": "{{$credentials.accessToken}}"
}
}
The placeholders are automatically replaced with actual token values before making requests.
—
βοΈ Advanced Configuration
Credential Placeholders
The credential supports n8n expression placeholders that allow you to reference current token values in your configuration:
{{$credentials.accessToken}} – Replaced with the current access token value{{$credentials.refreshToken}} – Replaced with the current refresh token valueThese placeholders can be used in:
Example Usage:
{
"headers": {
"Authorization": "Bearer {{$credentials.accessToken}}",
"X-Refresh-Token": "{{$credentials.refreshToken}}"
},
"body": {
"granttype": "refreshtoken",
"refresh_token": "{{$credentials.refreshToken}}",
"current_token": "{{$credentials.accessToken}}"
}
}
The placeholders are automatically replaced with actual token values before making requests. This is particularly useful when you need to include tokens in custom headers or when your API requires both tokens in the refresh request.
Custom Refresh Request Format
If your API requires a specific format for refresh requests, you can customize:
1. Field Names: Adjust to match your API’s expected field names
2. Request Location: Automatically determined by refresh request configuration (header or body)
3. Header Prefix: Change “Bearer” to “Token” or custom prefix
4. Custom Headers, Body, and Query Parameters: Use Refresh Request Configuration JSON
5. Credential Placeholders: Use {{$credentials.accessToken}} and {{$credentials.refreshToken}} to reference tokens
Refresh Request Configuration
The Refresh Request Configuration field provides full control over the refresh token request format. This is especially useful for APIs that require:
granttype, clientid, client_secret#### How Refresh Token Location is Determined
The system automatically determines where to send the refresh token:
headers section β token is sent in headersbody section β token is sent in body#### Example: OAuth2 API Configuration
// Your API expects this refresh request format:
POST https://api.example.com/oauth/token
Content-Type: application/json
User-Agent: MyApp/1.0{
"granttype": "refreshtoken",
"refresh_token": "your-refresh-token",
"client_id": "your-client-id",
"client_secret": "your-client-secret"
}
// Configure the credential:
Refresh Token URL: https://api.example.com/oauth/token
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Refresh Request Configuration:
{
"headers": {
"User-Agent": "MyApp/1.0"
},
"body": {
"granttype": "refreshtoken",
"refresh_token": "{{$credentials.refreshToken}}",
"client_id": "your-client-id",
"client_secret": "your-client-secret"
}
}
Note: Using {{$credentials.refreshToken}} placeholder ensures the actual refresh token value is automatically inserted.
#### Example: API with Refresh Token in Header
// Your API expects refresh token in Authorization header:
POST https://api.example.com/auth/refresh
Content-Type: application/json
Authorization: Bearer your-refresh-token
X-API-Key: your-api-key{
"granttype": "refreshtoken"
}
// Configure the credential:
Refresh Token URL: https://api.example.com/auth/refresh
Access Token Field Name: access_token
Refresh Token Field Name: refresh_token
Refresh Request Configuration:
{
"headers": {
"Authorization": "Bearer {{$credentials.refreshToken}}",
"X-API-Key": "your-api-key"
},
"body": {
"granttype": "refreshtoken"
}
}
Note: Using {{$credentials.refreshToken}} placeholder ensures the actual refresh token value is automatically inserted into the Authorization header.
—
π§ Troubleshooting
Common Issues
#### Token Not Refreshing
Problem: Token expires but doesn’t refresh automatically
Solution:
#### 401 Errors Persisting
Problem: Getting 401 errors even after token refresh
Solution:
#### Invalid JSON Response
Problem: Refresh request fails with parsing error
Solution:
#### Refresh Request Configuration Issues
Problem: Refresh request fails or doesn’t match API requirements
Solution:
headers or body sectionDebug Tips
1. Test Credential: Use the “Test” button in credential configuration
2. Check Logs: Enable n8n debug logs to see authentication flow
3. API Documentation: Refer to your API’s authentication documentation
4. Manual Test: Use Postman/curl to verify refresh endpoint works
—
π€ Contributing
Contributions are welcome! Here’s how you can help:
Development Setup
Clone the repository
git clone https://github.com/yourusername/n8n-nodes-refresh-token-auth.git
cd n8n-nodes-refresh-token-authInstall dependencies
pnpm installBuild the project
pnpm buildWatch for changes during development
pnpm dev
—
π License
MIT License – see LICENSE file for details
—
π Resources
—
π Support
If you need help:
1. Check the Troubleshooting section
2. Search existing Issues
3. Open a new issue if your problem isn’t covered
4. Join the n8n Community for discussions
—
Made with β€οΈ for the n8n community