@n8n-as-code/skills 1.1.3 → 1.1.4

package/dist/assets/n8n-docs-complete.json

@@ -1,5 +1,5 @@
 {
-  "generatedAt": "2026-03-17T11:46:05.334Z",
+  "generatedAt": "2026-03-17T20:01:50.285Z",
   "version": "1.0.0",
   "sourceUrl": "https://docs.n8n.io/llms.txt",
   "totalPages": 1254,
@@ -1793,13 +1793,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# External secrets\n\nFeature availability\n\n- External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans.\n- n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault.\n- From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider.\n- n8n doesn't support [HashiCorp Vault Secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\nInfisical deprecation\n\nInfisical is deprecated. From version 2.10.0, you can't connect new Infisical vaults. Existing ones remain for now.\n\nYou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in its database, and restricts access to them by default. With the external secrets feature, you can store sensitive credential information in an external vault, and have n8n load it in when required. This provides an extra layer of security and allows you to manage credentials used across multiple [n8n environments](../source-control-environments/) in one central place.\n\n## Connect n8n to your secrets store\n\nSecret values\n\nn8n only supports plaintext values for secrets, not JSON objects.\n\n1. In n8n, go to **Settings** > **External Secrets**.\n1. Click **Add secrets vault**.\n1. Enter a unique name for your vault. This will be the first segment when referencing this vault in a `{{ $secrets.<vault-name>... }}` expression in a credential.\n1. Select one of the supported secret providers.\n1. Enter the credentials for your provider. Refer to the provider-specific sections below for details.\n1. **Save** your configuration.\n\nAs long as this store is connected, you can reference its secrets in credentials.\n\n### 1Password\n\n1Password Connect Server required\n\nn8n integrates with [1Password Connect Server](https://developer.1password.com/docs/connect/get-started/), a self-hosted API for machine access to 1Password. This isn't the same as a personal or team 1Password account. You must deploy and run a Connect Server to use this provider.\n\nProvide your **Connect Server URL** and **Access Token**. The Connect Server URL is the address where your server is accessible (for example, `http://localhost:8080`). The Access Token is the token you created for the Connect Server integration.\n\nn8n reads all vaults and items accessible to the token. Each 1Password item becomes a secret, with the item's fields accessible as properties. Use `{{ $secrets.<vault-name>.<item-title>.<field-label> }}` to access a specific field value.\n\n### AWS Secrets Manager\n\nProvide your **access key ID**, **secret access key**, and **region**. The IAM user must have the `secretsmanager:ListSecrets`, `secretsmanager:BatchGetSecretValue`, and `secretsmanager:GetSecretValue` permissions.\n\nTo give n8n access to all secrets in your AWS Secrets Manager, you can attach the following policy to the IAM user:\n\n```\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AccessAllSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:ListSecrets\",\n\t\t\t\t\"secretsmanager:BatchGetSecretValue\",\n\t\t\t\t\"secretsmanager:GetResourcePolicy\",\n\t\t\t\t\"secretsmanager:GetSecretValue\",\n\t\t\t\t\"secretsmanager:DescribeSecret\",\n\t\t\t\t\"secretsmanager:ListSecretVersionIds\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n```\n\nYou can also be more restrictive and give n8n access to select specific AWS Secret Manager secrets. You still need to allow the `secretsmanager:ListSecrets` and `secretsmanager:BatchGetSecretValue` permissions to access all resources. These permissions allow n8n to retrieve ARN-scoped secrets, but don't provide access to the secret values.\n\nNext, you need set the scope for the `secretsmanager:GetSecretValue` permission to the specific Amazon Resource Names (ARNs) for the secrets you wish to share with n8n. Ensure you use the correct region and account ID in each resource ARNs. You can find the ARN details in the AWS dashboard for your secrets.\n\nFor example, the following IAM policy only allows access to secrets with a name starting with `n8n` in your specified AWS account and region:\n\n```\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"ListingSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:ListSecrets\",\n\t\t\t\t\"secretsmanager:BatchGetSecretValue\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t},\n\t\t{\n\t\t\t\"Sid\": \"RetrievingSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:GetSecretValue\",\n\t\t\t\t\"secretsmanager:DescribeSecret\"\n\t\t\t],\n\t\t\t\"Resource\": [\n\t\t\t\t\"arn:aws:secretsmanager:us-west-2:123456789000:secret:n8n*\"\n\t\t\t]\n\t\t}\n\t]\n}\n```\n\nFor more IAM permission policy examples, consult the [AWS documentation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_iam-policies.html#auth-and-access_examples_batch).\n\n### Azure Key Vault\n\nProvide your **vault name**, **tenant ID**, **client ID**, and **client secret**. Refer to the Azure documentation to [register a Microsoft Entra ID app and create a service principal](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal). n8n supports only single-line values for secrets.\n\n### GCP Secrets Manager\n\nProvide a **Service Account Key** (JSON) for a service account that has at least these roles: `Secret Manager Secret Accessor` and `Secret Manager Secret Viewer`. Refer to Google's [service account documentation](https://cloud.google.com/iam/docs/service-account-overview) for more information.\n\n### HashiCorp Vault\n\nProvide the **Vault URL** for your vault instance, and select your **Authentication Method**. Enter your authentication details. Optionally provide a namespace.\n\n- Refer to the HashiCorp documentation for your authentication method:\n  - [Token auth method](https://developer.hashicorp.com/vault/docs/auth/token)\n  - [AppRole auth method](https://developer.hashicorp.com/vault/docs/auth/approle)\n  - [Userpass auth method](https://developer.hashicorp.com/vault/docs/auth/userpass)\n- If you use vault namespaces, you can enter the namespace n8n should connect to. Refer to [Vault Enterprise namespaces](https://developer.hashicorp.com/vault/docs/enterprise/namespaces) for more information on HashiCorp Vault namespaces.\n\n#### Manual KV mount configuration\n\nBy default, n8n autodiscovers KV secret engines by reading `sys/mounts`. If your Vault token doesn't have access to `sys/mounts`, you can manually specify the KV engine mount path and version instead:\n\n- **KV Mount Path**: The mount path of your KV secret engine (for example, `secret/`). When set, n8n skips `sys/mounts` autodiscovery and uses this path directly. Leave blank to use autodiscovery.\n- **KV Version**: The KV engine version (`v1` or `v2`). Defaults to `v2`. Only applies when you specify a **KV Mount Path**.\n\nYour Vault token still needs read and list access to the KV path itself. The following example shows a minimal Vault policy for a KV v2 mount at `secret/`:\n\n```\n# Read and list secrets at the \"secret/\" KV v2 mount\npath \"secret/data/*\" {\n  capabilities = [\"read\"]\n}\npath \"secret/metadata/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\nFor KV v1, you only need a single policy path:\n\n```\n# Read and list secrets at the \"kv/\" KV v1 mount\npath \"kv/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\n## Share vault\n\nBy default, a secrets vault is **global**: users across the instance can use credentials that reference secrets from that vault.\n\nInstance admins can restrict a vault to a specific [project](../user-management/rbac/projects/). Once you assign a vault to a project, only that project’s credentials can reference its secrets. You can choose to tie a vault to a single project or keep it global.\n\nTo assign the scope:\n\n1. In n8n, go to **Settings** > **External Secrets**.\n1. Find the vault you want to configure and select **Edit**.\n1. Under **Share**, choose one of the following:\n   - **Global**: Share this vault across your entire n8n instance. This allows credentials across the instance to reference these secrets.\n   - **Project**: Restrict this vault to a specific project. Choosing a project limits secret access to only that project's credentials.\n1. **Save** your configuration.\n\n## Use secrets in n8n credentials\n\nTo use a secret from your store in an n8n credential:\n\n1. Create a new credential, or open an existing one.\n\n1. On the field where you want to use a secret:\n\n   1. Hover over the field.\n   1. Select **Expression**.\n\n1. In the field where you want to use a secret, enter an [expression](../glossary/#expression-n8n) referencing the secret name:\n\n   ```\n   {{ $secrets.<vault-name>.<secret-name> }}\n   ```\n\n   `<vault-name>` is the one you entered when you added the store. Replace `<secret-name>` with the name as it appears in your vault.\n\n## Using external secrets with n8n environments\n\nn8n's [Source control and environments](../source-control-environments/) feature allows you to create different n8n environments, backed by Git. The feature doesn't support using different credentials in different instances. You can use an external secrets vault to provide different credentials for different environments by connecting each n8n instance to a different vault or project environment. \\\nFor example, you have two n8n instances, one for development and one for production. In your secrets provider, create a project with two environments, development and production. Generate a token for each environment of your secrets provider. Use the token for the development environment to connect your development n8n instance, and the token for your production environment to connect your production n8n instance.\n\n## Using external secrets in projects\n\nTo use external secrets in an [RBAC project](../user-management/rbac/), you must have an [instance owner or instance admin](../user-management/account-types/) as a member of the project.\n\nYou can restrict usage of a vault to a specific project using [share vault](#share-vault). A vault assigned to a project is only usable within this project's credentials.\n\n## Troubleshooting\n\n### Only set external secrets on credentials owned by an instance owner or admin\n\nDue to the permissions that instance owners and admins have, it's possible for owners and admins to update credentials owned by another user with a secrets expression. This will appear to work in preview for an instance owner or admin, but the secret won't resolve when the workflow runs in production.\n\nOnly use external secrets for credentials that are owned by an instance admin or owner. This ensures they resolve correctly in production.\n",
-        "excerpt": "# External secrets  Feature availability  - External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans. - n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault. - From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider. - n8n doesn't suppor...",
+        "markdown": "# External secrets\n\nFeature availability\n\n- External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans.\n- n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault.\n- From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider.\n- From version `2.13.0`, if enabled, project editors can use external secrets within their projects, and project admins can also manage project vaults.\n- n8n doesn't support [HashiCorp Vault Secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\nInfisical deprecation\n\nInfisical is deprecated. From version 2.10.0, you can't connect new Infisical vaults. Existing ones remain for now.\n\nYou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in its database, and restricts access to them by default. With the external secrets feature, you can store sensitive credential information in an external vault, and have n8n load it in when required. This provides an extra layer of security and allows you to manage credentials used across multiple [n8n environments](../source-control-environments/) in one central place.\n\n## Connect n8n to your secrets store\n\nSecret values\n\nn8n only supports plaintext values for secrets, not JSON objects.\n\n1. In n8n, go to **Settings** > **External Secrets**.\n1. Click **Add secrets vault**.\n1. Enter a unique name for your vault. This will be the first segment when referencing this vault in a `{{ $secrets.<vault-name>... }}` expression in a credential.\n1. Select one of the supported secret providers.\n1. Enter the credentials for your provider. Refer to the provider-specific sections below for details.\n1. **Save** your configuration.\n\nAs long as this store is connected, you can reference its secrets in credentials.\n\n### 1Password\n\n1Password Connect Server required\n\nn8n integrates with [1Password Connect Server](https://developer.1password.com/docs/connect/get-started/), a self-hosted API for machine access to 1Password. This isn't the same as a personal or team 1Password account. You must deploy and run a Connect Server to use this provider.\n\nProvide your **Connect Server URL** and **Access Token**. The Connect Server URL is the address where your server is accessible (for example, `http://localhost:8080`). The Access Token is the token you created for the Connect Server integration.\n\nn8n reads all vaults and items accessible to the token. Each 1Password item becomes a secret, with the item's fields accessible as properties. Use `{{ $secrets.<vault-name>.<item-title>.<field-label> }}` to access a specific field value.\n\n### AWS Secrets Manager\n\nProvide your **access key ID**, **secret access key**, and **region**. The IAM user must have the `secretsmanager:ListSecrets`, `secretsmanager:BatchGetSecretValue`, and `secretsmanager:GetSecretValue` permissions.\n\nTo give n8n access to all secrets in your AWS Secrets Manager, you can attach the following policy to the IAM user:\n\n```\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"AccessAllSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:ListSecrets\",\n\t\t\t\t\"secretsmanager:BatchGetSecretValue\",\n\t\t\t\t\"secretsmanager:GetResourcePolicy\",\n\t\t\t\t\"secretsmanager:GetSecretValue\",\n\t\t\t\t\"secretsmanager:DescribeSecret\",\n\t\t\t\t\"secretsmanager:ListSecretVersionIds\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t}\n\t]\n}\n```\n\nYou can also be more restrictive and give n8n access to select specific AWS Secret Manager secrets. You still need to allow the `secretsmanager:ListSecrets` and `secretsmanager:BatchGetSecretValue` permissions to access all resources. These permissions allow n8n to retrieve ARN-scoped secrets, but don't provide access to the secret values.\n\nNext, you need set the scope for the `secretsmanager:GetSecretValue` permission to the specific Amazon Resource Names (ARNs) for the secrets you wish to share with n8n. Ensure you use the correct region and account ID in each resource ARNs. You can find the ARN details in the AWS dashboard for your secrets.\n\nFor example, the following IAM policy only allows access to secrets with a name starting with `n8n` in your specified AWS account and region:\n\n```\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Sid\": \"ListingSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:ListSecrets\",\n\t\t\t\t\"secretsmanager:BatchGetSecretValue\"\n\t\t\t],\n\t\t\t\"Resource\": \"*\"\n\t\t},\n\t\t{\n\t\t\t\"Sid\": \"RetrievingSecrets\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Action\": [\n\t\t\t\t\"secretsmanager:GetSecretValue\",\n\t\t\t\t\"secretsmanager:DescribeSecret\"\n\t\t\t],\n\t\t\t\"Resource\": [\n\t\t\t\t\"arn:aws:secretsmanager:us-west-2:123456789000:secret:n8n*\"\n\t\t\t]\n\t\t}\n\t]\n}\n```\n\nFor more IAM permission policy examples, consult the [AWS documentation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_iam-policies.html#auth-and-access_examples_batch).\n\n### Azure Key Vault\n\nProvide your **vault name**, **tenant ID**, **client ID**, and **client secret**. Refer to the Azure documentation to [register a Microsoft Entra ID app and create a service principal](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal). n8n supports only single-line values for secrets.\n\n### GCP Secrets Manager\n\nProvide a **Service Account Key** (JSON) for a service account that has at least these roles: `Secret Manager Secret Accessor` and `Secret Manager Secret Viewer`. Refer to Google's [service account documentation](https://cloud.google.com/iam/docs/service-account-overview) for more information.\n\n### HashiCorp Vault\n\nProvide the **Vault URL** for your vault instance, and select your **Authentication Method**. Enter your authentication details. Optionally provide a namespace.\n\n- Refer to the HashiCorp documentation for your authentication method:\n  - [Token auth method](https://developer.hashicorp.com/vault/docs/auth/token)\n  - [AppRole auth method](https://developer.hashicorp.com/vault/docs/auth/approle)\n  - [Userpass auth method](https://developer.hashicorp.com/vault/docs/auth/userpass)\n- If you use vault namespaces, you can enter the namespace n8n should connect to. Refer to [Vault Enterprise namespaces](https://developer.hashicorp.com/vault/docs/enterprise/namespaces) for more information on HashiCorp Vault namespaces.\n\n#### Manual KV mount configuration\n\nBy default, n8n autodiscovers KV secret engines by reading `sys/mounts`. If your Vault token doesn't have access to `sys/mounts`, you can manually specify the KV engine mount path and version instead:\n\n- **KV Mount Path**: The mount path of your KV secret engine (for example, `secret/`). When set, n8n skips `sys/mounts` autodiscovery and uses this path directly. Leave blank to use autodiscovery.\n- **KV Version**: The KV engine version (`v1` or `v2`). Defaults to `v2`. Only applies when you specify a **KV Mount Path**.\n\nYour Vault token still needs read and list access to the KV path itself. The following example shows a minimal Vault policy for a KV v2 mount at `secret/`:\n\n```\n# Read and list secrets at the \"secret/\" KV v2 mount\npath \"secret/data/*\" {\n  capabilities = [\"read\"]\n}\npath \"secret/metadata/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\nFor KV v1, you only need a single policy path:\n\n```\n# Read and list secrets at the \"kv/\" KV v1 mount\npath \"kv/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\n## Share vault\n\nBy default, a secrets vault is **global**: users across the instance can use credentials that reference secrets from that vault.\n\nInstance admins can share a vault with a specific [project](../user-management/rbac/projects/). Once you assign a vault to a project, only that project’s credentials can reference its secrets. You can choose to tie a vault to a single project or keep it global.\n\nTo change the vault scope:\n\n1. In n8n, go to **Settings** > **External Secrets**.\n1. Find the vault you want to configure and select **Edit**.\n1. Under **Share**, choose one of the following:\n   - **Global**: Share this vault across your entire n8n instance. This allows credentials across the instance to reference these secrets.\n   - **Project**: Restrict this vault to a specific project. Choosing a project limits secret access to only that project's credentials.\n1. **Save** your configuration.\n\n## Use secrets in n8n credentials\n\nTo use a secret from your store in an n8n credential:\n\n1. Create a new credential, or open an existing one.\n\n1. On the field where you want to use a secret:\n\n   1. Hover over the field.\n   1. Select **Expression**.\n\n1. In the field where you want to use a secret, enter an [expression](../glossary/#expression-n8n) referencing the secret name:\n\n   ```\n   {{ $secrets.<vault-name>.<secret-name> }}\n   ```\n\n   `<vault-name>` is the one you entered when you added the store. Replace `<secret-name>` with the name as it appears in your vault.\n\n## Using external secrets with n8n environments\n\nn8n's [Source control and environments](../source-control-environments/) feature allows you to create different n8n environments, backed by Git. The feature doesn't support using different credentials in different instances. You can use an external secrets vault to provide different credentials for different environments by connecting each n8n instance to a different vault or project environment. \\\nFor example, you have two n8n instances, one for development and one for production. In your secrets provider, create a project with two environments, development and production. Generate a token for each environment of your secrets provider. Use the token for the development environment to connect your development n8n instance, and the token for your production environment to connect your production n8n instance.\n\n## Using external secrets in projects\n\nYou can share a vault with a project so that only that project's credentials can reference its secrets. Refer to [Share vault](#share-vault) for setup steps. Project-scoped vaults are available from version `2.11.0`.\n\n### Access for project roles\n\nVersion `2.13.0` and later\n\nBefore version `2.13.0`, using external secrets in an [RBAC project](../user-management/rbac/) required an [instance owner or instance admin](../user-management/account-types/) as a member of the project.\n\nFrom version `2.13.0`, instance owners and admins can grant [project editors](../user-management/rbac/role-types/#project-editor) and [project admins](../user-management/rbac/role-types/#project-admin) access to external secrets.\n\nTo enable this:\n\n1. Go to **Settings** > **External Secrets**.\n1. Turn on **Enable external secrets for project roles**.\n\nWhen enabled, **Project Editors** can:\n\n- View available external secret vaults shared with the project (in **Project** > **Settings**).\n- Use secrets from the project's vaults in credentials.\n\n**Project Admins** get the same access, plus they can:\n\n- Create new vaults for the project (in **Project** > **Settings**).\n- Update and delete vaults assigned to the project.\n\nGlobal vault access\n\nGlobal vaults created in **Settings** > **External Secrets** are visible in **Project** > **Settings** but are read-only for project roles. Only instance admins can modify or delete global vaults.\n\n### Custom roles\n\nFor more fine-grained access control, instance owners and admins can create a [custom project role](../user-management/rbac/custom-roles/). Go to **Settings** > **Project roles** > **Create role**. In the list of permissions, configure:\n\n- **Secrets vaults**: Controls vault management (create, view, edit, delete, and sync vaults).\n- **Secrets**: Controls whether the role can use secrets in credential expressions.\n\nBoth permissions are independent. For example, a role may need only the **Secrets** permission to use secrets in credentials without managing vaults. Refer to [Secret vault scopes](../user-management/rbac/custom-roles/#secret-vault-scopes) for the full list of available scopes.\n\n## Troubleshooting\n\n### Secrets don't resolve in production\n\nVersion `2.13.0` and later\n\nFrom version `2.13.0`, project editors and admins with [secrets access enabled](#access-for-project-roles) can use external secrets in their own credentials. The restriction below applies only to older versions or when the opt-in toggle is off.\n\nIn versions before `2.13.0` (or when **Enable external secrets for project roles** is off), only instance owners and admins can resolve secrets at runtime. If an owner or admin updates another user's credential with a secrets expression, it may appear to work in preview but fail in production.\n\nIn this case, only use external secrets in credentials owned by an instance owner or admin.\n",
+        "excerpt": "# External secrets  Feature availability  - External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans. - n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault. - From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider. - From version `2.13...",
         "sections": [
           {
             "title": "External secrets",
             "level": 1,
-            "content": "Feature availability\n\n- External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans.\n- n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault.\n- From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider.\n- n8n doesn't support [HashiCorp Vault Secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\nInfisical deprecation\n\nInfisical is deprecated. From version 2.10.0, you can't connect new Infisical vaults. Existing ones remain for now.\n\nYou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in its database, and restricts access to them by default. With the external secrets feature, you can store sensitive credential information in an external v"
+            "content": "Feature availability\n\n- External secrets are available on Enterprise Self-hosted and Enterprise Cloud plans.\n- n8n supports the following secret providers: 1Password (via [Connect Server](https://developer.1password.com/docs/connect/get-started/)), AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, and HashiCorp Vault.\n- From n8n version 2.10.0 you can connect multiple vaults per secret provider. Older versions only support one vault per provider.\n- From version `2.13.0`, if enabled, project editors can use external secrets within their projects, and project admins can also manage project vaults.\n- n8n doesn't support [HashiCorp Vault Secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\nInfisical deprecation\n\nInfisical is deprecated. From version 2.10.0, you can't connect new Infisical vaults. Existing ones remain for now.\n\nYou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in i"
           },
           {
             "title": "Read and list secrets at the \"secret/\" KV v2 mount",
@@ -1838,74 +1838,76 @@
           "with",
           "environments",
           "projects",
+          "access",
+          "project",
+          "roles",
+          "custom",
           "troubleshooting",
-          "only",
-          "owned",
-          "instance",
-          "owner",
-          "admin"
+          "don't",
+          "resolve",
+          "production"
         ],
         "useCases": [],
         "operations": [],
         "codeExamples": 5,
         "complexity": "intermediate",
-        "readingTime": "8 min",
-        "contentLength": 10675,
+        "readingTime": "9 min",
+        "contentLength": 12792,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "external secrets # external secrets\n\nfeature availability\n\n- external secrets are available on enterprise self-hosted and enterprise cloud plans.\n- n8n supports the following secret providers: 1password (via [connect server](https://developer.1password.com/docs/connect/get-started/)), aws secrets manager, azure key vault, gcp secrets manager, and hashicorp vault.\n- from n8n version 2.10.0 you can connect multiple vaults per secret provider. older versions only support one vault per provider.\n- n8n doesn't support [hashicorp vault secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\ninfisical deprecation\n\ninfisical is deprecated. from version 2.10.0, you can't connect new infisical vaults. existing ones remain for now.\n\nyou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in its database, and restricts access to them by default. with the external secrets feature, you can store sensitive credential information in an external vault, and have n8n load it in when required. this provides an extra layer of security and allows you to manage credentials used across multiple [n8n environments](../source-control-environments/) in one central place.\n\n## connect n8n to your secrets store\n\nsecret values\n\nn8n only supports plaintext values for secrets, not json objects.\n\n1. in n8n, go to **settings** > **external secrets**.\n1. click **add secrets vault**.\n1. enter a unique name for your vault. this will be the first segment when referencing this vault in a `{{ $secrets.<vault-name>... }}` expression in a credential.\n1. select one of the supported secret providers.\n1. enter the credentials for your provider. refer to the provider-specific sections below for details.\n1. **save** your configuration.\n\nas long as this store is connected, you can reference its secrets in credentials.\n\n### 1password\n\n1password connect server required\n\nn8n integrates with [1password connect server](https://developer.1password.com/docs/connect/get-started/), a self-hosted api for machine access to 1password. this isn't the same as a personal or team 1password account. you must deploy and run a connect server to use this provider.\n\nprovide your **connect server url** and **access token**. the connect server url is the address where your server is accessible (for example, `http://localhost:8080`). the access token is the token you created for the connect server integration.\n\nn8n reads all vaults and items accessible to the token. each 1password item becomes a secret, with the item's fields accessible as properties. use `{{ $secrets.<vault-name>.<item-title>.<field-label> }}` to access a specific field value.\n\n### aws secrets manager\n\nprovide your **access key id**, **secret access key**, and **region**. the iam user must have the `secretsmanager:listsecrets`, `secretsmanager:batchgetsecretvalue`, and `secretsmanager:getsecretvalue` permissions.\n\nto give n8n access to all secrets in your aws secrets manager, you can attach the following policy to the iam user:\n\n```\n{\n\t\"version\": \"2012-10-17\",\n\t\"statement\": [\n\t\t{\n\t\t\t\"sid\": \"accessallsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:listsecrets\",\n\t\t\t\t\"secretsmanager:batchgetsecretvalue\",\n\t\t\t\t\"secretsmanager:getresourcepolicy\",\n\t\t\t\t\"secretsmanager:getsecretvalue\",\n\t\t\t\t\"secretsmanager:describesecret\",\n\t\t\t\t\"secretsmanager:listsecretversionids\"\n\t\t\t],\n\t\t\t\"resource\": \"*\"\n\t\t}\n\t]\n}\n```\n\nyou can also be more restrictive and give n8n access to select specific aws secret manager secrets. you still need to allow the `secretsmanager:listsecrets` and `secretsmanager:batchgetsecretvalue` permissions to access all resources. these permissions allow n8n to retrieve arn-scoped secrets, but don't provide access to the secret values.\n\nnext, you need set the scope for the `secretsmanager:getsecretvalue` permission to the specific amazon resource names (arns) for the secrets you wish to share with n8n. ensure you use the correct region and account id in each resource arns. you can find the arn details in the aws dashboard for your secrets.\n\nfor example, the following iam policy only allows access to secrets with a name starting with `n8n` in your specified aws account and region:\n\n```\n{\n\t\"version\": \"2012-10-17\",\n\t\"statement\": [\n\t\t{\n\t\t\t\"sid\": \"listingsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:listsecrets\",\n\t\t\t\t\"secretsmanager:batchgetsecretvalue\"\n\t\t\t],\n\t\t\t\"resource\": \"*\"\n\t\t},\n\t\t{\n\t\t\t\"sid\": \"retrievingsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:getsecretvalue\",\n\t\t\t\t\"secretsmanager:describesecret\"\n\t\t\t],\n\t\t\t\"resource\": [\n\t\t\t\t\"arn:aws:secretsmanager:us-west-2:123456789000:secret:n8n*\"\n\t\t\t]\n\t\t}\n\t]\n}\n```\n\nfor more iam permission policy examples, consult the [aws documentation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_iam-policies.html#auth-and-access_examples_batch).\n\n### azure key vault\n\nprovide your **vault name**, **tenant id**, **client id**, and **client secret**. refer to the azure documentation to [register a microsoft entra id app and create a service principal](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal). n8n supports only single-line values for secrets.\n\n### gcp secrets manager\n\nprovide a **service account key** (json) for a service account that has at least these roles: `secret manager secret accessor` and `secret manager secret viewer`. refer to google's [service account documentation](https://cloud.google.com/iam/docs/service-account-overview) for more information.\n\n### hashicorp vault\n\nprovide the **vault url** for your vault instance, and select your **authentication method**. enter your authentication details. optionally provide a namespace.\n\n- refer to the hashicorp documentation for your authentication method:\n  - [token auth method](https://developer.hashicorp.com/vault/docs/auth/token)\n  - [approle auth method](https://developer.hashicorp.com/vault/docs/auth/approle)\n  - [userpass auth method](https://developer.hashicorp.com/vault/docs/auth/userpass)\n- if you use vault namespaces, you can enter the namespace n8n should connect to. refer to [vault enterprise namespaces](https://developer.hashicorp.com/vault/docs/enterprise/namespaces) for more information on hashicorp vault namespaces.\n\n#### manual kv mount configuration\n\nby default, n8n autodiscovers kv secret engines by reading `sys/mounts`. if your vault token doesn't have access to `sys/mounts`, you can manually specify the kv engine mount path and version instead:\n\n- **kv mount path**: the mount path of your kv secret engine (for example, `secret/`). when set, n8n skips `sys/mounts` autodiscovery and uses this path directly. leave blank to use autodiscovery.\n- **kv version**: the kv engine version (`v1` or `v2`). defaults to `v2`. only applies when you specify a **kv mount path**.\n\nyour vault token still needs read and list access to the kv path itself. the following example shows a minimal vault policy for a kv v2 mount at `secret/`:\n\n```\n# read and list secrets at the \"secret/\" kv v2 mount\npath \"secret/data/*\" {\n  capabilities = [\"read\"]\n}\npath \"secret/metadata/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\nfor kv v1, you only need a single policy path:\n\n```\n# read and list secrets at the \"kv/\" kv v1 mount\npath \"kv/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\n## share vault\n\nby default, a secrets vault is **global**: users across the instance can use credentials that reference secrets from that vault.\n\ninstance admins can restrict a vault to a specific [project](../user-management/rbac/projects/). once you assign a vault to a project, only that project’s credentials can reference its secrets. you can choose to tie a vault to a single project or keep it global.\n\nto assign the scope:\n\n1. in n8n, go to **settings** > **external secrets**.\n1. find the vault you want to configure and select **edit**.\n1. under **share**, choose one of the following:\n   - **global**: share this vault across your entire n8n instance. this allows credentials across the instance to reference these secrets.\n   - **project**: restrict this vault to a specific project. choosing a project limits secret access to only that project's credentials.\n1. **save** your configuration.\n\n## use secrets in n8n credentials\n\nto use a secret from your store in an n8n credential:\n\n1. create a new credential, or open an existing one.\n\n1. on the field where you want to use a secret:\n\n   1. hover over the field.\n   1. select **expression**.\n\n1. in the field where you want to use a secret, enter an [expression](../glossary/#expression-n8n) referencing the secret name:\n\n   ```\n   {{ $secrets.<vault-name>.<secret-name> }}\n   ```\n\n   `<vault-name>` is the one you entered when you added the store. replace `<secret-name>` with the name as it appears in your vault.\n\n## using external secrets with n8n environments\n\nn8n's [source control and environments](../source-control-environments/) feature allows you to create different n8n environments, backed by git. the feature doesn't support using different credentials in different instances. you can use an external secrets vault to provide different credentials for different environments by connecting each n8n instance to a different vault or project environment. \\\nfor example, you have two n8n instances, one for development and one for production. in your secrets provider, create a project with two environments, development and production. generate a token for each environment of your secrets provider. use the token for the development environment to connect your development n8n instance, and the token for your production environment to connect your production n8n instance.\n\n## using external secrets in projects\n\nto use external secrets in an [rbac project](../user-management/rbac/), you must have an [instance owner or instance admin](../user-management/account-types/) as a member of the project.\n\nyou can restrict usage of",
+        "fullText": "external secrets # external secrets\n\nfeature availability\n\n- external secrets are available on enterprise self-hosted and enterprise cloud plans.\n- n8n supports the following secret providers: 1password (via [connect server](https://developer.1password.com/docs/connect/get-started/)), aws secrets manager, azure key vault, gcp secrets manager, and hashicorp vault.\n- from n8n version 2.10.0 you can connect multiple vaults per secret provider. older versions only support one vault per provider.\n- from version `2.13.0`, if enabled, project editors can use external secrets within their projects, and project admins can also manage project vaults.\n- n8n doesn't support [hashicorp vault secrets](https://developer.hashicorp.com/hcp/docs/vault-secrets).\n\ninfisical deprecation\n\ninfisical is deprecated. from version 2.10.0, you can't connect new infisical vaults. existing ones remain for now.\n\nyou can use an external secrets store to manage [credentials](../glossary/#credential-n8n) for n8n.\n\nn8n stores all credentials encrypted in its database, and restricts access to them by default. with the external secrets feature, you can store sensitive credential information in an external vault, and have n8n load it in when required. this provides an extra layer of security and allows you to manage credentials used across multiple [n8n environments](../source-control-environments/) in one central place.\n\n## connect n8n to your secrets store\n\nsecret values\n\nn8n only supports plaintext values for secrets, not json objects.\n\n1. in n8n, go to **settings** > **external secrets**.\n1. click **add secrets vault**.\n1. enter a unique name for your vault. this will be the first segment when referencing this vault in a `{{ $secrets.<vault-name>... }}` expression in a credential.\n1. select one of the supported secret providers.\n1. enter the credentials for your provider. refer to the provider-specific sections below for details.\n1. **save** your configuration.\n\nas long as this store is connected, you can reference its secrets in credentials.\n\n### 1password\n\n1password connect server required\n\nn8n integrates with [1password connect server](https://developer.1password.com/docs/connect/get-started/), a self-hosted api for machine access to 1password. this isn't the same as a personal or team 1password account. you must deploy and run a connect server to use this provider.\n\nprovide your **connect server url** and **access token**. the connect server url is the address where your server is accessible (for example, `http://localhost:8080`). the access token is the token you created for the connect server integration.\n\nn8n reads all vaults and items accessible to the token. each 1password item becomes a secret, with the item's fields accessible as properties. use `{{ $secrets.<vault-name>.<item-title>.<field-label> }}` to access a specific field value.\n\n### aws secrets manager\n\nprovide your **access key id**, **secret access key**, and **region**. the iam user must have the `secretsmanager:listsecrets`, `secretsmanager:batchgetsecretvalue`, and `secretsmanager:getsecretvalue` permissions.\n\nto give n8n access to all secrets in your aws secrets manager, you can attach the following policy to the iam user:\n\n```\n{\n\t\"version\": \"2012-10-17\",\n\t\"statement\": [\n\t\t{\n\t\t\t\"sid\": \"accessallsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:listsecrets\",\n\t\t\t\t\"secretsmanager:batchgetsecretvalue\",\n\t\t\t\t\"secretsmanager:getresourcepolicy\",\n\t\t\t\t\"secretsmanager:getsecretvalue\",\n\t\t\t\t\"secretsmanager:describesecret\",\n\t\t\t\t\"secretsmanager:listsecretversionids\"\n\t\t\t],\n\t\t\t\"resource\": \"*\"\n\t\t}\n\t]\n}\n```\n\nyou can also be more restrictive and give n8n access to select specific aws secret manager secrets. you still need to allow the `secretsmanager:listsecrets` and `secretsmanager:batchgetsecretvalue` permissions to access all resources. these permissions allow n8n to retrieve arn-scoped secrets, but don't provide access to the secret values.\n\nnext, you need set the scope for the `secretsmanager:getsecretvalue` permission to the specific amazon resource names (arns) for the secrets you wish to share with n8n. ensure you use the correct region and account id in each resource arns. you can find the arn details in the aws dashboard for your secrets.\n\nfor example, the following iam policy only allows access to secrets with a name starting with `n8n` in your specified aws account and region:\n\n```\n{\n\t\"version\": \"2012-10-17\",\n\t\"statement\": [\n\t\t{\n\t\t\t\"sid\": \"listingsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:listsecrets\",\n\t\t\t\t\"secretsmanager:batchgetsecretvalue\"\n\t\t\t],\n\t\t\t\"resource\": \"*\"\n\t\t},\n\t\t{\n\t\t\t\"sid\": \"retrievingsecrets\",\n\t\t\t\"effect\": \"allow\",\n\t\t\t\"action\": [\n\t\t\t\t\"secretsmanager:getsecretvalue\",\n\t\t\t\t\"secretsmanager:describesecret\"\n\t\t\t],\n\t\t\t\"resource\": [\n\t\t\t\t\"arn:aws:secretsmanager:us-west-2:123456789000:secret:n8n*\"\n\t\t\t]\n\t\t}\n\t]\n}\n```\n\nfor more iam permission policy examples, consult the [aws documentation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_iam-policies.html#auth-and-access_examples_batch).\n\n### azure key vault\n\nprovide your **vault name**, **tenant id**, **client id**, and **client secret**. refer to the azure documentation to [register a microsoft entra id app and create a service principal](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal). n8n supports only single-line values for secrets.\n\n### gcp secrets manager\n\nprovide a **service account key** (json) for a service account that has at least these roles: `secret manager secret accessor` and `secret manager secret viewer`. refer to google's [service account documentation](https://cloud.google.com/iam/docs/service-account-overview) for more information.\n\n### hashicorp vault\n\nprovide the **vault url** for your vault instance, and select your **authentication method**. enter your authentication details. optionally provide a namespace.\n\n- refer to the hashicorp documentation for your authentication method:\n  - [token auth method](https://developer.hashicorp.com/vault/docs/auth/token)\n  - [approle auth method](https://developer.hashicorp.com/vault/docs/auth/approle)\n  - [userpass auth method](https://developer.hashicorp.com/vault/docs/auth/userpass)\n- if you use vault namespaces, you can enter the namespace n8n should connect to. refer to [vault enterprise namespaces](https://developer.hashicorp.com/vault/docs/enterprise/namespaces) for more information on hashicorp vault namespaces.\n\n#### manual kv mount configuration\n\nby default, n8n autodiscovers kv secret engines by reading `sys/mounts`. if your vault token doesn't have access to `sys/mounts`, you can manually specify the kv engine mount path and version instead:\n\n- **kv mount path**: the mount path of your kv secret engine (for example, `secret/`). when set, n8n skips `sys/mounts` autodiscovery and uses this path directly. leave blank to use autodiscovery.\n- **kv version**: the kv engine version (`v1` or `v2`). defaults to `v2`. only applies when you specify a **kv mount path**.\n\nyour vault token still needs read and list access to the kv path itself. the following example shows a minimal vault policy for a kv v2 mount at `secret/`:\n\n```\n# read and list secrets at the \"secret/\" kv v2 mount\npath \"secret/data/*\" {\n  capabilities = [\"read\"]\n}\npath \"secret/metadata/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\nfor kv v1, you only need a single policy path:\n\n```\n# read and list secrets at the \"kv/\" kv v1 mount\npath \"kv/*\" {\n  capabilities = [\"read\", \"list\"]\n}\n```\n\n## share vault\n\nby default, a secrets vault is **global**: users across the instance can use credentials that reference secrets from that vault.\n\ninstance admins can share a vault with a specific [project](../user-management/rbac/projects/). once you assign a vault to a project, only that project’s credentials can reference its secrets. you can choose to tie a vault to a single project or keep it global.\n\nto change the vault scope:\n\n1. in n8n, go to **settings** > **external secrets**.\n1. find the vault you want to configure and select **edit**.\n1. under **share**, choose one of the following:\n   - **global**: share this vault across your entire n8n instance. this allows credentials across the instance to reference these secrets.\n   - **project**: restrict this vault to a specific project. choosing a project limits secret access to only that project's credentials.\n1. **save** your configuration.\n\n## use secrets in n8n credentials\n\nto use a secret from your store in an n8n credential:\n\n1. create a new credential, or open an existing one.\n\n1. on the field where you want to use a secret:\n\n   1. hover over the field.\n   1. select **expression**.\n\n1. in the field where you want to use a secret, enter an [expression](../glossary/#expression-n8n) referencing the secret name:\n\n   ```\n   {{ $secrets.<vault-name>.<secret-name> }}\n   ```\n\n   `<vault-name>` is the one you entered when you added the store. replace `<secret-name>` with the name as it appears in your vault.\n\n## using external secrets with n8n environments\n\nn8n's [source control and environments](../source-control-environments/) feature allows you to create different n8n environments, backed by git. the feature doesn't support using different credentials in different instances. you can use an external secrets vault to provide different credentials for different environments by connecting each n8n instance to a different vault or project environment. \\\nfor example, you have two n8n instances, one for development and one for production. in your secrets provider, create a project with two environments, development and production. generate a token for each environment of your secrets provider. use the token for the development environment to connect your development n8n instance, and the token for your production environment to connect your production n8n instance.\n\n## using external secrets in projects\n\nyou can share a vault with a project so that only that p",
         "importantTerms": [
           "secrets",
           "vault",
+          "project",
           "secret",
           "your",
+          "external",
+          "access",
           "secretsmanager",
           "credentials",
-          "external",
           "connect",
-          "access",
-          "project",
+          "only",
           "instance",
+          "version",
+          "vaults",
+          "with",
           "this",
-          "only",
           "name",
           "token",
           "https",
           "hashicorp",
-          "with",
+          "user",
+          "roles",
           "mount",
           "path",
           "docs",
+          "from",
+          "admins",
+          "create",
+          "read",
+          "list",
           "server",
           "manager",
+          "when",
           "environments",
+          "settings",
           "account",
           "provide",
+          "share",
           "auth",
-          "read",
+          "management",
           "developer",
-          "version",
           "provider",
-          "specific",
-          "that",
-          "list",
-          "store",
-          "have",
-          "when",
-          "user",
-          "share",
-          "service",
-          "different",
-          "production",
-          "following",
           "credential",
-          "enter",
-          "expression",
-          "select",
           "refer",
+          "that",
+          "rbac",
+          "store",
+          "specific",
           "example",
-          "field"
+          "service"
         ]
       }
     },
@@ -2183,13 +2185,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Insights\n\nInsights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:\n\n- [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the overview space.\n- [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-workflow): For each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nFeature availability\n\nThe insights summary banner displays activity from the last 7 days for all plans. The insights dashboard is only available on Pro (with limited date ranges) and Enterprise plans.\n\n## Insights summary banner\n\nn8n collects several metrics for both the insights summary banner and dashboard. They include:\n\n- Total production executions (not including sub-workflow executions or manual executions)\n- Total failed production executions\n- Production execution failure rate\n- Time saved (when set on at least one or more active workflows)\n- Run time average (including wait time from any wait nodes)\n\n## Insights dashboard\n\nThose on the Pro and Enterprise plans can access the **Insights** section from the side navigation. Each metric from the summary banner is also clickable, taking you to the corresponding chart.\n\nThe insights dashboard also has a table showing individual insights from each workflow including total production executions, failed production executions, failure rate, time saved, and run time average.\n\n## Insights time periods\n\nBy default, the insights summary banner and dashboard show a rolling 7 day window with a comparison to the previous period to identify increases or decreases for each metric. On the dashboard, paid plans also display data for other date ranges:\n\n- Pro: 7 and 14 days\n- Enterprise: 24 hours, 7 days, 14 days, 30 days, 90 days, 6 months, 1 year\n\n## Setting the time saved by a workflow\n\nFor each workflow, you can track how much time it saves you. This setting helps you calculate how much time automating a process saves over time vs the manual effort to complete the same task or process.\n\nOnce configured, n8n calculates the amount of time the workflow saves you based on the number of production executions and displays it on the summary banner and insights dashboard.\n\nYou can choose between two methods for calculating time saved:\n\n### Fixed time saved\n\nWith fixed time saved, you set a single time value that applies to every production execution of the workflow, regardless of which path the execution takes.\n\nTo configure fixed time saved:\n\n1. Navigate to the workflow\n1. Select the three dots menu in the top right and select **Settings**\n1. In the **Estimated time saved** dropdown, select **Fixed**\n1. Enter the number of minutes of work each execution saves\n1. Save your settings\n\n### Dynamic time saved\n\nDynamic time saved calculates time savings based on the actual execution path taken, accounting for workflows where different execution paths save different amounts of time.\n\nTo configure dynamic time saved:\n\n1. Navigate to the workflow\n1. Select the three dots menu in the top right and select **Settings**\n1. In the **Estimated time saved** dropdown, select **Dynamic**\n1. Save your settings\n1. Add **Time Saved** nodes to your workflow at the points where time is saved\n1. For each Time Saved node, configure:\n   - **Time saved**: The amount of time saved (in minutes)\n   - **Calculation mode**: Choose whether to calculate the time saved once for all items in an execution, or per item which will multiply minutes saved by the total number of input items\n\nWhen you use dynamic time saved, n8n adds up the time from all Time Saved nodes that execute during a workflow run to calculate the total time saved for that execution.\n\nSubworkflow support\n\nTime saved tracking currently only works on parent workflows. Time saved from subworkflows isn't currently supported, with plans to support this in a future release.\n\n## Disable or configure insights metrics collection\n\nIf you self-host n8n, you can disable or configure insights and metrics collection using [environment variables](../hosting/configuration/environment-variables/insights/).\n\n## Insights FAQs\n\n### Which executions do n8n use to calculate the values in the insights banner and dashboard?\n\nn8n insights only collects data from production executions (for example, those from active workflows triggered on a schedule or a webhook) from the main (parent) workflow. This means that it doesn't count manual (test) executions or executions from sub-workflows or error workflows.\n\n### Does n8n use historic execution data when upgrading to a version with insights?\n\nn8n only starts collecting data for insights once you update to the first supported version (1.89.0). This means it only reports on executions from that point forward and you won't see execution data in insights from prior periods.\n",
-        "excerpt": "# Insights  Insights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:  - [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the overview space. - [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons. - [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-workflo...",
+        "markdown": "# Insights\n\nInsights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:\n\n- [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the **Overview** space.\n- [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-workflow): For each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nFeature availability\n\nThe insights summary banner displays activity from the last 7 days for all plans. The insights dashboard is only available on Pro, Business, and Enterprise plans.\n\n## Insights summary banner\n\nn8n collects several metrics for both the insights summary banner and dashboard. They include:\n\n- Total production executions (not including sub-workflow executions or manual executions)\n- Total failed production executions\n- Production execution failure rate\n- Time saved (when set on at least one or more active workflows)\n- Run time average (including wait time from any wait nodes)\n\n## Insights dashboard\n\nAccess the **Insights** section from the side navigation. Each metric from the summary banner is also clickable, taking you to the corresponding chart.\n\nThe insights dashboard also has a table showing individual insights from each workflow including total production executions, failed production executions, failure rate, time saved, and run time average.\n\n## Insights time periods\n\nBy default, the insights summary banner and dashboard show a rolling 7 day window with a comparison to the previous period to identify increases or decreases for each metric. On the dashboard, paid plans also display data for other date ranges:\n\n- Pro: 7 and 14 days\n- Business: 24 hours, 7 days, 14 days, 30 days.\n- Enterprise: 24 hours, 7 days, 14 days, 30 days, 90 days, 6 months, 1 year\n\n## Setting the time saved by a workflow\n\nFor each workflow, you can track how much time it saves you. This setting helps you calculate how much time automating a process saves over time vs the manual effort to complete the same task or process.\n\nOnce configured, n8n calculates the amount of time the workflow saves you based on the number of production executions and displays it on the summary banner and insights dashboard.\n\nYou can choose between two methods for calculating time saved:\n\n### Fixed time saved\n\nWith fixed time saved, you set a single time value that applies to every production execution of the workflow, regardless of which path the execution takes.\n\nTo configure fixed time saved:\n\n1. Navigate to the workflow\n1. Select the three dots menu in the top right and select **Settings**\n1. In the **Estimated time saved** dropdown, select **Fixed**\n1. Enter the number of minutes of work each execution saves\n1. Save your settings\n\n### Dynamic time saved\n\nDynamic time saved calculates time savings based on the actual execution path taken, accounting for workflows where different execution paths save different amounts of time.\n\nTo configure dynamic time saved:\n\n1. Navigate to the workflow\n1. Select the three dots menu in the top right and select **Settings**\n1. In the **Estimated time saved** dropdown, select **Dynamic**\n1. Save your settings\n1. Add **Time Saved** nodes to your workflow at the points where time is saved\n1. For each Time Saved node, configure:\n   - **Time saved**: The amount of time saved (in minutes)\n   - **Calculation mode**: Choose whether to calculate the time saved once for all items in an execution, or per item which will multiply minutes saved by the total number of input items\n\nWhen you use dynamic time saved, n8n adds up the time from all Time Saved nodes that execute during a workflow run to calculate the total time saved for that execution.\n\nSubworkflow support\n\nTime saved tracking currently only works on parent workflows. Time saved from subworkflows isn't currently supported, with plans to support this in a future release.\n\n## Disable or configure insights metrics collection\n\nIf you self-host n8n, you can disable or configure insights and metrics collection using [environment variables](../hosting/configuration/environment-variables/insights/).\n\n## Insights FAQs\n\n### Which executions do n8n use to calculate the values in the insights banner and dashboard?\n\nn8n insights only collects data from production executions (for example, those from active workflows triggered on a schedule or a webhook) from the main (parent) workflow. This means that it doesn't count manual (test) executions or executions from sub-workflows or error workflows.\n\n### Does n8n use historic execution data when upgrading to a version with insights?\n\nn8n only starts collecting data for insights once you update to the first supported version (1.89.0). This means it only reports on executions from that point forward and you won't see execution data in insights from prior periods.\n",
+        "excerpt": "# Insights  Insights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:  - [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the **Overview** space. - [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons. - [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-wor...",
         "sections": [
           {
             "title": "Insights",
             "level": 1,
-            "content": "Insights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:\n\n- [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the overview space.\n- [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-workflow): For each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nFeature availability\n\nThe insights summary banner displays activity from the last 7 days for all plans. The insights dashboard is only available on Pro (with limited date ranges) and Enterprise plans."
+            "content": "Insights gives instance owners and admins visibility into how workflows perform over time. This feature consists of three parts:\n\n- [**Insights summary banner**](#insights-summary-banner): Shows key metrics about your instance from the last 7 days at the top of the **Overview** space.\n- [**Insights dashboard**](#insights-dashboard): A more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**Time saved (Workflow ROI)**](#setting-the-time-saved-by-a-workflow): For each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nFeature availability\n\nThe insights summary banner displays activity from the last 7 days for all plans. The insights dashboard is only available on Pro, Business, and Enterprise plans."
           }
         ]
       },
@@ -2230,12 +2232,12 @@
         "operations": [],
         "codeExamples": 0,
         "complexity": "beginner",
-        "readingTime": "5 min",
-        "contentLength": 5123,
+        "readingTime": "4 min",
+        "contentLength": 5117,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "insights # insights\n\ninsights gives instance owners and admins visibility into how workflows perform over time. this feature consists of three parts:\n\n- [**insights summary banner**](#insights-summary-banner): shows key metrics about your instance from the last 7 days at the top of the overview space.\n- [**insights dashboard**](#insights-dashboard): a more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**time saved (workflow roi)**](#setting-the-time-saved-by-a-workflow): for each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nfeature availability\n\nthe insights summary banner displays activity from the last 7 days for all plans. the insights dashboard is only available on pro (with limited date ranges) and enterprise plans.\n\n## insights summary banner\n\nn8n collects several metrics for both the insights summary banner and dashboard. they include:\n\n- total production executions (not including sub-workflow executions or manual executions)\n- total failed production executions\n- production execution failure rate\n- time saved (when set on at least one or more active workflows)\n- run time average (including wait time from any wait nodes)\n\n## insights dashboard\n\nthose on the pro and enterprise plans can access the **insights** section from the side navigation. each metric from the summary banner is also clickable, taking you to the corresponding chart.\n\nthe insights dashboard also has a table showing individual insights from each workflow including total production executions, failed production executions, failure rate, time saved, and run time average.\n\n## insights time periods\n\nby default, the insights summary banner and dashboard show a rolling 7 day window with a comparison to the previous period to identify increases or decreases for each metric. on the dashboard, paid plans also display data for other date ranges:\n\n- pro: 7 and 14 days\n- enterprise: 24 hours, 7 days, 14 days, 30 days, 90 days, 6 months, 1 year\n\n## setting the time saved by a workflow\n\nfor each workflow, you can track how much time it saves you. this setting helps you calculate how much time automating a process saves over time vs the manual effort to complete the same task or process.\n\nonce configured, n8n calculates the amount of time the workflow saves you based on the number of production executions and displays it on the summary banner and insights dashboard.\n\nyou can choose between two methods for calculating time saved:\n\n### fixed time saved\n\nwith fixed time saved, you set a single time value that applies to every production execution of the workflow, regardless of which path the execution takes.\n\nto configure fixed time saved:\n\n1. navigate to the workflow\n1. select the three dots menu in the top right and select **settings**\n1. in the **estimated time saved** dropdown, select **fixed**\n1. enter the number of minutes of work each execution saves\n1. save your settings\n\n### dynamic time saved\n\ndynamic time saved calculates time savings based on the actual execution path taken, accounting for workflows where different execution paths save different amounts of time.\n\nto configure dynamic time saved:\n\n1. navigate to the workflow\n1. select the three dots menu in the top right and select **settings**\n1. in the **estimated time saved** dropdown, select **dynamic**\n1. save your settings\n1. add **time saved** nodes to your workflow at the points where time is saved\n1. for each time saved node, configure:\n   - **time saved**: the amount of time saved (in minutes)\n   - **calculation mode**: choose whether to calculate the time saved once for all items in an execution, or per item which will multiply minutes saved by the total number of input items\n\nwhen you use dynamic time saved, n8n adds up the time from all time saved nodes that execute during a workflow run to calculate the total time saved for that execution.\n\nsubworkflow support\n\ntime saved tracking currently only works on parent workflows. time saved from subworkflows isn't currently supported, with plans to support this in a future release.\n\n## disable or configure insights metrics collection\n\nif you self-host n8n, you can disable or configure insights and metrics collection using [environment variables](../hosting/configuration/environment-variables/insights/).\n\n## insights faqs\n\n### which executions do n8n use to calculate the values in the insights banner and dashboard?\n\nn8n insights only collects data from production executions (for example, those from active workflows triggered on a schedule or a webhook) from the main (parent) workflow. this means that it doesn't count manual (test) executions or executions from sub-workflows or error workflows.\n\n### does n8n use historic execution data when upgrading to a version with insights?\n\nn8n only starts collecting data for insights once you update to the first supported version (1.89.0). this means it only reports on executions from that point forward and you won't see execution data in insights from prior periods.\n insights",
+        "fullText": "insights # insights\n\ninsights gives instance owners and admins visibility into how workflows perform over time. this feature consists of three parts:\n\n- [**insights summary banner**](#insights-summary-banner): shows key metrics about your instance from the last 7 days at the top of the **overview** space.\n- [**insights dashboard**](#insights-dashboard): a more detailed visual breakdown with per-workflow metrics and historical comparisons.\n- [**time saved (workflow roi)**](#setting-the-time-saved-by-a-workflow): for each workflow, you can choose to set a fixed amount of time saved per workflow, or dynamically calculate time saved based on the execution path taken on a specific workflow.\n\nfeature availability\n\nthe insights summary banner displays activity from the last 7 days for all plans. the insights dashboard is only available on pro, business, and enterprise plans.\n\n## insights summary banner\n\nn8n collects several metrics for both the insights summary banner and dashboard. they include:\n\n- total production executions (not including sub-workflow executions or manual executions)\n- total failed production executions\n- production execution failure rate\n- time saved (when set on at least one or more active workflows)\n- run time average (including wait time from any wait nodes)\n\n## insights dashboard\n\naccess the **insights** section from the side navigation. each metric from the summary banner is also clickable, taking you to the corresponding chart.\n\nthe insights dashboard also has a table showing individual insights from each workflow including total production executions, failed production executions, failure rate, time saved, and run time average.\n\n## insights time periods\n\nby default, the insights summary banner and dashboard show a rolling 7 day window with a comparison to the previous period to identify increases or decreases for each metric. on the dashboard, paid plans also display data for other date ranges:\n\n- pro: 7 and 14 days\n- business: 24 hours, 7 days, 14 days, 30 days.\n- enterprise: 24 hours, 7 days, 14 days, 30 days, 90 days, 6 months, 1 year\n\n## setting the time saved by a workflow\n\nfor each workflow, you can track how much time it saves you. this setting helps you calculate how much time automating a process saves over time vs the manual effort to complete the same task or process.\n\nonce configured, n8n calculates the amount of time the workflow saves you based on the number of production executions and displays it on the summary banner and insights dashboard.\n\nyou can choose between two methods for calculating time saved:\n\n### fixed time saved\n\nwith fixed time saved, you set a single time value that applies to every production execution of the workflow, regardless of which path the execution takes.\n\nto configure fixed time saved:\n\n1. navigate to the workflow\n1. select the three dots menu in the top right and select **settings**\n1. in the **estimated time saved** dropdown, select **fixed**\n1. enter the number of minutes of work each execution saves\n1. save your settings\n\n### dynamic time saved\n\ndynamic time saved calculates time savings based on the actual execution path taken, accounting for workflows where different execution paths save different amounts of time.\n\nto configure dynamic time saved:\n\n1. navigate to the workflow\n1. select the three dots menu in the top right and select **settings**\n1. in the **estimated time saved** dropdown, select **dynamic**\n1. save your settings\n1. add **time saved** nodes to your workflow at the points where time is saved\n1. for each time saved node, configure:\n   - **time saved**: the amount of time saved (in minutes)\n   - **calculation mode**: choose whether to calculate the time saved once for all items in an execution, or per item which will multiply minutes saved by the total number of input items\n\nwhen you use dynamic time saved, n8n adds up the time from all time saved nodes that execute during a workflow run to calculate the total time saved for that execution.\n\nsubworkflow support\n\ntime saved tracking currently only works on parent workflows. time saved from subworkflows isn't currently supported, with plans to support this in a future release.\n\n## disable or configure insights metrics collection\n\nif you self-host n8n, you can disable or configure insights and metrics collection using [environment variables](../hosting/configuration/environment-variables/insights/).\n\n## insights faqs\n\n### which executions do n8n use to calculate the values in the insights banner and dashboard?\n\nn8n insights only collects data from production executions (for example, those from active workflows triggered on a schedule or a webhook) from the main (parent) workflow. this means that it doesn't count manual (test) executions or executions from sub-workflows or error workflows.\n\n### does n8n use historic execution data when upgrading to a version with insights?\n\nn8n only starts collecting data for insights once you update to the first supported version (1.89.0). this means it only reports on executions from that point forward and you won't see execution data in insights from prior periods.\n insights",
         "importantTerms": [
           "time",
           "insights",
@@ -2244,20 +2246,19 @@
           "from",
           "executions",
           "execution",
+          "days",
           "dashboard",
           "banner",
           "summary",
           "production",
           "workflows",
-          "days",
           "each",
-          "with",
           "select",
           "this",
           "metrics",
+          "with",
           "fixed",
           "calculate",
-          "plans",
           "only",
           "total",
           "data",
@@ -2265,6 +2266,7 @@
           "configure",
           "dynamic",
           "your",
+          "plans",
           "saves",
           "settings",
           "three",
@@ -2273,7 +2275,6 @@
           "amount",
           "based",
           "path",
-          "enterprise",
           "including",
           "manual",
           "when",
@@ -2884,13 +2885,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Security settings\n\nFeature availability\n\nSecurity settings are available on Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.\n\nSecurity settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nTo access security settings, navigate to **Settings** > **Security**.\n\n## Enforce two-factor authentication\n\nYou can require all users on your instance to set up two-factor authentication (2FA) when they sign in with email and password.\n\nApplies to email and password logins only\n\n2FA enforcement applies to users authenticating with email and password. Users signing in through SSO (SAML or OIDC) aren't affected by this setting.\n\nTo enforce 2FA:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Enforce two-factor authentication** section, toggle the switch on.\n\nWhen you enable this setting:\n\n- All users must set up 2FA before they can continue using the instance.\n- Users who haven't configured 2FA yet are prompted to do so on their next sign-in.\n\nTo stop enforcing 2FA, toggle the switch off. Users who already set up 2FA keep it enabled but new users are no longer required to configure it.\n\nRefer to [Two-factor authentication](../user-management/two-factor-auth/) for more information on how individual users can set up 2FA.\n\n## Personal space policies\n\nPersonal space policies let instance admins control whether users can share and publish workflows and credentials from their personal spaces.\n\n### Sharing workflows and credentials\n\nControls whether users can share workflows and credentials from their personal space with other users or projects.\n\nTo manage sharing:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Personal Space** section, find **Sharing workflows and credentials**.\n1. Toggle the switch to enable or disable sharing.\n\nWhen you disable sharing:\n\n- Existing shares remain in place. The setting only affects new sharing actions.\n- The number of currently shared workflows and credentials is displayed below the toggle.\n\n### Publishing workflows\n\nControls whether users can publish workflows from their personal space to make them available for execution.\n\nTo manage publishing:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Personal Space** section, find **Publishing workflows**.\n1. Toggle the switch to enable or disable publishing.\n\nWhen you disable publishing:\n\n- Currently published workflows remain published. The setting only affects new publish actions.\n- The number of currently published personal workflows is displayed below the toggle.\n",
-        "excerpt": "# Security settings  Feature availability  Security settings are available on Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.  Security settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.  To access security settings, navigate to **Settings** > **Security**.  ## Enforce two-factor authenti...",
+        "markdown": "# Security settings\n\nFeature availability\n\nSecurity settings are available on Business and Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.\n\nSecurity settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nTo access security settings, navigate to **Settings** > **Security**.\n\n## Enforce two-factor authentication\n\nYou can require all users on your instance to set up two-factor authentication (2FA) when they sign in with email and password.\n\nApplies to email and password logins only\n\n2FA enforcement applies to users authenticating with email and password. Users signing in through SSO (SAML or OIDC) aren't affected by this setting.\n\nTo enforce 2FA:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Enforce two-factor authentication** section, toggle the switch on.\n\nWhen you enable this setting:\n\n- All users must set up 2FA before they can continue using the instance.\n- Users who haven't configured 2FA yet are prompted to do so on their next sign-in.\n\nTo stop enforcing 2FA, toggle the switch off. Users who already set up 2FA keep it enabled but new users are no longer required to configure it.\n\nRefer to [Two-factor authentication](../user-management/two-factor-auth/) for more information on how individual users can set up 2FA.\n\n## Personal space policies\n\nPersonal space policies let instance admins control whether users can share and publish workflows and credentials from their personal spaces.\n\n### Sharing workflows and credentials\n\nControls whether users can share workflows and credentials from their personal space with other users or projects.\n\nTo manage sharing:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Personal Space** section, find **Sharing workflows and credentials**.\n1. Toggle the switch to enable or disable sharing.\n\nWhen you disable sharing:\n\n- Existing shares remain in place. The setting only affects new sharing actions.\n- The number of currently shared workflows and credentials is displayed below the toggle.\n\n### Publishing workflows\n\nControls whether users can publish workflows from their personal space to make them available for execution.\n\nTo manage publishing:\n\n1. Navigate to **Settings** > **Security**.\n1. In the **Personal Space** section, find **Publishing workflows**.\n1. Toggle the switch to enable or disable publishing.\n\nWhen you disable publishing:\n\n- Currently published workflows remain published. The setting only affects new publish actions.\n- The number of currently published personal workflows is displayed below the toggle.\n",
+        "excerpt": "# Security settings  Feature availability  Security settings are available on Business and Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.  Security settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.  To access security settings, navigate to **Settings** > **Security**.  ## Enforce two-fa...",
         "sections": [
           {
             "title": "Security settings",
             "level": 1,
-            "content": "Feature availability\n\nSecurity settings are available on Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.\n\nSecurity settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nTo access security settings, navigate to **Settings** > **Security**."
+            "content": "Feature availability\n\nSecurity settings are available on Business and Enterprise plans. Some settings require specific license features. Settings that aren't available on your plan display an **Upgrade** badge.\n\nSecurity settings let you manage instance-wide security policies. You can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nTo access security settings, navigate to **Settings** > **Security**."
           }
         ]
       },
@@ -2913,12 +2914,12 @@
         "operations": [],
         "codeExamples": 0,
         "complexity": "beginner",
-        "readingTime": "2 min",
-        "contentLength": 2705,
+        "readingTime": "3 min",
+        "contentLength": 2718,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "security settings # security settings\n\nfeature availability\n\nsecurity settings are available on enterprise plans. some settings require specific license features. settings that aren't available on your plan display an **upgrade** badge.\n\nsecurity settings let you manage instance-wide security policies. you can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nto access security settings, navigate to **settings** > **security**.\n\n## enforce two-factor authentication\n\nyou can require all users on your instance to set up two-factor authentication (2fa) when they sign in with email and password.\n\napplies to email and password logins only\n\n2fa enforcement applies to users authenticating with email and password. users signing in through sso (saml or oidc) aren't affected by this setting.\n\nto enforce 2fa:\n\n1. navigate to **settings** > **security**.\n1. in the **enforce two-factor authentication** section, toggle the switch on.\n\nwhen you enable this setting:\n\n- all users must set up 2fa before they can continue using the instance.\n- users who haven't configured 2fa yet are prompted to do so on their next sign-in.\n\nto stop enforcing 2fa, toggle the switch off. users who already set up 2fa keep it enabled but new users are no longer required to configure it.\n\nrefer to [two-factor authentication](../user-management/two-factor-auth/) for more information on how individual users can set up 2fa.\n\n## personal space policies\n\npersonal space policies let instance admins control whether users can share and publish workflows and credentials from their personal spaces.\n\n### sharing workflows and credentials\n\ncontrols whether users can share workflows and credentials from their personal space with other users or projects.\n\nto manage sharing:\n\n1. navigate to **settings** > **security**.\n1. in the **personal space** section, find **sharing workflows and credentials**.\n1. toggle the switch to enable or disable sharing.\n\nwhen you disable sharing:\n\n- existing shares remain in place. the setting only affects new sharing actions.\n- the number of currently shared workflows and credentials is displayed below the toggle.\n\n### publishing workflows\n\ncontrols whether users can publish workflows from their personal space to make them available for execution.\n\nto manage publishing:\n\n1. navigate to **settings** > **security**.\n1. in the **personal space** section, find **publishing workflows**.\n1. toggle the switch to enable or disable publishing.\n\nwhen you disable publishing:\n\n- currently published workflows remain published. the setting only affects new publish actions.\n- the number of currently published personal workflows is displayed below the toggle.\n security settings",
+        "fullText": "security settings # security settings\n\nfeature availability\n\nsecurity settings are available on business and enterprise plans. some settings require specific license features. settings that aren't available on your plan display an **upgrade** badge.\n\nsecurity settings let you manage instance-wide security policies. you can enforce two-factor authentication for all users and control what users can do in their personal spaces.\n\nto access security settings, navigate to **settings** > **security**.\n\n## enforce two-factor authentication\n\nyou can require all users on your instance to set up two-factor authentication (2fa) when they sign in with email and password.\n\napplies to email and password logins only\n\n2fa enforcement applies to users authenticating with email and password. users signing in through sso (saml or oidc) aren't affected by this setting.\n\nto enforce 2fa:\n\n1. navigate to **settings** > **security**.\n1. in the **enforce two-factor authentication** section, toggle the switch on.\n\nwhen you enable this setting:\n\n- all users must set up 2fa before they can continue using the instance.\n- users who haven't configured 2fa yet are prompted to do so on their next sign-in.\n\nto stop enforcing 2fa, toggle the switch off. users who already set up 2fa keep it enabled but new users are no longer required to configure it.\n\nrefer to [two-factor authentication](../user-management/two-factor-auth/) for more information on how individual users can set up 2fa.\n\n## personal space policies\n\npersonal space policies let instance admins control whether users can share and publish workflows and credentials from their personal spaces.\n\n### sharing workflows and credentials\n\ncontrols whether users can share workflows and credentials from their personal space with other users or projects.\n\nto manage sharing:\n\n1. navigate to **settings** > **security**.\n1. in the **personal space** section, find **sharing workflows and credentials**.\n1. toggle the switch to enable or disable sharing.\n\nwhen you disable sharing:\n\n- existing shares remain in place. the setting only affects new sharing actions.\n- the number of currently shared workflows and credentials is displayed below the toggle.\n\n### publishing workflows\n\ncontrols whether users can publish workflows from their personal space to make them available for execution.\n\nto manage publishing:\n\n1. navigate to **settings** > **security**.\n1. in the **personal space** section, find **publishing workflows**.\n1. toggle the switch to enable or disable publishing.\n\nwhen you disable publishing:\n\n- currently published workflows remain published. the setting only affects new publish actions.\n- the number of currently published personal workflows is displayed below the toggle.\n security settings",
         "importantTerms": [
           "users",
           "settings",
@@ -13262,13 +13263,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Self-hosting n8n\n\nThis section provides guidance on setting up n8n for both the Enterprise and Community self-hosted editions. The Community edition is free, the Enterprise edition isn't.\n\nSee [Community edition features](community-edition-features/) for a list of available features.\n\n- **Installation and server setups**\n\n  Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting platforms.\n\n  [Docker installation guide](installation/docker/)\n\n- **Configuration**\n\n  Learn how to configure n8n with environment variables.\n\n  [Environment Variables](configuration/environment-variables/)\n\n- **Users and authentication**\n\n  Choose and set up user authentication for your n8n instance.\n\n  [Authentication](configuration/user-management-self-hosted/)\n\n- **Scaling**\n\n  Manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [Scaling](scaling/queue-mode/)\n\n- **Securing n8n**\n\n  Secure your n8n instance by setting up SSL, SSO, or 2FA or blocking or opting out of some data collection or features.\n\n  [Securing n8n guide](securing/overview/)\n\n- **Starter kits**\n\n  New to n8n or AI? Try our Self-hosted AI Starter Kit. Curated by n8n, it combines the self-hosted n8n platform with compatible AI products and components to get you started building self-hosted AI workflows.\n\n  [Starter kits](starter-kits/ai-starter-kit/)\n\nSelf-hosting knowledge prerequisites\n\nSelf-hosting n8n requires technical knowledge, including:\n\n- Setting up and configuring servers and containers\n- Managing application resources and scaling\n- Securing servers and applications\n- Configuring n8n\n\nn8n recommends self-hosting for expert users. Mistakes can lead to data loss, security issues, and downtime. If you aren't experienced at managing servers, n8n recommends [n8n Cloud](https://n8n.io/cloud/).\n",
-        "excerpt": "# Self-hosting n8n  This section provides guidance on setting up n8n for both the Enterprise and Community self-hosted editions. The Community edition is free, the Enterprise edition isn't.  See [Community edition features](community-edition-features/) for a list of available features.  - **Installation and server setups**    Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting platforms.    [Docker installation guide](installation/docker/)  - **Configuration*...",
+        "markdown": "# Self-hosting n8n\n\nThis section provides guidance on setting up self-hosted n8n. All self-hosted installations use the same core product. Without a license key, n8n runs as the free Community edition. Adding a Business or Enterprise license key enables those editions.\n\nSee [Community edition features](community-edition-features/) for a list of available features.\n\n- **Installation and server setups**\n\n  Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting platforms.\n\n  [Docker installation guide](installation/docker/)\n\n- **Configuration**\n\n  Learn how to configure n8n with environment variables.\n\n  [Environment Variables](configuration/environment-variables/)\n\n- **Users and authentication**\n\n  Choose and set up user authentication for your n8n instance.\n\n  [Authentication](configuration/user-management-self-hosted/)\n\n- **Scaling**\n\n  Manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [Scaling](scaling/queue-mode/)\n\n- **Securing n8n**\n\n  Secure your n8n instance by setting up SSL, SSO, or 2FA or blocking or opting out of some data collection or features.\n\n  [Securing n8n guide](securing/overview/)\n\n- **Starter kits**\n\n  New to n8n or AI? Try our Self-hosted AI Starter Kit. Curated by n8n, it combines the self-hosted n8n platform with compatible AI products and components to get you started building self-hosted AI workflows.\n\n  [Starter kits](starter-kits/ai-starter-kit/)\n\nSelf-hosting knowledge prerequisites\n\nSelf-hosting n8n requires technical knowledge, including:\n\n- Setting up and configuring servers and containers\n- Managing application resources and scaling\n- Securing servers and applications\n- Configuring n8n\n\nn8n recommends self-hosting for expert users. Mistakes can lead to data loss, security issues, and downtime. If you aren't experienced at managing servers, n8n recommends [n8n Cloud](https://n8n.io/cloud/).\n",
+        "excerpt": "# Self-hosting n8n  This section provides guidance on setting up self-hosted n8n. All self-hosted installations use the same core product. Without a license key, n8n runs as the free Community edition. Adding a Business or Enterprise license key enables those editions.  See [Community edition features](community-edition-features/) for a list of available features.  - **Installation and server setups**    Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting pla...",
         "sections": [
           {
             "title": "Self-hosting n8n",
             "level": 1,
-            "content": "This section provides guidance on setting up n8n for both the Enterprise and Community self-hosted editions. The Community edition is free, the Enterprise edition isn't.\n\nSee [Community edition features](community-edition-features/) for a list of available features.\n\n- **Installation and server setups**\n\n  Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting platforms.\n\n  [Docker installation guide](installation/docker/)\n\n- **Configuration**\n\n  Learn how to configure n8n with environment variables.\n\n  [Environment Variables](configuration/environment-variables/)\n\n- **Users and authentication**\n\n  Choose and set up user authentication for your n8n instance.\n\n  [Authentication](configuration/user-management-self-hosted/)\n\n- **Scaling**\n\n  Manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [Scaling](scaling/queue-mode/)\n\n- **Securing n8n**\n\n  Secure your n8n instance by setting up SSL, SSO, or 2FA or blocking or opting out of so"
+            "content": "This section provides guidance on setting up self-hosted n8n. All self-hosted installations use the same core product. Without a license key, n8n runs as the free Community edition. Adding a Business or Enterprise license key enables those editions.\n\nSee [Community edition features](community-edition-features/) for a list of available features.\n\n- **Installation and server setups**\n\n  Install n8n on any platform using npm or Docker. Or follow our guides to popular hosting platforms.\n\n  [Docker installation guide](installation/docker/)\n\n- **Configuration**\n\n  Learn how to configure n8n with environment variables.\n\n  [Environment Variables](configuration/environment-variables/)\n\n- **Users and authentication**\n\n  Choose and set up user authentication for your n8n instance.\n\n  [Authentication](configuration/user-management-self-hosted/)\n\n- **Scaling**\n\n  Manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [Scaling](scaling/queue-mode/)\n\n- **Securing n8n**\n\n  Secure "
           }
         ]
       },
@@ -13283,22 +13284,22 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 1832,
+        "contentLength": 1912,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "overview # self-hosting n8n\n\nthis section provides guidance on setting up n8n for both the enterprise and community self-hosted editions. the community edition is free, the enterprise edition isn't.\n\nsee [community edition features](community-edition-features/) for a list of available features.\n\n- **installation and server setups**\n\n  install n8n on any platform using npm or docker. or follow our guides to popular hosting platforms.\n\n  [docker installation guide](installation/docker/)\n\n- **configuration**\n\n  learn how to configure n8n with environment variables.\n\n  [environment variables](configuration/environment-variables/)\n\n- **users and authentication**\n\n  choose and set up user authentication for your n8n instance.\n\n  [authentication](configuration/user-management-self-hosted/)\n\n- **scaling**\n\n  manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [scaling](scaling/queue-mode/)\n\n- **securing n8n**\n\n  secure your n8n instance by setting up ssl, sso, or 2fa or blocking or opting out of some data collection or features.\n\n  [securing n8n guide](securing/overview/)\n\n- **starter kits**\n\n  new to n8n or ai? try our self-hosted ai starter kit. curated by n8n, it combines the self-hosted n8n platform with compatible ai products and components to get you started building self-hosted ai workflows.\n\n  [starter kits](starter-kits/ai-starter-kit/)\n\nself-hosting knowledge prerequisites\n\nself-hosting n8n requires technical knowledge, including:\n\n- setting up and configuring servers and containers\n- managing application resources and scaling\n- securing servers and applications\n- configuring n8n\n\nn8n recommends self-hosting for expert users. mistakes can lead to data loss, security issues, and downtime. if you aren't experienced at managing servers, n8n recommends [n8n cloud](https://n8n.io/cloud/).\n self-hosting n8n",
+        "fullText": "overview # self-hosting n8n\n\nthis section provides guidance on setting up self-hosted n8n. all self-hosted installations use the same core product. without a license key, n8n runs as the free community edition. adding a business or enterprise license key enables those editions.\n\nsee [community edition features](community-edition-features/) for a list of available features.\n\n- **installation and server setups**\n\n  install n8n on any platform using npm or docker. or follow our guides to popular hosting platforms.\n\n  [docker installation guide](installation/docker/)\n\n- **configuration**\n\n  learn how to configure n8n with environment variables.\n\n  [environment variables](configuration/environment-variables/)\n\n- **users and authentication**\n\n  choose and set up user authentication for your n8n instance.\n\n  [authentication](configuration/user-management-self-hosted/)\n\n- **scaling**\n\n  manage data, modes, and processes to keep n8n running smoothly at scale.\n\n  [scaling](scaling/queue-mode/)\n\n- **securing n8n**\n\n  secure your n8n instance by setting up ssl, sso, or 2fa or blocking or opting out of some data collection or features.\n\n  [securing n8n guide](securing/overview/)\n\n- **starter kits**\n\n  new to n8n or ai? try our self-hosted ai starter kit. curated by n8n, it combines the self-hosted n8n platform with compatible ai products and components to get you started building self-hosted ai workflows.\n\n  [starter kits](starter-kits/ai-starter-kit/)\n\nself-hosting knowledge prerequisites\n\nself-hosting n8n requires technical knowledge, including:\n\n- setting up and configuring servers and containers\n- managing application resources and scaling\n- securing servers and applications\n- configuring n8n\n\nn8n recommends self-hosting for expert users. mistakes can lead to data loss, security issues, and downtime. if you aren't experienced at managing servers, n8n recommends [n8n cloud](https://n8n.io/cloud/).\n self-hosting n8n",
         "importantTerms": [
           "self",
           "hosting",
           "hosted",
           "starter",
-          "community",
-          "edition",
           "features",
           "scaling",
           "securing",
           "setting",
+          "community",
+          "edition",
           "installation",
           "docker",
           "configuration",
@@ -13432,7 +13433,7 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Community Edition Features\n\nThe community edition includes almost the complete feature set of n8n, except for the features listed here.\n\nThe community edition doesn't include these features:\n\n- [Custom Variables](../../code/variables/)\n- [Environments](../../source-control-environments/)\n- [External secrets](../../external-secrets/)\n- [External storage for binary data](../scaling/external-storage/)\n- [Log streaming](../../log-streaming/) ([Logging](../logging-monitoring/logging/) *is* included)\n- [Multi-main mode](../scaling/queue-mode/#multi-main-setup) ([Queue mode](../scaling/queue-mode/) *is* included)\n- [Projects](../../user-management/rbac/projects/)\n- SSO ([SAML](../securing/set-up-sso/), [LDAP](../../user-management/ldap/))\n- Sharing ([workflows](../../workflows/sharing/), [credentials](../../credentials/credential-sharing/)) (Only the instance owner and the user who creates them can access workflows and credentials)\n- [Version control using Git](../../source-control-environments/)\n\nThese features are available on the Enterprise Cloud plan, including the self-hosted Enterprise edition. Some of these features are available on the Starter and Pro Cloud plan.\n\nSee [pricing](https://n8n.io/pricing/) for reference.\n\n## Registered Community Edition\n\nYou can unlock extra features by registering your n8n community edition. You register with your email and receive a license key.\n\nRegistering unlocks these features for the community edition:\n\n- Folders: Organize your workflows into tidy folders\n- [Debug in editor](../../workflows/executions/debug/): Copy and [pin](../../glossary/#data-pinning-n8n) execution data when working on a workflow\n- [Custom execution data](../../workflows/executions/custom-executions-data/): Save, find, and annotate execution metadata\n\nTo register a new community edition instance, select the option during your initial account creation.\n\nTo register an existing community edition instance:\n\n1. Select the **three dots icon** in the lower-left corner.\n1. Select **Settings** and then **Usage and plan**.\n1. Select **Unlock** to enter your email and then select **Send me a free license key**.\n1. Check your email for the account you entered.\n\nOnce you have a license key, activate it by clicking the button in the license email or by visiting **Options > Settings > Usage and plan** and selecting **Enter activation key**.\n\nOnce activated, your license will not expire. We may change the unlocked features in the future. This will not impact previously unlocked features.\n",
+        "markdown": "# Community Edition Features\n\nThe community edition includes almost the complete feature set of n8n, except for the features listed here.\n\nThe community edition doesn't include these features:\n\n- [Custom Variables](../../code/variables/)\n- [Environments](../../source-control-environments/)\n- [External secrets](../../external-secrets/)\n- [External storage for binary data](../scaling/external-storage/)\n- [Log streaming](../../log-streaming/) ([Logging](../logging-monitoring/logging/) *is* included)\n- [Multi-main mode](../scaling/queue-mode/#multi-main-setup) ([Queue mode](../scaling/queue-mode/) *is* included)\n- [Projects](../../user-management/rbac/projects/)\n- SSO ([SAML](../securing/set-up-sso/), [LDAP](../../user-management/ldap/))\n- Sharing ([workflows](../../workflows/sharing/), [credentials](../../credentials/credential-sharing/)) (Only the instance owner and the user who creates them can access workflows and credentials)\n- [Version control using Git](../../source-control-environments/)\n\nThese features are available on: the Enterprise Cloud plan, including the self-hosted Enterprise edition. Some of these features are available on the Starter and Pro Cloud plans, and the Business self-hosted plan.\n\nSee [pricing](https://n8n.io/pricing/) for reference.\n\n## Registered Community Edition\n\nYou can unlock extra features by registering your n8n community edition. You register with your email and receive a license key.\n\nRegistering unlocks these features for the community edition:\n\n- Folders: Organize your workflows into tidy folders\n- [Debug in editor](../../workflows/executions/debug/): Copy and [pin](../../glossary/#data-pinning-n8n) execution data when working on a workflow\n- [Custom execution data](../../workflows/executions/custom-executions-data/): Save, find, and annotate execution metadata\n\nTo register a new community edition instance, select the option during your initial account creation.\n\nTo register an existing community edition instance:\n\n1. Select the **three dots icon** in the lower-left corner.\n1. Select **Settings** and then **Usage and plan**.\n1. Select **Unlock** to enter your email and then select **Send me a free license key**.\n1. Check your email for the account you entered.\n\nOnce you have a license key, activate it by clicking the button in the license email or by visiting **Options > Settings > Usage and plan** and selecting **Enter activation key**.\n\nOnce activated, your license will not expire. We may change the unlocked features in the future. This will not impact previously unlocked features.\n",
         "excerpt": "# Community Edition Features  The community edition includes almost the complete feature set of n8n, except for the features listed here.  The community edition doesn't include these features:  - [Custom Variables](../../code/variables/) - [Environments](../../source-control-environments/) - [External secrets](../../external-secrets/) - [External storage for binary data](../scaling/external-storage/) - [Log streaming](../../log-streaming/) ([Logging](../logging-monitoring/logging/) *is* included...",
         "sections": [
           {
@@ -13455,11 +13456,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 2527,
+        "contentLength": 2564,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "community vs enterprise # community edition features\n\nthe community edition includes almost the complete feature set of n8n, except for the features listed here.\n\nthe community edition doesn't include these features:\n\n- [custom variables](../../code/variables/)\n- [environments](../../source-control-environments/)\n- [external secrets](../../external-secrets/)\n- [external storage for binary data](../scaling/external-storage/)\n- [log streaming](../../log-streaming/) ([logging](../logging-monitoring/logging/) *is* included)\n- [multi-main mode](../scaling/queue-mode/#multi-main-setup) ([queue mode](../scaling/queue-mode/) *is* included)\n- [projects](../../user-management/rbac/projects/)\n- sso ([saml](../securing/set-up-sso/), [ldap](../../user-management/ldap/))\n- sharing ([workflows](../../workflows/sharing/), [credentials](../../credentials/credential-sharing/)) (only the instance owner and the user who creates them can access workflows and credentials)\n- [version control using git](../../source-control-environments/)\n\nthese features are available on the enterprise cloud plan, including the self-hosted enterprise edition. some of these features are available on the starter and pro cloud plan.\n\nsee [pricing](https://n8n.io/pricing/) for reference.\n\n## registered community edition\n\nyou can unlock extra features by registering your n8n community edition. you register with your email and receive a license key.\n\nregistering unlocks these features for the community edition:\n\n- folders: organize your workflows into tidy folders\n- [debug in editor](../../workflows/executions/debug/): copy and [pin](../../glossary/#data-pinning-n8n) execution data when working on a workflow\n- [custom execution data](../../workflows/executions/custom-executions-data/): save, find, and annotate execution metadata\n\nto register a new community edition instance, select the option during your initial account creation.\n\nto register an existing community edition instance:\n\n1. select the **three dots icon** in the lower-left corner.\n1. select **settings** and then **usage and plan**.\n1. select **unlock** to enter your email and then select **send me a free license key**.\n1. check your email for the account you entered.\n\nonce you have a license key, activate it by clicking the button in the license email or by visiting **options > settings > usage and plan** and selecting **enter activation key**.\n\nonce activated, your license will not expire. we may change the unlocked features in the future. this will not impact previously unlocked features.\n community edition features",
+        "fullText": "community vs enterprise # community edition features\n\nthe community edition includes almost the complete feature set of n8n, except for the features listed here.\n\nthe community edition doesn't include these features:\n\n- [custom variables](../../code/variables/)\n- [environments](../../source-control-environments/)\n- [external secrets](../../external-secrets/)\n- [external storage for binary data](../scaling/external-storage/)\n- [log streaming](../../log-streaming/) ([logging](../logging-monitoring/logging/) *is* included)\n- [multi-main mode](../scaling/queue-mode/#multi-main-setup) ([queue mode](../scaling/queue-mode/) *is* included)\n- [projects](../../user-management/rbac/projects/)\n- sso ([saml](../securing/set-up-sso/), [ldap](../../user-management/ldap/))\n- sharing ([workflows](../../workflows/sharing/), [credentials](../../credentials/credential-sharing/)) (only the instance owner and the user who creates them can access workflows and credentials)\n- [version control using git](../../source-control-environments/)\n\nthese features are available on: the enterprise cloud plan, including the self-hosted enterprise edition. some of these features are available on the starter and pro cloud plans, and the business self-hosted plan.\n\nsee [pricing](https://n8n.io/pricing/) for reference.\n\n## registered community edition\n\nyou can unlock extra features by registering your n8n community edition. you register with your email and receive a license key.\n\nregistering unlocks these features for the community edition:\n\n- folders: organize your workflows into tidy folders\n- [debug in editor](../../workflows/executions/debug/): copy and [pin](../../glossary/#data-pinning-n8n) execution data when working on a workflow\n- [custom execution data](../../workflows/executions/custom-executions-data/): save, find, and annotate execution metadata\n\nto register a new community edition instance, select the option during your initial account creation.\n\nto register an existing community edition instance:\n\n1. select the **three dots icon** in the lower-left corner.\n1. select **settings** and then **usage and plan**.\n1. select **unlock** to enter your email and then select **send me a free license key**.\n1. check your email for the account you entered.\n\nonce you have a license key, activate it by clicking the button in the license email or by visiting **options > settings > usage and plan** and selecting **enter activation key**.\n\nonce activated, your license will not expire. we may change the unlocked features in the future. this will not impact previously unlocked features.\n community edition features",
         "importantTerms": [
           "community",
           "edition",
@@ -18810,13 +18811,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Set up Single Sign-On (SSO)\n\nFeature availability\n\n- Available on Enterprise plans.\n- You need to be an instance owner or admin to enable and configure SAML or OIDC.\n\nn8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [Set up SAML](../../../user-management/saml/setup/): a general guide to setting up SAML in n8n, and links to resources for common identity providers (IdPs).\n- [Set up OIDC](../../../user-management/oidc/setup/): a general guide to setting up OpenID Connect (OIDC) SSO in n8n.\n",
-        "excerpt": "# Set up Single Sign-On (SSO)  Feature availability  - Available on Enterprise plans. - You need to be an instance owner or admin to enable and configure SAML or OIDC.  n8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.  - [Set up SAML](../../../user-management/saml/setup/): a general guide t...",
+        "markdown": "# Set up Single Sign-On (SSO)\n\nFeature availability\n\n- Available on Business and Enterprise plans.\n- You need to be an instance owner or admin to enable and configure SAML or OIDC.\n\nn8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [Set up SAML](../../../user-management/saml/setup/): a general guide to setting up SAML in n8n, and links to resources for common identity providers (IdPs).\n- [Set up OIDC](../../../user-management/oidc/setup/): a general guide to setting up OpenID Connect (OIDC) SSO in n8n.\n",
+        "excerpt": "# Set up Single Sign-On (SSO)  Feature availability  - Available on Business and Enterprise plans. - You need to be an instance owner or admin to enable and configure SAML or OIDC.  n8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.  - [Set up SAML](../../../user-management/saml/setup/): a ge...",
         "sections": [
           {
             "title": "Set up Single Sign-On (SSO)",
             "level": 1,
-            "content": "Feature availability\n\n- Available on Enterprise plans.\n- You need to be an instance owner or admin to enable and configure SAML or OIDC.\n\nn8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [Set up SAML](../../../user-management/saml/setup/): a general guide to setting up SAML in n8n, and links to resources for common identity providers (IdPs).\n- [Set up OIDC](../../../user-management/oidc/setup/): a general guide to setting up OpenID Connect (OIDC) SSO in n8n."
+            "content": "Feature availability\n\n- Available on Business and Enterprise plans.\n- You need to be an instance owner or admin to enable and configure SAML or OIDC.\n\nn8n supports the SAML and OIDC authentication protocols for single sign-on (SSO). See [OIDC vs SAML](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [Set up SAML](../../../user-management/saml/setup/): a general guide to setting up SAML in n8n, and links to resources for common identity providers (IdPs).\n- [Set up OIDC](../../../user-management/oidc/setup/): a general guide to setting up OpenID Connect (OIDC) SSO in n8n."
           }
         ]
       },
@@ -18831,11 +18832,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 706,
+        "contentLength": 719,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "set up sso # set up single sign-on (sso)\n\nfeature availability\n\n- available on enterprise plans.\n- you need to be an instance owner or admin to enable and configure saml or oidc.\n\nn8n supports the saml and oidc authentication protocols for single sign-on (sso). see [oidc vs saml](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [set up saml](../../../user-management/saml/setup/): a general guide to setting up saml in n8n, and links to resources for common identity providers (idps).\n- [set up oidc](../../../user-management/oidc/setup/): a general guide to setting up openid connect (oidc) sso in n8n.\n set up single sign-on (sso)",
+        "fullText": "set up sso # set up single sign-on (sso)\n\nfeature availability\n\n- available on business and enterprise plans.\n- you need to be an instance owner or admin to enable and configure saml or oidc.\n\nn8n supports the saml and oidc authentication protocols for single sign-on (sso). see [oidc vs saml](https://www.onelogin.com/learn/oidc-vs-saml) for more general information on the two protocols, the differences between them, and their respective benefits.\n\n- [set up saml](../../../user-management/saml/setup/): a general guide to setting up saml in n8n, and links to resources for common identity providers (idps).\n- [set up oidc](../../../user-management/oidc/setup/): a general guide to setting up openid connect (oidc) sso in n8n.\n set up single sign-on (sso)",
         "importantTerms": [
           "saml",
           "oidc",
@@ -45115,32 +45116,34 @@
     },
     {
       "id": "page-0581",
-      "title": "Anthropic Chat Model",
-      "url": "https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatanthropic/index.md",
-      "urlPath": "integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatanthropic/index.md",
+      "title": "AWS Bedrock Chat Model",
+      "url": "https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatawsbedrock/index.md",
+      "urlPath": "integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatawsbedrock/index.md",
       "category": "cluster-nodes",
       "subcategory": null,
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Anthropic Chat Model node\n\nUse the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\nOn this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## Node parameters\n\n- **Model**: Select the model that generates the completion. Choose from:\n  - **Claude**\n  - **Claude Instant**\n\nLearn more in the [Anthropic model documentation](https://docs.anthropic.com/claude/reference/selecting-a-model).\n\n## Node options\n\n- **Maximum Number of Tokens**: Enter the maximum number of tokens used, which sets the completion length.\n- **Sampling Temperature**: Use this option to control the randomness of the sampling process. A higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n- **Top K**: Enter the number of token choices the model uses to generate the next token.\n- **Top P**: Use this option to set the probability the completion should use. Use a lower value to ignore less probable options.\n\n## Templates and examples\n\n**Notion AI Assistant Generator**\n\nby Max Tkacz\n\n[View template details](https://n8n.io/workflows/2415-notion-ai-assistant-generator/)\n\n**Gmail AI Email Manager**\n\nby Max Mitcham\n\n[View template details](https://n8n.io/workflows/4722-gmail-ai-email-manager/)\n\n**🤖 AI content generation for Auto Service 🚘 Automate your social media📲!**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/4600-ai-content-generation-for-auto-service-automate-your-social-media/)\n\n[Browse Anthropic Chat Model integration templates](https://n8n.io/integrations/anthropic-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## Related resources\n\nRefer to [LangChains's Anthropic documentation](https://js.langchain.com/docs/integrations/chat/anthropic/) for more information about the service.\n\nView n8n's [Advanced AI](../../../../../advanced-ai/) documentation.\n",
-        "excerpt": "# Anthropic Chat Model node  Use the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).  On this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.  Credentials  You can find authentication information for this node [here](../../../credentials/anthropic/).  Parameter resolution in sub-nodes  Sub-nodes behave differently to other nodes when processing multiple...",
+        "markdown": "# AWS Bedrock Chat Model node\n\nThe AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.\n\nOn this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/aws/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## Node parameters\n\n- **Model**: Select the model that generates the completion.\n\nLearn more about available models in the [Amazon Bedrock model documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html).\n\n## Node options\n\n- **Maximum Number of Tokens**: Enter the maximum number of tokens used, which sets the completion length.\n- **Sampling Temperature**: Use this option to control the randomness of the sampling process. A higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n\n## Proxy limitations\n\nThis node doesn't support the [`NO_PROXY` environment variable](../../../../../hosting/configuration/environment-variables/deployment/).\n\n## Templates and examples\n\n**💅 AI Agents Generate Content & Automate Posting for Beauty Salon Social Media 📲**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/12834-ai-agents-generate-content-and-automate-posting-for-beauty-salon-social-media/)\n\n**💾 Generate Blog Posts on Autopilot with GPT‑5, Tavily and WordPress**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/12858-generate-blog-posts-on-autopilot-with-gpt5-tavily-and-wordpress/)\n\n**Create a Business Model Canvas and infographic image with Gemini**\n\nby Ryosuke Mori\n\n[View template details](https://n8n.io/workflows/12833-create-a-business-model-canvas-and-infographic-image-with-gemini/)\n\n[Browse AWS Bedrock Chat Model integration templates](https://n8n.io/integrations/aws-bedrock-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## Related resources\n\nRefer to [LangChains's AWS Bedrock Chat Model documentation](https://js.langchain.com/docs/integrations/chat/bedrock/) for more information about the service.\n\nView n8n's [Advanced AI](../../../../../advanced-ai/) documentation.\n",
+        "excerpt": "# AWS Bedrock Chat Model node  The AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.  On this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.  Credentials  You can find authentication information for this node [here](../../../credentials/aws/).  Parameter resolution in sub-nodes  Sub-nodes behave differently to other nodes when processing multiple items using an expression.  Most nodes, including root nod...",
         "sections": [
           {
-            "title": "Anthropic Chat Model node",
+            "title": "AWS Bedrock Chat Model node",
             "level": 1,
-            "content": "Use the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\nOn this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always reso"
+            "content": "The AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.\n\nOn this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/aws/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name."
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "anthropic",
+          "bedrock",
           "chat",
           "model",
           "node",
           "parameters",
           "options",
+          "proxy",
+          "limitations",
           "templates",
           "examples",
           "related",
@@ -45151,69 +45154,67 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 2734,
+        "contentLength": 2796,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "anthropic chat model # anthropic chat model node\n\nuse the anthropic chat model node to use anthropic's claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\non this page, you'll find the node parameters for the anthropic chat model node, and links to more resources.\n\ncredentials\n\nyou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nparameter resolution in sub-nodes\n\nsub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nmost nodes, including root nodes, take any number of items as input, process these items, and output the results. you can use expressions to refer to input items, and the node resolves the expression for each item in turn. for example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nin sub-nodes, the expression always resolves to the first item. for example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## node parameters\n\n- **model**: select the model that generates the completion. choose from:\n  - **claude**\n  - **claude instant**\n\nlearn more in the [anthropic model documentation](https://docs.anthropic.com/claude/reference/selecting-a-model).\n\n## node options\n\n- **maximum number of tokens**: enter the maximum number of tokens used, which sets the completion length.\n- **sampling temperature**: use this option to control the randomness of the sampling process. a higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n- **top k**: enter the number of token choices the model uses to generate the next token.\n- **top p**: use this option to set the probability the completion should use. use a lower value to ignore less probable options.\n\n## templates and examples\n\n**notion ai assistant generator**\n\nby max tkacz\n\n[view template details](https://n8n.io/workflows/2415-notion-ai-assistant-generator/)\n\n**gmail ai email manager**\n\nby max mitcham\n\n[view template details](https://n8n.io/workflows/4722-gmail-ai-email-manager/)\n\n**🤖 ai content generation for auto service 🚘 automate your social media📲!**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/4600-ai-content-generation-for-auto-service-automate-your-social-media/)\n\n[browse anthropic chat model integration templates](https://n8n.io/integrations/anthropic-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## related resources\n\nrefer to [langchains's anthropic documentation](https://js.langchain.com/docs/integrations/chat/anthropic/) for more information about the service.\n\nview n8n's [advanced ai](../../../../../advanced-ai/) documentation.\n anthropic chat model node",
+        "fullText": "aws bedrock chat model # aws bedrock chat model node\n\nthe aws bedrock chat model node allows you use llm models utilising aws bedrock platform.\n\non this page, you'll find the node parameters for the aws bedrock chat model node, and links to more resources.\n\ncredentials\n\nyou can find authentication information for this node [here](../../../credentials/aws/).\n\nparameter resolution in sub-nodes\n\nsub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nmost nodes, including root nodes, take any number of items as input, process these items, and output the results. you can use expressions to refer to input items, and the node resolves the expression for each item in turn. for example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nin sub-nodes, the expression always resolves to the first item. for example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## node parameters\n\n- **model**: select the model that generates the completion.\n\nlearn more about available models in the [amazon bedrock model documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html).\n\n## node options\n\n- **maximum number of tokens**: enter the maximum number of tokens used, which sets the completion length.\n- **sampling temperature**: use this option to control the randomness of the sampling process. a higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n\n## proxy limitations\n\nthis node doesn't support the [`no_proxy` environment variable](../../../../../hosting/configuration/environment-variables/deployment/).\n\n## templates and examples\n\n**💅 ai agents generate content & automate posting for beauty salon social media 📲**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/12834-ai-agents-generate-content-and-automate-posting-for-beauty-salon-social-media/)\n\n**💾 generate blog posts on autopilot with gpt‑5, tavily and wordpress**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/12858-generate-blog-posts-on-autopilot-with-gpt5-tavily-and-wordpress/)\n\n**create a business model canvas and infographic image with gemini**\n\nby ryosuke mori\n\n[view template details](https://n8n.io/workflows/12833-create-a-business-model-canvas-and-infographic-image-with-gemini/)\n\n[browse aws bedrock chat model integration templates](https://n8n.io/integrations/aws-bedrock-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## related resources\n\nrefer to [langchains's aws bedrock chat model documentation](https://js.langchain.com/docs/integrations/chat/bedrock/) for more information about the service.\n\nview n8n's [advanced ai](../../../../../advanced-ai/) documentation.\n aws bedrock chat model node",
         "importantTerms": [
-          "anthropic",
           "model",
-          "chat",
+          "bedrock",
           "node",
+          "chat",
           "https",
           "nodes",
           "name",
           "expression",
-          "claude",
           "this",
           "more",
           "items",
-          "number",
           "input",
           "resolves",
+          "generate",
           "view",
           "workflows",
-          "completion",
+          "with",
+          "models",
+          "number",
           "documentation",
           "sampling",
           "templates",
           "template",
-          "details",
-          "service"
+          "details"
         ]
       }
     },
     {
       "id": "page-0582",
-      "title": "AWS Bedrock Chat Model",
-      "url": "https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatawsbedrock/index.md",
-      "urlPath": "integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatawsbedrock/index.md",
+      "title": "Anthropic Chat Model",
+      "url": "https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatanthropic/index.md",
+      "urlPath": "integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.lmchatanthropic/index.md",
       "category": "cluster-nodes",
       "subcategory": null,
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# AWS Bedrock Chat Model node\n\nThe AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.\n\nOn this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/aws/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## Node parameters\n\n- **Model**: Select the model that generates the completion.\n\nLearn more about available models in the [Amazon Bedrock model documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html).\n\n## Node options\n\n- **Maximum Number of Tokens**: Enter the maximum number of tokens used, which sets the completion length.\n- **Sampling Temperature**: Use this option to control the randomness of the sampling process. A higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n\n## Proxy limitations\n\nThis node doesn't support the [`NO_PROXY` environment variable](../../../../../hosting/configuration/environment-variables/deployment/).\n\n## Templates and examples\n\n**💅 AI Agents Generate Content & Automate Posting for Beauty Salon Social Media 📲**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/12834-ai-agents-generate-content-and-automate-posting-for-beauty-salon-social-media/)\n\n**💾 Generate Blog Posts on Autopilot with GPT‑5, Tavily and WordPress**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/12858-generate-blog-posts-on-autopilot-with-gpt5-tavily-and-wordpress/)\n\n**Create a Business Model Canvas and infographic image with Gemini**\n\nby Ryosuke Mori\n\n[View template details](https://n8n.io/workflows/12833-create-a-business-model-canvas-and-infographic-image-with-gemini/)\n\n[Browse AWS Bedrock Chat Model integration templates](https://n8n.io/integrations/aws-bedrock-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## Related resources\n\nRefer to [LangChains's AWS Bedrock Chat Model documentation](https://js.langchain.com/docs/integrations/chat/bedrock/) for more information about the service.\n\nView n8n's [Advanced AI](../../../../../advanced-ai/) documentation.\n",
-        "excerpt": "# AWS Bedrock Chat Model node  The AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.  On this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.  Credentials  You can find authentication information for this node [here](../../../credentials/aws/).  Parameter resolution in sub-nodes  Sub-nodes behave differently to other nodes when processing multiple items using an expression.  Most nodes, including root nod...",
+        "markdown": "# Anthropic Chat Model node\n\nUse the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\nOn this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## Node parameters\n\n- **Model**: Select the model that generates the completion. Choose from:\n  - **Claude**\n  - **Claude Instant**\n\nLearn more in the [Anthropic model documentation](https://docs.anthropic.com/claude/reference/selecting-a-model).\n\n## Node options\n\n- **Maximum Number of Tokens**: Enter the maximum number of tokens used, which sets the completion length.\n- **Sampling Temperature**: Use this option to control the randomness of the sampling process. A higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n- **Top K**: Enter the number of token choices the model uses to generate the next token.\n- **Top P**: Use this option to set the probability the completion should use. Use a lower value to ignore less probable options.\n\n## Templates and examples\n\n**Notion AI Assistant Generator**\n\nby Max Tkacz\n\n[View template details](https://n8n.io/workflows/2415-notion-ai-assistant-generator/)\n\n**Gmail AI Email Manager**\n\nby Max Mitcham\n\n[View template details](https://n8n.io/workflows/4722-gmail-ai-email-manager/)\n\n**🤖 AI content generation for Auto Service 🚘 Automate your social media📲!**\n\nby N8ner\n\n[View template details](https://n8n.io/workflows/4600-ai-content-generation-for-auto-service-automate-your-social-media/)\n\n[Browse Anthropic Chat Model integration templates](https://n8n.io/integrations/anthropic-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## Related resources\n\nRefer to [LangChains's Anthropic documentation](https://js.langchain.com/docs/integrations/chat/anthropic/) for more information about the service.\n\nView n8n's [Advanced AI](../../../../../advanced-ai/) documentation.\n",
+        "excerpt": "# Anthropic Chat Model node  Use the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).  On this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.  Credentials  You can find authentication information for this node [here](../../../credentials/anthropic/).  Parameter resolution in sub-nodes  Sub-nodes behave differently to other nodes when processing multiple...",
         "sections": [
           {
-            "title": "AWS Bedrock Chat Model node",
+            "title": "Anthropic Chat Model node",
             "level": 1,
-            "content": "The AWS Bedrock Chat Model node allows you use LLM models utilising AWS Bedrock platform.\n\nOn this page, you'll find the node parameters for the AWS Bedrock Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/aws/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name."
+            "content": "Use the Anthropic Chat Model node to use Anthropic's Claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\nOn this page, you'll find the node parameters for the Anthropic Chat Model node, and links to more resources.\n\nCredentials\n\nYou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nParameter resolution in sub-nodes\n\nSub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nMost nodes, including root nodes, take any number of items as input, process these items, and output the results. You can use expressions to refer to input items, and the node resolves the expression for each item in turn. For example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nIn sub-nodes, the expression always resolves to the first item. For example, given an input of five `name` values, the expression `{{ $json.name }}` always reso"
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "bedrock",
+          "anthropic",
           "chat",
           "model",
           "node",
           "parameters",
           "options",
-          "proxy",
-          "limitations",
           "templates",
           "examples",
           "related",
@@ -45224,36 +45225,36 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 2796,
+        "contentLength": 2734,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "aws bedrock chat model # aws bedrock chat model node\n\nthe aws bedrock chat model node allows you use llm models utilising aws bedrock platform.\n\non this page, you'll find the node parameters for the aws bedrock chat model node, and links to more resources.\n\ncredentials\n\nyou can find authentication information for this node [here](../../../credentials/aws/).\n\nparameter resolution in sub-nodes\n\nsub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nmost nodes, including root nodes, take any number of items as input, process these items, and output the results. you can use expressions to refer to input items, and the node resolves the expression for each item in turn. for example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nin sub-nodes, the expression always resolves to the first item. for example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## node parameters\n\n- **model**: select the model that generates the completion.\n\nlearn more about available models in the [amazon bedrock model documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html).\n\n## node options\n\n- **maximum number of tokens**: enter the maximum number of tokens used, which sets the completion length.\n- **sampling temperature**: use this option to control the randomness of the sampling process. a higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n\n## proxy limitations\n\nthis node doesn't support the [`no_proxy` environment variable](../../../../../hosting/configuration/environment-variables/deployment/).\n\n## templates and examples\n\n**💅 ai agents generate content & automate posting for beauty salon social media 📲**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/12834-ai-agents-generate-content-and-automate-posting-for-beauty-salon-social-media/)\n\n**💾 generate blog posts on autopilot with gpt‑5, tavily and wordpress**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/12858-generate-blog-posts-on-autopilot-with-gpt5-tavily-and-wordpress/)\n\n**create a business model canvas and infographic image with gemini**\n\nby ryosuke mori\n\n[view template details](https://n8n.io/workflows/12833-create-a-business-model-canvas-and-infographic-image-with-gemini/)\n\n[browse aws bedrock chat model integration templates](https://n8n.io/integrations/aws-bedrock-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## related resources\n\nrefer to [langchains's aws bedrock chat model documentation](https://js.langchain.com/docs/integrations/chat/bedrock/) for more information about the service.\n\nview n8n's [advanced ai](../../../../../advanced-ai/) documentation.\n aws bedrock chat model node",
+        "fullText": "anthropic chat model # anthropic chat model node\n\nuse the anthropic chat model node to use anthropic's claude family of chat models with conversational [agents](../../../../../glossary/#ai-agent).\n\non this page, you'll find the node parameters for the anthropic chat model node, and links to more resources.\n\ncredentials\n\nyou can find authentication information for this node [here](../../../credentials/anthropic/).\n\nparameter resolution in sub-nodes\n\nsub-nodes behave differently to other nodes when processing multiple items using an expression.\n\nmost nodes, including root nodes, take any number of items as input, process these items, and output the results. you can use expressions to refer to input items, and the node resolves the expression for each item in turn. for example, given an input of five `name` values, the expression `{{ $json.name }}` resolves to each name in turn.\n\nin sub-nodes, the expression always resolves to the first item. for example, given an input of five `name` values, the expression `{{ $json.name }}` always resolves to the first name.\n\n## node parameters\n\n- **model**: select the model that generates the completion. choose from:\n  - **claude**\n  - **claude instant**\n\nlearn more in the [anthropic model documentation](https://docs.anthropic.com/claude/reference/selecting-a-model).\n\n## node options\n\n- **maximum number of tokens**: enter the maximum number of tokens used, which sets the completion length.\n- **sampling temperature**: use this option to control the randomness of the sampling process. a higher temperature creates more diverse sampling, but increases the risk of hallucinations.\n- **top k**: enter the number of token choices the model uses to generate the next token.\n- **top p**: use this option to set the probability the completion should use. use a lower value to ignore less probable options.\n\n## templates and examples\n\n**notion ai assistant generator**\n\nby max tkacz\n\n[view template details](https://n8n.io/workflows/2415-notion-ai-assistant-generator/)\n\n**gmail ai email manager**\n\nby max mitcham\n\n[view template details](https://n8n.io/workflows/4722-gmail-ai-email-manager/)\n\n**🤖 ai content generation for auto service 🚘 automate your social media📲!**\n\nby n8ner\n\n[view template details](https://n8n.io/workflows/4600-ai-content-generation-for-auto-service-automate-your-social-media/)\n\n[browse anthropic chat model integration templates](https://n8n.io/integrations/anthropic-chat-model/), or [search all templates](https://n8n.io/workflows/)\n\n## related resources\n\nrefer to [langchains's anthropic documentation](https://js.langchain.com/docs/integrations/chat/anthropic/) for more information about the service.\n\nview n8n's [advanced ai](../../../../../advanced-ai/) documentation.\n anthropic chat model node",
         "importantTerms": [
+          "anthropic",
           "model",
-          "bedrock",
-          "node",
           "chat",
+          "node",
           "https",
           "nodes",
           "name",
           "expression",
+          "claude",
           "this",
           "more",
           "items",
+          "number",
           "input",
           "resolves",
-          "generate",
           "view",
           "workflows",
-          "with",
-          "models",
-          "number",
+          "completion",
           "documentation",
           "sampling",
           "templates",
           "template",
-          "details"
+          "details",
+          "service"
         ]
       }
     },
@@ -58125,27 +58126,27 @@
     },
     {
       "id": "page-0739",
-      "title": "Bitbucket credentials",
-      "url": "https://docs.n8n.io/integrations/builtin/credentials/bitbucket/index.md",
-      "urlPath": "integrations/builtin/credentials/bitbucket/index.md",
+      "title": "Bitly credentials",
+      "url": "https://docs.n8n.io/integrations/builtin/credentials/bitly/index.md",
+      "urlPath": "integrations/builtin/credentials/bitly/index.md",
       "category": "other",
       "subcategory": null,
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Bitbucket credentials\n\nYou can use these credentials to authenticate the following nodes:\n\n- [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)\n\n## Prerequisites\n\nCreate a [Bitbucket](https://www.bitbucket.com/) account.\n\n## Supported authentication methods\n\n- Access token\n\n## Related resources\n\nRefer to [Bitbucket's API documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.\n\n## Configuring Bitbucket access token\n\n1. Log in to Bitbucket and open your account or personal settings.\n\n1. Find the section for API tokens or security settings.\n\n1. Create a new API token, giving it a name and expiry date that matches your use case.\n\n1. Select Bitbucket as the app, then choose the required scopes (permissions):\n\n   ```\n   read:user:bitbucket\n   read:workspace:bitbucket\n   read:repository:bitbucket\n   read:webhook:bitbucket\n   write:webhook:bitbucket\n   delete:webhook:bitbucket\n   ```\n\n1. Review and create the token. Copy the generated token and add it to n8n. Bitbucket only shows the token once.\n\nFor detailed instructions, see [Create an API token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\n",
-        "excerpt": "# Bitbucket credentials  You can use these credentials to authenticate the following nodes:  - [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)  ## Prerequisites  Create a [Bitbucket](https://www.bitbucket.com/) account.  ## Supported authentication methods  - Access token  ## Related resources  Refer to [Bitbucket's API documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.  ## Configuring Bitbu...",
+        "markdown": "# Bitly credentials\n\nYou can use these credentials to authenticate the following node:\n\n- [Bitly](../../app-nodes/n8n-nodes-base.bitly/)\n\n## Prerequisites\n\nCreate a [Bitly](https://www.bitly.com/) account.\n\n## Supported authentication methods\n\n- API token\n- OAuth2\n\n## Related resources\n\nRefer to [Bitly's API documentation](https://dev.bitly.com/) for more information about the service.\n\n## Using API token\n\nTo configure this credential, you'll need:\n\n- An **Access Token**: Once logged in, visit [Settings > Developer Settings > API](https://app.bitly.com/settings/api/) to generate an Access Token.\n\n## Using OAuth2\n\nNote for n8n Cloud users\n\nCloud users don't need to provide connection details. Select **Connect my account** to connect through your browser.\n\nIf you need to configure OAuth2 from scratch or need more detail on what's happening in the OAuth web flow, refer to the [Bitly API Authentication documentation](https://dev.bitly.com/docs/getting-started/authentication/) for more information.\n",
+        "excerpt": "# Bitly credentials  You can use these credentials to authenticate the following node:  - [Bitly](../../app-nodes/n8n-nodes-base.bitly/)  ## Prerequisites  Create a [Bitly](https://www.bitly.com/) account.  ## Supported authentication methods  - API token - OAuth2  ## Related resources  Refer to [Bitly's API documentation](https://dev.bitly.com/) for more information about the service.  ## Using API token  To configure this credential, you'll need:  - An **Access Token**: Once logged in, visit [...",
         "sections": [
           {
-            "title": "Bitbucket credentials",
+            "title": "Bitly credentials",
             "level": 1,
-            "content": "You can use these credentials to authenticate the following nodes:\n\n- [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)"
+            "content": "You can use these credentials to authenticate the following node:\n\n- [Bitly](../../app-nodes/n8n-nodes-base.bitly/)"
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "bitbucket",
+          "bitly",
           "credentials",
           "prerequisites",
           "supported",
@@ -58153,55 +58154,55 @@
           "methods",
           "related",
           "resources",
-          "configuring",
-          "access",
-          "token"
+          "using",
+          "token",
+          "oauth2"
         ],
         "useCases": [],
         "operations": [],
-        "codeExamples": 1,
+        "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 1231,
+        "contentLength": 1009,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "bitbucket credentials # bitbucket credentials\n\nyou can use these credentials to authenticate the following nodes:\n\n- [bitbucket trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)\n\n## prerequisites\n\ncreate a [bitbucket](https://www.bitbucket.com/) account.\n\n## supported authentication methods\n\n- access token\n\n## related resources\n\nrefer to [bitbucket's api documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.\n\n## configuring bitbucket access token\n\n1. log in to bitbucket and open your account or personal settings.\n\n1. find the section for api tokens or security settings.\n\n1. create a new api token, giving it a name and expiry date that matches your use case.\n\n1. select bitbucket as the app, then choose the required scopes (permissions):\n\n   ```\n   read:user:bitbucket\n   read:workspace:bitbucket\n   read:repository:bitbucket\n   read:webhook:bitbucket\n   write:webhook:bitbucket\n   delete:webhook:bitbucket\n   ```\n\n1. review and create the token. copy the generated token and add it to n8n. bitbucket only shows the token once.\n\nfor detailed instructions, see [create an api token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\n bitbucket credentials",
+        "fullText": "bitly credentials # bitly credentials\n\nyou can use these credentials to authenticate the following node:\n\n- [bitly](../../app-nodes/n8n-nodes-base.bitly/)\n\n## prerequisites\n\ncreate a [bitly](https://www.bitly.com/) account.\n\n## supported authentication methods\n\n- api token\n- oauth2\n\n## related resources\n\nrefer to [bitly's api documentation](https://dev.bitly.com/) for more information about the service.\n\n## using api token\n\nto configure this credential, you'll need:\n\n- an **access token**: once logged in, visit [settings > developer settings > api](https://app.bitly.com/settings/api/) to generate an access token.\n\n## using oauth2\n\nnote for n8n cloud users\n\ncloud users don't need to provide connection details. select **connect my account** to connect through your browser.\n\nif you need to configure oauth2 from scratch or need more detail on what's happening in the oauth web flow, refer to the [bitly api authentication documentation](https://dev.bitly.com/docs/getting-started/authentication/) for more information.\n bitly credentials",
         "importantTerms": [
-          "bitbucket",
-          "token",
-          "create",
+          "bitly",
           "credentials",
-          "read",
-          "nodes",
           "https",
-          "webhook"
+          "token",
+          "need",
+          "authentication",
+          "more",
+          "settings"
         ]
       }
     },
     {
       "id": "page-0740",
-      "title": "Bitly credentials",
-      "url": "https://docs.n8n.io/integrations/builtin/credentials/bitly/index.md",
-      "urlPath": "integrations/builtin/credentials/bitly/index.md",
+      "title": "Bitbucket credentials",
+      "url": "https://docs.n8n.io/integrations/builtin/credentials/bitbucket/index.md",
+      "urlPath": "integrations/builtin/credentials/bitbucket/index.md",
       "category": "other",
       "subcategory": null,
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Bitly credentials\n\nYou can use these credentials to authenticate the following node:\n\n- [Bitly](../../app-nodes/n8n-nodes-base.bitly/)\n\n## Prerequisites\n\nCreate a [Bitly](https://www.bitly.com/) account.\n\n## Supported authentication methods\n\n- API token\n- OAuth2\n\n## Related resources\n\nRefer to [Bitly's API documentation](https://dev.bitly.com/) for more information about the service.\n\n## Using API token\n\nTo configure this credential, you'll need:\n\n- An **Access Token**: Once logged in, visit [Settings > Developer Settings > API](https://app.bitly.com/settings/api/) to generate an Access Token.\n\n## Using OAuth2\n\nNote for n8n Cloud users\n\nCloud users don't need to provide connection details. Select **Connect my account** to connect through your browser.\n\nIf you need to configure OAuth2 from scratch or need more detail on what's happening in the OAuth web flow, refer to the [Bitly API Authentication documentation](https://dev.bitly.com/docs/getting-started/authentication/) for more information.\n",
-        "excerpt": "# Bitly credentials  You can use these credentials to authenticate the following node:  - [Bitly](../../app-nodes/n8n-nodes-base.bitly/)  ## Prerequisites  Create a [Bitly](https://www.bitly.com/) account.  ## Supported authentication methods  - API token - OAuth2  ## Related resources  Refer to [Bitly's API documentation](https://dev.bitly.com/) for more information about the service.  ## Using API token  To configure this credential, you'll need:  - An **Access Token**: Once logged in, visit [...",
+        "markdown": "# Bitbucket credentials\n\nYou can use these credentials to authenticate the following nodes:\n\n- [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)\n\n## Prerequisites\n\nCreate a [Bitbucket](https://www.bitbucket.com/) account.\n\n## Supported authentication methods\n\n- Access token\n\n## Related resources\n\nRefer to [Bitbucket's API documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.\n\n## Configuring Bitbucket access token\n\n1. Log in to Bitbucket and open your account or personal settings.\n\n1. Find the section for API tokens or security settings.\n\n1. Create a new API token, giving it a name and expiry date that matches your use case.\n\n1. Select Bitbucket as the app, then choose the required scopes (permissions):\n\n   ```\n   read:user:bitbucket\n   read:workspace:bitbucket\n   read:repository:bitbucket\n   read:webhook:bitbucket\n   write:webhook:bitbucket\n   delete:webhook:bitbucket\n   ```\n\n1. Review and create the token. Copy the generated token and add it to n8n. Bitbucket only shows the token once.\n\nFor detailed instructions, see [Create an API token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\n",
+        "excerpt": "# Bitbucket credentials  You can use these credentials to authenticate the following nodes:  - [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)  ## Prerequisites  Create a [Bitbucket](https://www.bitbucket.com/) account.  ## Supported authentication methods  - Access token  ## Related resources  Refer to [Bitbucket's API documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.  ## Configuring Bitbu...",
         "sections": [
           {
-            "title": "Bitly credentials",
+            "title": "Bitbucket credentials",
             "level": 1,
-            "content": "You can use these credentials to authenticate the following node:\n\n- [Bitly](../../app-nodes/n8n-nodes-base.bitly/)"
+            "content": "You can use these credentials to authenticate the following nodes:\n\n- [Bitbucket Trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)"
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "bitly",
+          "bitbucket",
           "credentials",
           "prerequisites",
           "supported",
@@ -58209,29 +58210,29 @@
           "methods",
           "related",
           "resources",
-          "using",
-          "token",
-          "oauth2"
+          "configuring",
+          "access",
+          "token"
         ],
         "useCases": [],
         "operations": [],
-        "codeExamples": 0,
+        "codeExamples": 1,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 1009,
+        "contentLength": 1231,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "bitly credentials # bitly credentials\n\nyou can use these credentials to authenticate the following node:\n\n- [bitly](../../app-nodes/n8n-nodes-base.bitly/)\n\n## prerequisites\n\ncreate a [bitly](https://www.bitly.com/) account.\n\n## supported authentication methods\n\n- api token\n- oauth2\n\n## related resources\n\nrefer to [bitly's api documentation](https://dev.bitly.com/) for more information about the service.\n\n## using api token\n\nto configure this credential, you'll need:\n\n- an **access token**: once logged in, visit [settings > developer settings > api](https://app.bitly.com/settings/api/) to generate an access token.\n\n## using oauth2\n\nnote for n8n cloud users\n\ncloud users don't need to provide connection details. select **connect my account** to connect through your browser.\n\nif you need to configure oauth2 from scratch or need more detail on what's happening in the oauth web flow, refer to the [bitly api authentication documentation](https://dev.bitly.com/docs/getting-started/authentication/) for more information.\n bitly credentials",
+        "fullText": "bitbucket credentials # bitbucket credentials\n\nyou can use these credentials to authenticate the following nodes:\n\n- [bitbucket trigger](../../trigger-nodes/n8n-nodes-base.bitbuckettrigger/)\n\n## prerequisites\n\ncreate a [bitbucket](https://www.bitbucket.com/) account.\n\n## supported authentication methods\n\n- access token\n\n## related resources\n\nrefer to [bitbucket's api documentation](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication) for more information about the service.\n\n## configuring bitbucket access token\n\n1. log in to bitbucket and open your account or personal settings.\n\n1. find the section for api tokens or security settings.\n\n1. create a new api token, giving it a name and expiry date that matches your use case.\n\n1. select bitbucket as the app, then choose the required scopes (permissions):\n\n   ```\n   read:user:bitbucket\n   read:workspace:bitbucket\n   read:repository:bitbucket\n   read:webhook:bitbucket\n   write:webhook:bitbucket\n   delete:webhook:bitbucket\n   ```\n\n1. review and create the token. copy the generated token and add it to n8n. bitbucket only shows the token once.\n\nfor detailed instructions, see [create an api token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\n bitbucket credentials",
         "importantTerms": [
-          "bitly",
+          "bitbucket",
+          "token",
+          "create",
           "credentials",
+          "read",
+          "nodes",
           "https",
-          "token",
-          "need",
-          "authentication",
-          "more",
-          "settings"
+          "webhook"
         ]
       }
     },
@@ -68997,62 +68998,6 @@
     },
     {
       "id": "page-0912",
-      "title": "Plivo credentials",
-      "url": "https://docs.n8n.io/integrations/builtin/credentials/plivo/index.md",
-      "urlPath": "integrations/builtin/credentials/plivo/index.md",
-      "category": "other",
-      "subcategory": null,
-      "nodeName": null,
-      "nodeType": null,
-      "content": {
-        "markdown": "# Plivo credentials\n\nYou can use these credentials to authenticate the following nodes:\n\n- [Plivo](../../app-nodes/n8n-nodes-base.plivo/)\n\n## Prerequisites\n\nCreate a [Plivo](https://www.plivo.com/) account.\n\n## Supported authentication methods\n\n- Basic auth\n\n## Related resources\n\nRefer to [Plivo's API documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.\n\n## Using basic auth\n\nTo configure this credential, you'll need:\n\n- An **Auth ID**: Acts like your username. Copy yours from the **Overview** page of the Plivo [console](https://console.plivo.com/dashboard/).\n- An **Auth Token**: Acts like a password. Copy yours from the **Overview** page of the Plivo [console](https://console.plivo.com/dashboard/).\n\nRefer to [How can I change my Auth ID or Auth Token?](https://support.plivo.com/hc/en-us/articles/360041731231-How-can-I-change-my-Auth-ID-or-Auth-Token) for more detailed instructions.\n",
-        "excerpt": "# Plivo credentials  You can use these credentials to authenticate the following nodes:  - [Plivo](../../app-nodes/n8n-nodes-base.plivo/)  ## Prerequisites  Create a [Plivo](https://www.plivo.com/) account.  ## Supported authentication methods  - Basic auth  ## Related resources  Refer to [Plivo's API documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.  ## Using basic auth  To configure this credential, you'll need:  - An **Auth ID**: Acts like...",
-        "sections": [
-          {
-            "title": "Plivo credentials",
-            "level": 1,
-            "content": "You can use these credentials to authenticate the following nodes:\n\n- [Plivo](../../app-nodes/n8n-nodes-base.plivo/)"
-          }
-        ]
-      },
-      "metadata": {
-        "keywords": [
-          "plivo",
-          "credentials",
-          "prerequisites",
-          "supported",
-          "authentication",
-          "methods",
-          "related",
-          "resources",
-          "using",
-          "basic",
-          "auth"
-        ],
-        "useCases": [],
-        "operations": [],
-        "codeExamples": 0,
-        "complexity": "beginner",
-        "readingTime": "1 min",
-        "contentLength": 945,
-        "relatedPages": []
-      },
-      "searchIndex": {
-        "fullText": "plivo credentials # plivo credentials\n\nyou can use these credentials to authenticate the following nodes:\n\n- [plivo](../../app-nodes/n8n-nodes-base.plivo/)\n\n## prerequisites\n\ncreate a [plivo](https://www.plivo.com/) account.\n\n## supported authentication methods\n\n- basic auth\n\n## related resources\n\nrefer to [plivo's api documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.\n\n## using basic auth\n\nto configure this credential, you'll need:\n\n- an **auth id**: acts like your username. copy yours from the **overview** page of the plivo [console](https://console.plivo.com/dashboard/).\n- an **auth token**: acts like a password. copy yours from the **overview** page of the plivo [console](https://console.plivo.com/dashboard/).\n\nrefer to [how can i change my auth id or auth token?](https://support.plivo.com/hc/en-us/articles/360041731231-how-can-i-change-my-auth-id-or-auth-token) for more detailed instructions.\n plivo credentials",
-        "importantTerms": [
-          "plivo",
-          "auth",
-          "https",
-          "credentials",
-          "console",
-          "nodes",
-          "overview",
-          "token"
-        ]
-      }
-    },
-    {
-      "id": "page-0913",
       "title": "Postgres credentials",
       "url": "https://docs.n8n.io/integrations/builtin/credentials/postgres/index.md",
       "urlPath": "integrations/builtin/credentials/postgres/index.md",
@@ -69152,7 +69097,7 @@
       }
     },
     {
-      "id": "page-0914",
+      "id": "page-0913",
       "title": "PostHog credentials",
       "url": "https://docs.n8n.io/integrations/builtin/credentials/posthog/index.md",
       "urlPath": "integrations/builtin/credentials/posthog/index.md",
@@ -69211,7 +69156,7 @@
       }
     },
     {
-      "id": "page-0915",
+      "id": "page-0914",
       "title": "Postmark credentials",
       "url": "https://docs.n8n.io/integrations/builtin/credentials/postmark/index.md",
       "urlPath": "integrations/builtin/credentials/postmark/index.md",
@@ -69267,7 +69212,7 @@
       }
     },
     {
-      "id": "page-0916",
+      "id": "page-0915",
       "title": "ProfitWell credentials",
       "url": "https://docs.n8n.io/integrations/builtin/credentials/profitwell/index.md",
       "urlPath": "integrations/builtin/credentials/profitwell/index.md",
@@ -69318,7 +69263,7 @@
       }
     },
     {
-      "id": "page-0917",
+      "id": "page-0916",
       "title": "Pushbullet credentials",
       "url": "https://docs.n8n.io/integrations/builtin/credentials/pushbullet/index.md",
       "urlPath": "integrations/builtin/credentials/pushbullet/index.md",
@@ -69373,6 +69318,62 @@
         ]
       }
     },
+    {
+      "id": "page-0917",
+      "title": "Plivo credentials",
+      "url": "https://docs.n8n.io/integrations/builtin/credentials/plivo/index.md",
+      "urlPath": "integrations/builtin/credentials/plivo/index.md",
+      "category": "other",
+      "subcategory": null,
+      "nodeName": null,
+      "nodeType": null,
+      "content": {
+        "markdown": "# Plivo credentials\n\nYou can use these credentials to authenticate the following nodes:\n\n- [Plivo](../../app-nodes/n8n-nodes-base.plivo/)\n\n## Prerequisites\n\nCreate a [Plivo](https://www.plivo.com/) account.\n\n## Supported authentication methods\n\n- Basic auth\n\n## Related resources\n\nRefer to [Plivo's API documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.\n\n## Using basic auth\n\nTo configure this credential, you'll need:\n\n- An **Auth ID**: Acts like your username. Copy yours from the **Overview** page of the Plivo [console](https://console.plivo.com/dashboard/).\n- An **Auth Token**: Acts like a password. Copy yours from the **Overview** page of the Plivo [console](https://console.plivo.com/dashboard/).\n\nRefer to [How can I change my Auth ID or Auth Token?](https://support.plivo.com/hc/en-us/articles/360041731231-How-can-I-change-my-Auth-ID-or-Auth-Token) for more detailed instructions.\n",
+        "excerpt": "# Plivo credentials  You can use these credentials to authenticate the following nodes:  - [Plivo](../../app-nodes/n8n-nodes-base.plivo/)  ## Prerequisites  Create a [Plivo](https://www.plivo.com/) account.  ## Supported authentication methods  - Basic auth  ## Related resources  Refer to [Plivo's API documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.  ## Using basic auth  To configure this credential, you'll need:  - An **Auth ID**: Acts like...",
+        "sections": [
+          {
+            "title": "Plivo credentials",
+            "level": 1,
+            "content": "You can use these credentials to authenticate the following nodes:\n\n- [Plivo](../../app-nodes/n8n-nodes-base.plivo/)"
+          }
+        ]
+      },
+      "metadata": {
+        "keywords": [
+          "plivo",
+          "credentials",
+          "prerequisites",
+          "supported",
+          "authentication",
+          "methods",
+          "related",
+          "resources",
+          "using",
+          "basic",
+          "auth"
+        ],
+        "useCases": [],
+        "operations": [],
+        "codeExamples": 0,
+        "complexity": "beginner",
+        "readingTime": "1 min",
+        "contentLength": 945,
+        "relatedPages": []
+      },
+      "searchIndex": {
+        "fullText": "plivo credentials # plivo credentials\n\nyou can use these credentials to authenticate the following nodes:\n\n- [plivo](../../app-nodes/n8n-nodes-base.plivo/)\n\n## prerequisites\n\ncreate a [plivo](https://www.plivo.com/) account.\n\n## supported authentication methods\n\n- basic auth\n\n## related resources\n\nrefer to [plivo's api documentation](https://www.plivo.com/docs/voice/api/overview/) for more information about the service.\n\n## using basic auth\n\nto configure this credential, you'll need:\n\n- an **auth id**: acts like your username. copy yours from the **overview** page of the plivo [console](https://console.plivo.com/dashboard/).\n- an **auth token**: acts like a password. copy yours from the **overview** page of the plivo [console](https://console.plivo.com/dashboard/).\n\nrefer to [how can i change my auth id or auth token?](https://support.plivo.com/hc/en-us/articles/360041731231-how-can-i-change-my-auth-id-or-auth-token) for more detailed instructions.\n plivo credentials",
+        "importantTerms": [
+          "plivo",
+          "auth",
+          "https",
+          "credentials",
+          "console",
+          "nodes",
+          "overview",
+          "token"
+        ]
+      }
+    },
     {
       "id": "page-0918",
       "title": "Pushcut credentials",
@@ -78677,27 +78678,27 @@
     },
     {
       "id": "page-1071",
-      "title": "Keap Trigger",
-      "url": "https://docs.n8n.io/integrations/builtin/trigger-nodes/n8n-nodes-base.keaptrigger/index.md",
-      "urlPath": "integrations/builtin/trigger-nodes/n8n-nodes-base.keaptrigger/index.md",
+      "title": "KoboToolbox Trigger",
+      "url": "https://docs.n8n.io/integrations/builtin/trigger-nodes/n8n-nodes-base.kobotoolboxtrigger/index.md",
+      "urlPath": "integrations/builtin/trigger-nodes/n8n-nodes-base.kobotoolboxtrigger/index.md",
       "category": "trigger-nodes",
       "subcategory": null,
-      "nodeName": "keaptrigger",
-      "nodeType": "n8n-nodes-base.keaptrigger",
+      "nodeName": "kobotoolboxtrigger",
+      "nodeType": "n8n-nodes-base.kobotoolboxtrigger",
       "content": {
-        "markdown": "# Keap Trigger node\n\n[Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/keap/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8n.io/integrations/keap-trigger/) page.\n",
-        "excerpt": "# Keap Trigger node  [Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.  Credentials  You can find authentication information for this node [here](../../credentials/keap/).  Examples and templates  For usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8...",
+        "markdown": "# KoboToolbox Trigger node\n\n[KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nThis node starts a workflow upon new submissions of a specified form. The trigger node handles the creation/deletion of the hook, so you don't need to do any setup in KoboToolbox.\n\nIt works the same way as the Get Submission operation in the [KoboToolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options.\n",
+        "excerpt": "# KoboToolbox Trigger node  [KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.  Credentials  You can find authentication information for this node [here](../../credentials/kobotoolbox/).  Examples and templates  For usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integration...",
         "sections": [
           {
-            "title": "Keap Trigger node",
+            "title": "KoboToolbox Trigger node",
             "level": 1,
-            "content": "[Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/keap/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8n.io/integrations/keap-trigger/) page."
+            "content": "[KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nThis node starts a workflow upon new submissions of a specified form. The trigger node handles the creation/deletion of the hook, so you don't need to do any setup in KoboToolbox.\n\nIt works the same way as the Get Submission operation in the [KoboToolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options."
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "keap",
+          "kobotoolbox",
           "trigger",
           "node"
         ],
@@ -78706,13 +78707,13 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 539,
+        "contentLength": 919,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "keap trigger # keap trigger node\n\n[keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\ncredentials\n\nyou can find authentication information for this node [here](../../credentials/keap/).\n\nexamples and templates\n\nfor usage examples and templates to help you get started, refer to n8n's [keap trigger integrations](https://n8n.io/integrations/keap-trigger/) page.\n keap trigger node",
+        "fullText": "kobotoolbox trigger # kobotoolbox trigger node\n\n[kobotoolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. it's available both as a free cloud solution or as a self-hosted version.\n\ncredentials\n\nyou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nexamples and templates\n\nfor usage examples and templates to help you get started, refer to n8n's [kobotoolbox trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nthis node starts a workflow upon new submissions of a specified form. the trigger node handles the creation/deletion of the hook, so you don't need to do any setup in kobotoolbox.\n\nit works the same way as the get submission operation in the [kobotoolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options.\n kobotoolbox trigger node",
         "importantTerms": [
-          "keap",
+          "kobotoolbox",
           "trigger",
           "node"
         ]
@@ -78720,27 +78721,27 @@
     },
     {
       "id": "page-1072",
-      "title": "KoboToolbox Trigger",
-      "url": "https://docs.n8n.io/integrations/builtin/trigger-nodes/n8n-nodes-base.kobotoolboxtrigger/index.md",
-      "urlPath": "integrations/builtin/trigger-nodes/n8n-nodes-base.kobotoolboxtrigger/index.md",
+      "title": "Keap Trigger",
+      "url": "https://docs.n8n.io/integrations/builtin/trigger-nodes/n8n-nodes-base.keaptrigger/index.md",
+      "urlPath": "integrations/builtin/trigger-nodes/n8n-nodes-base.keaptrigger/index.md",
       "category": "trigger-nodes",
       "subcategory": null,
-      "nodeName": "kobotoolboxtrigger",
-      "nodeType": "n8n-nodes-base.kobotoolboxtrigger",
+      "nodeName": "keaptrigger",
+      "nodeType": "n8n-nodes-base.keaptrigger",
       "content": {
-        "markdown": "# KoboToolbox Trigger node\n\n[KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nThis node starts a workflow upon new submissions of a specified form. The trigger node handles the creation/deletion of the hook, so you don't need to do any setup in KoboToolbox.\n\nIt works the same way as the Get Submission operation in the [KoboToolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options.\n",
-        "excerpt": "# KoboToolbox Trigger node  [KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.  Credentials  You can find authentication information for this node [here](../../credentials/kobotoolbox/).  Examples and templates  For usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integration...",
+        "markdown": "# Keap Trigger node\n\n[Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/keap/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8n.io/integrations/keap-trigger/) page.\n",
+        "excerpt": "# Keap Trigger node  [Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.  Credentials  You can find authentication information for this node [here](../../credentials/keap/).  Examples and templates  For usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8...",
         "sections": [
           {
-            "title": "KoboToolbox Trigger node",
+            "title": "Keap Trigger node",
             "level": 1,
-            "content": "[KoboToolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. It's available both as a free cloud solution or as a self-hosted version.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [KoboToolbox Trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nThis node starts a workflow upon new submissions of a specified form. The trigger node handles the creation/deletion of the hook, so you don't need to do any setup in KoboToolbox.\n\nIt works the same way as the Get Submission operation in the [KoboToolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options."
+            "content": "[Keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\nCredentials\n\nYou can find authentication information for this node [here](../../credentials/keap/).\n\nExamples and templates\n\nFor usage examples and templates to help you get started, refer to n8n's [Keap Trigger integrations](https://n8n.io/integrations/keap-trigger/) page."
           }
         ]
       },
       "metadata": {
         "keywords": [
-          "kobotoolbox",
+          "keap",
           "trigger",
           "node"
         ],
@@ -78749,13 +78750,13 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 919,
+        "contentLength": 539,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "kobotoolbox trigger # kobotoolbox trigger node\n\n[kobotoolbox](https://www.kobotoolbox.org/) is a field survey and data collection tool to design interactive forms to be completed offline from mobile devices. it's available both as a free cloud solution or as a self-hosted version.\n\ncredentials\n\nyou can find authentication information for this node [here](../../credentials/kobotoolbox/).\n\nexamples and templates\n\nfor usage examples and templates to help you get started, refer to n8n's [kobotoolbox trigger integrations](https://n8n.io/integrations/kobotoolbox-trigger/) page.\n\nthis node starts a workflow upon new submissions of a specified form. the trigger node handles the creation/deletion of the hook, so you don't need to do any setup in kobotoolbox.\n\nit works the same way as the get submission operation in the [kobotoolbox](../../app-nodes/n8n-nodes-base.kobotoolbox/) node, including supporting the same reformatting options.\n kobotoolbox trigger node",
+        "fullText": "keap trigger # keap trigger node\n\n[keap](https://keap.com/) is an e-mail marketing and sales platform for small businesses, including products to manage and optimize the customer lifecycle, customer relationship management, marketing automation, lead capture, and e-commerce.\n\ncredentials\n\nyou can find authentication information for this node [here](../../credentials/keap/).\n\nexamples and templates\n\nfor usage examples and templates to help you get started, refer to n8n's [keap trigger integrations](https://n8n.io/integrations/keap-trigger/) page.\n keap trigger node",
         "importantTerms": [
-          "kobotoolbox",
+          "keap",
           "trigger",
           "node"
         ]
@@ -86385,7 +86386,7 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Privacy\n\nThis page describes n8n's data privacy practices.\n\n## GDPR\n\n### Data processing agreement\n\nFor Cloud versions of n8n, n8n is considered both a Controller and a Processor as defined by the GDPR. As a Processor, n8n implements policies and practices that secure the personal data you send to the platform, and includes a [Data Processing Agreement](https://n8n.io/legal/#data) as part of the company's standard [Terms of Service](https://n8n.io/legal/#terms).\n\nThe n8n Data Processing Agreement includes the [Standard Contractual Clauses (SCCs)](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). These clarify how n8n handles your data, and they update n8n's GDPR policies to cover the latest standards set by the European Commission.\n\nYou can find a list of n8n sub-processors [here](#sub-processors).\n\nSelf-hosted n8n\n\nFor self-hosted versions, n8n is neither a Controller nor a Processor, as we don't manage your data\n\n### Submitting an account deletion request\n\nEmail help@n8n.io to make an account deletion request.\n\n### Sub-processors\n\nThis is a list of sub-processors authorized to process customer data for n8n's service. n8n audits each sub-processor's security controls and applicable regulations for the protection of personal data.\n\n| Sub-processor name | Purpose                | Contact details                                                                                                                                         | Geographic location of processing |\n| ------------------ | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- |\n| Microsoft Azure    | Cloud service provider | Microsoft Azure 1 Microsoft Way Redmond WA 98052 USA Contact information: https://privacy.microsoft.com/en-GB/privacystatement#mainhowtocontactusmodule | Germany (West Central Region)     |\n| Hetzner Online     | Cloud service provider | Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Germany data-protection@hetzner.com                                                             | Germany                           |\n| OpenAI             | AI provider            | 1455 3rd Street San Francisco, CA 94158 United States                                                                                                   | US                                |\n| Anthropic          | AI provider            | Anthropic Ireland, Limited 6th Floor South Bank House, Barrow Street, Dublin 4 Ireland                                                                  | US                                |\n| Google Vertex AI   | AI provider            | Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States                                                                           | EU, US                            |\n| LangChain          | AI provider            | LangChain, Inc. Delaware                                                                                                                                | US                                |\n\nSubscribe [here](https://n8n-community.typeform.com/to/FdeRxSkH?typeform-source=n8n.io) to receive updates when n8n adds or changes a sub-processor.\n\n### GDPR for self-hosted users\n\nIf you self-host n8n, you are responsible for deleting user data. If you need to delete data on behalf of one of your users, you can delete the respective execution. n8n recommends configuring n8n to prune execution data automatically every few days to avoid effortful GDPR request handling as much as possible. Configure this using the `EXECUTIONS_DATA_MAX_AGE` environment variable. Refer to [Environment variables](../../hosting/configuration/environment-variables/) for more information.\n\n## Data collection\n\nn8n collects selected usage and performance data to help diagnose problems and improve the platform. Read about how n8n stores and processes this information in the [privacy policy](https://n8n.io/legal/#privacy).\n\nThe data gathered is different in self-hosted n8n and n8n Cloud.\n\n### Data collection in self-hosted n8n\n\nn8n takes care to keep self-hosted data anonymous and avoids collecting sensitive data.\n\n#### What n8n collects\n\n- Error codes and messages of failed executions (excluding any payload data, and not for custom nodes)\n- Error reports for app crashes and API issues\n- The graph of a workflow (types of nodes used and how they're connected)\n- From node parameters:\n  - The 'resource' and 'operation' that a node is set to (if applicable)\n  - For HTTP request nodes, the domain, path, and method (with personal data anonymized)\n- Data around workflow executions:\n  - Status\n  - The user ID of the user who ran the execution\n  - The first time a workflow loads data from an external source\n  - The first successful production (non-manual) workflow execution\n- The domain of webhook calls, if specified (excluding subdomain).\n- Details on how the UI is used (for example, navigation, nodes panel searches)\n- Diagnostic information:\n  - n8n version\n  - Selected settings:\n    - DB_TYPE\n    - N8N_VERSION_NOTIFICATIONS_ENABLED\n    - N8N_DISABLE_PRODUCTION_MAIN_PROCESS\n    - [Execution variables](../../hosting/configuration/environment-variables/executions/)\n  - OS, RAM, and CPUs\n  - Anonymous instance ID\n- IP address\n\n#### What n8n doesn't collect\n\nn8n doesn't collect private or sensitive information, such as:\n\n- Personally identifiable information (except IP address)\n- Credential information\n- Node parameters (except 'resource' and 'operation')\n- Execution data\n- Sensitive settings (for example, endpoints, ports, DB connections, username/password)\n- Error payloads\n\n#### How collection works\n\nMost data is sent to n8n as events that generate it occur. Workflow execution counts and an instance pulse are sent periodically (every 6 hours).\n\n#### Opting out of telemetry\n\nTelemetry collection is enabled by default. To disable it you can configure the following environment variables.\n\nTo opt out of telemetry events:\n\n```\nexport N8N_DIAGNOSTICS_ENABLED=false\n```\n\nTo opt out of checking for new versions of n8n:\n\n```\nexport N8N_VERSION_NOTIFICATIONS_ENABLED=false\n```\n\nTo disable the templates feature (prevents background health check calls):\n\n```\nexport N8N_TEMPLATES_ENABLED=false\n```\n\nSee [configuration](../../hosting/configuration/configuration-methods/) for more info on how to set environment variables.\n\n### Data collection in n8n Cloud\n\nn8n Cloud collects everything listed in [Data collection in self-hosted n8n](#data-collection-in-self-hosted-n8n).\n\nAdditionally, in n8n Cloud, n8n uses [PostHog](https://posthog.com/) to track events and visualise usage, including using session recordings. Session recordings comprise the data seen by a user on screen, with the exception of credential values. n8n's product team uses this data to improve the product. All recordings are deleted after 21 days.\n\n### AI in n8n\n\nTo provide enhanced assistance, n8n integrates AI-powered features that leverage Large Language Models (LLMs).\n\n#### How n8n uses AI\n\nTo assist and improve user experience, n8n may send specific context data to LLMs. This context data is strictly limited to information about the current workflow. n8n does not send any values from credential fields or actual output data to AI services. The data will not be incorporated, used, or retained to train the models of the AI services. Any data will be deleted after 30 days.\n\n#### When n8n shares data\n\nData is only sent to AI services if workspaces have opted in to use the assistant. The Assistant is enabled by default for n8n Cloud users. When a workspace opts in to use the assistant, node-specific data is transmitted only during direct interactions and active sessions with the AI assistant, ensuring no unnecessary data sharing occurs.\n\n#### What n8n shares\n\n- **General Workflow Information**: This includes details about which nodes are present in your workflow, the number of items currently in the workflow, and whether the workflow is active.\n- **Input & Output Schemas of Nodes**: This includes the schema of all nodes with incoming data and the output schema of a node in question. We do not send the actual data value of the schema.\n- **Node Configuration**: This includes the operations, options, and settings chosen in the referenced node.\n- **Code and Expressions**: This includes any code or expressions in the node in question to help with debugging potential issues and optimizations.\n\n#### What n8n doesn't share\n\n- **Credentials**: Any values of the credential fields of your nodes.\n- **Output Data**: The actual data processed by your workflows.\n- **Sensitive Information**: Any personally identifiable information or other sensitive data that could compromise your privacy or security that you have not explicitly mentioned in node parameters or your code of a [Code Node](../../integrations/builtin/core-nodes/n8n-nodes-base.code/).\n\n### Documentation telemetry\n\nn8n's documentation (this website) uses cookies to recognize your repeated visits and preferences, as well as to measure the effectiveness of n8n's documentation and whether users find what they're searching for. With your consent, you're helping n8n to make our documentation better. You can control cookie consent using the cookie widget.\n\n## Retention and deletion of personal identifiable data\n\nPID (personal identifiable data) is data that's personal to you and would identify you as an individual.\n\n### n8n Cloud\n\n#### PID retention\n\nn8n only retains data for as long as necessary to provide the core service.\n\nFor n8n Cloud, n8n stores your workflow code, credentials, and other data indefinitely, until you choose to delete it or close your account. The platform stores execution data according to the retention rules on your account.\n\nn8n deletes most internal application logs and logs tied to subprocessors within 90 days. The company retains a subset of logs for longer periods where required for security investigations.\n\n#### PID deletion\n\nIf you choose to delete your n8n account, n8n deletes all customer data and event data associated with your account. n8n deletes customer data in backups within 90 days.\n\n### Self-hosted\n\nSelf-hosted users should have their own PID policy and data deletion processes. Refer to [What you can do](../what-you-can-do/) for more information.\n\n## Payment processor\n\nn8n uses Paddle.com to process payments. When you sign up for a paid plan, Paddle transmits and stores the details of your payment method according to their security policy. n8n stores no information about your payment method.\n",
+        "markdown": "# Privacy\n\nThis page describes n8n's data privacy practices.\n\n## GDPR\n\n### Data processing agreement\n\nFor Cloud versions of n8n, n8n is considered both a Controller and a Processor as defined by the GDPR. As a Processor, n8n implements policies and practices that secure the personal data you send to the platform, and includes a [Data Processing Agreement](https://n8n.io/legal/#data) as part of the company's standard [Terms of Service](https://n8n.io/legal/#terms).\n\nThe n8n Data Processing Agreement includes the [Standard Contractual Clauses (SCCs)](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). These clarify how n8n handles your data, and they update n8n's GDPR policies to cover the latest standards set by the European Commission.\n\nYou can find a list of n8n sub-processors [here](#sub-processors).\n\nSelf-hosted n8n\n\nFor self-hosted versions, n8n is neither a Controller nor a Processor, as we don't manage your data\n\n### Submitting an account deletion request\n\nEmail help@n8n.io to make an account deletion request.\n\n### Sub-processors\n\nThis is a list of sub-processors authorized to process customer data for n8n's service. n8n audits each sub-processor's security controls and applicable regulations for the protection of personal data.\n\n| Sub-processor name | Purpose                | Contact details                                                                                                                                         | Geographic location of processing |\n| ------------------ | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- |\n| Microsoft Azure    | Cloud service provider | Microsoft Azure 1 Microsoft Way Redmond WA 98052 USA Contact information: https://privacy.microsoft.com/en-GB/privacystatement#mainhowtocontactusmodule | EU (for example, Germany, Sweden) |\n| Hetzner Online     | Cloud service provider | Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Germany data-protection@hetzner.com                                                             | Germany                           |\n| OpenAI             | AI provider            | 1455 3rd Street San Francisco, CA 94158 United States                                                                                                   | US                                |\n| Anthropic          | AI provider            | Anthropic Ireland, Limited 6th Floor South Bank House, Barrow Street, Dublin 4 Ireland                                                                  | US                                |\n| Google Vertex AI   | AI provider            | Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States                                                                           | EU, US                            |\n| LangChain          | AI provider            | LangChain, Inc. Delaware                                                                                                                                | US                                |\n\nSubscribe [here](https://n8n-community.typeform.com/to/FdeRxSkH?typeform-source=n8n.io) to receive updates when n8n adds or changes a sub-processor.\n\n### GDPR for self-hosted users\n\nIf you self-host n8n, you are responsible for deleting user data. If you need to delete data on behalf of one of your users, you can delete the respective execution. n8n recommends configuring n8n to prune execution data automatically every few days to avoid effortful GDPR request handling as much as possible. Configure this using the `EXECUTIONS_DATA_MAX_AGE` environment variable. Refer to [Environment variables](../../hosting/configuration/environment-variables/) for more information.\n\n## Data collection\n\nn8n collects selected usage and performance data to help diagnose problems and improve the platform. Read about how n8n stores and processes this information in the [privacy policy](https://n8n.io/legal/#privacy).\n\nThe data gathered is different in self-hosted n8n and n8n Cloud.\n\n### Data collection in self-hosted n8n\n\nn8n takes care to keep self-hosted data anonymous and avoids collecting sensitive data.\n\n#### What n8n collects\n\n- Error codes and messages of failed executions (excluding any payload data, and not for custom nodes)\n- Error reports for app crashes and API issues\n- The graph of a workflow (types of nodes used and how they're connected)\n- From node parameters:\n  - The 'resource' and 'operation' that a node is set to (if applicable)\n  - For HTTP request nodes, the domain, path, and method (with personal data anonymized)\n- Data around workflow executions:\n  - Status\n  - The user ID of the user who ran the execution\n  - The first time a workflow loads data from an external source\n  - The first successful production (non-manual) workflow execution\n- The domain of webhook calls, if specified (excluding subdomain).\n- Details on how the UI is used (for example, navigation, nodes panel searches)\n- Diagnostic information:\n  - n8n version\n  - Selected settings:\n    - DB_TYPE\n    - N8N_VERSION_NOTIFICATIONS_ENABLED\n    - N8N_DISABLE_PRODUCTION_MAIN_PROCESS\n    - [Execution variables](../../hosting/configuration/environment-variables/executions/)\n  - OS, RAM, and CPUs\n  - Anonymous instance ID\n- IP address\n\n#### What n8n doesn't collect\n\nn8n doesn't collect private or sensitive information, such as:\n\n- Personally identifiable information (except IP address)\n- Credential information\n- Node parameters (except 'resource' and 'operation')\n- Execution data\n- Sensitive settings (for example, endpoints, ports, DB connections, username/password)\n- Error payloads\n\n#### How collection works\n\nMost data is sent to n8n as events that generate it occur. Workflow execution counts and an instance pulse are sent periodically (every 6 hours).\n\n#### Opting out of telemetry\n\nTelemetry collection is enabled by default. To disable it you can configure the following environment variables.\n\nTo opt out of telemetry events:\n\n```\nexport N8N_DIAGNOSTICS_ENABLED=false\n```\n\nTo opt out of checking for new versions of n8n:\n\n```\nexport N8N_VERSION_NOTIFICATIONS_ENABLED=false\n```\n\nTo disable the templates feature (prevents background health check calls):\n\n```\nexport N8N_TEMPLATES_ENABLED=false\n```\n\nSee [configuration](../../hosting/configuration/configuration-methods/) for more info on how to set environment variables.\n\n### Data collection in n8n Cloud\n\nn8n Cloud collects everything listed in [Data collection in self-hosted n8n](#data-collection-in-self-hosted-n8n).\n\nAdditionally, in n8n Cloud, n8n uses [PostHog](https://posthog.com/) to track events and visualise usage, including using session recordings. Session recordings comprise the data seen by a user on screen, with the exception of credential values. n8n's product team uses this data to improve the product. All recordings are deleted after 21 days.\n\n### AI in n8n\n\nTo provide enhanced assistance, n8n integrates AI-powered features that leverage Large Language Models (LLMs).\n\n#### How n8n uses AI\n\nTo assist and improve user experience, n8n may send specific context data to LLMs. This context data is strictly limited to information about the current workflow. n8n does not send any values from credential fields or actual output data to AI services. The data will not be incorporated, used, or retained to train the models of the AI services. Any data will be deleted after 30 days.\n\n#### When n8n shares data\n\nData is only sent to AI services if workspaces have opted in to use the assistant. The Assistant is enabled by default for n8n Cloud users. When a workspace opts in to use the assistant, node-specific data is transmitted only during direct interactions and active sessions with the AI assistant, ensuring no unnecessary data sharing occurs.\n\n#### What n8n shares\n\n- **General Workflow Information**: This includes details about which nodes are present in your workflow, the number of items currently in the workflow, and whether the workflow is active.\n- **Input & Output Schemas of Nodes**: This includes the schema of all nodes with incoming data and the output schema of a node in question. We do not send the actual data value of the schema.\n- **Node Configuration**: This includes the operations, options, and settings chosen in the referenced node.\n- **Code and Expressions**: This includes any code or expressions in the node in question to help with debugging potential issues and optimizations.\n\n#### What n8n doesn't share\n\n- **Credentials**: Any values of the credential fields of your nodes.\n- **Output Data**: The actual data processed by your workflows.\n- **Sensitive Information**: Any personally identifiable information or other sensitive data that could compromise your privacy or security that you have not explicitly mentioned in node parameters or your code of a [Code Node](../../integrations/builtin/core-nodes/n8n-nodes-base.code/).\n\n### Documentation telemetry\n\nn8n's documentation (this website) uses cookies to recognize your repeated visits and preferences, as well as to measure the effectiveness of n8n's documentation and whether users find what they're searching for. With your consent, you're helping n8n to make our documentation better. You can control cookie consent using the cookie widget.\n\n## Retention and deletion of personal identifiable data\n\nPID (personal identifiable data) is data that's personal to you and would identify you as an individual.\n\n### n8n Cloud\n\n#### PID retention\n\nn8n only retains data for as long as necessary to provide the core service.\n\nFor n8n Cloud, n8n stores your workflow code, credentials, and other data indefinitely, until you choose to delete it or close your account. The platform stores execution data according to the retention rules on your account.\n\nn8n deletes most internal application logs and logs tied to subprocessors within 90 days. The company retains a subset of logs for longer periods where required for security investigations.\n\n#### PID deletion\n\nIf you choose to delete your n8n account, n8n deletes all customer data and event data associated with your account. n8n deletes customer data in backups within 90 days.\n\n### Self-hosted\n\nSelf-hosted users should have their own PID policy and data deletion processes. Refer to [What you can do](../what-you-can-do/) for more information.\n\n## Payment processor\n\nn8n uses Paddle.com to process payments. When you sign up for a paid plan, Paddle transmits and stores the details of your payment method according to their security policy. n8n stores no information about your payment method.\n",
         "excerpt": "# Privacy  This page describes n8n's data privacy practices.  ## GDPR  ### Data processing agreement  For Cloud versions of n8n, n8n is considered both a Controller and a Processor as defined by the GDPR. As a Processor, n8n implements policies and practices that secure the personal data you send to the platform, and includes a [Data Processing Agreement](https://n8n.io/legal/#data) as part of the company's standard [Terms of Service](https://n8n.io/legal/#terms).  The n8n Data Processing Agreem...",
         "sections": [
           {
@@ -86439,7 +86440,7 @@
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "privacy # privacy\n\nthis page describes n8n's data privacy practices.\n\n## gdpr\n\n### data processing agreement\n\nfor cloud versions of n8n, n8n is considered both a controller and a processor as defined by the gdpr. as a processor, n8n implements policies and practices that secure the personal data you send to the platform, and includes a [data processing agreement](https://n8n.io/legal/#data) as part of the company's standard [terms of service](https://n8n.io/legal/#terms).\n\nthe n8n data processing agreement includes the [standard contractual clauses (sccs)](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). these clarify how n8n handles your data, and they update n8n's gdpr policies to cover the latest standards set by the european commission.\n\nyou can find a list of n8n sub-processors [here](#sub-processors).\n\nself-hosted n8n\n\nfor self-hosted versions, n8n is neither a controller nor a processor, as we don't manage your data\n\n### submitting an account deletion request\n\nemail help@n8n.io to make an account deletion request.\n\n### sub-processors\n\nthis is a list of sub-processors authorized to process customer data for n8n's service. n8n audits each sub-processor's security controls and applicable regulations for the protection of personal data.\n\n| sub-processor name | purpose                | contact details                                                                                                                                         | geographic location of processing |\n| ------------------ | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- |\n| microsoft azure    | cloud service provider | microsoft azure 1 microsoft way redmond wa 98052 usa contact information: https://privacy.microsoft.com/en-gb/privacystatement#mainhowtocontactusmodule | germany (west central region)     |\n| hetzner online     | cloud service provider | hetzner online gmbh industriestr. 25 91710 gunzenhausen germany data-protection@hetzner.com                                                             | germany                           |\n| openai             | ai provider            | 1455 3rd street san francisco, ca 94158 united states                                                                                                   | us                                |\n| anthropic          | ai provider            | anthropic ireland, limited 6th floor south bank house, barrow street, dublin 4 ireland                                                                  | us                                |\n| google vertex ai   | ai provider            | google llc, 1600 amphitheatre parkway, mountain view, ca 94043, united states                                                                           | eu, us                            |\n| langchain          | ai provider            | langchain, inc. delaware                                                                                                                                | us                                |\n\nsubscribe [here](https://n8n-community.typeform.com/to/fderxskh?typeform-source=n8n.io) to receive updates when n8n adds or changes a sub-processor.\n\n### gdpr for self-hosted users\n\nif you self-host n8n, you are responsible for deleting user data. if you need to delete data on behalf of one of your users, you can delete the respective execution. n8n recommends configuring n8n to prune execution data automatically every few days to avoid effortful gdpr request handling as much as possible. configure this using the `executions_data_max_age` environment variable. refer to [environment variables](../../hosting/configuration/environment-variables/) for more information.\n\n## data collection\n\nn8n collects selected usage and performance data to help diagnose problems and improve the platform. read about how n8n stores and processes this information in the [privacy policy](https://n8n.io/legal/#privacy).\n\nthe data gathered is different in self-hosted n8n and n8n cloud.\n\n### data collection in self-hosted n8n\n\nn8n takes care to keep self-hosted data anonymous and avoids collecting sensitive data.\n\n#### what n8n collects\n\n- error codes and messages of failed executions (excluding any payload data, and not for custom nodes)\n- error reports for app crashes and api issues\n- the graph of a workflow (types of nodes used and how they're connected)\n- from node parameters:\n  - the 'resource' and 'operation' that a node is set to (if applicable)\n  - for http request nodes, the domain, path, and method (with personal data anonymized)\n- data around workflow executions:\n  - status\n  - the user id of the user who ran the execution\n  - the first time a workflow loads data from an external source\n  - the first successful production (non-manual) workflow execution\n- the domain of webhook calls, if specified (excluding subdomain).\n- details on how the ui is used (for example, navigation, nodes panel searches)\n- diagnostic information:\n  - n8n version\n  - selected settings:\n    - db_type\n    - n8n_version_notifications_enabled\n    - n8n_disable_production_main_process\n    - [execution variables](../../hosting/configuration/environment-variables/executions/)\n  - os, ram, and cpus\n  - anonymous instance id\n- ip address\n\n#### what n8n doesn't collect\n\nn8n doesn't collect private or sensitive information, such as:\n\n- personally identifiable information (except ip address)\n- credential information\n- node parameters (except 'resource' and 'operation')\n- execution data\n- sensitive settings (for example, endpoints, ports, db connections, username/password)\n- error payloads\n\n#### how collection works\n\nmost data is sent to n8n as events that generate it occur. workflow execution counts and an instance pulse are sent periodically (every 6 hours).\n\n#### opting out of telemetry\n\ntelemetry collection is enabled by default. to disable it you can configure the following environment variables.\n\nto opt out of telemetry events:\n\n```\nexport n8n_diagnostics_enabled=false\n```\n\nto opt out of checking for new versions of n8n:\n\n```\nexport n8n_version_notifications_enabled=false\n```\n\nto disable the templates feature (prevents background health check calls):\n\n```\nexport n8n_templates_enabled=false\n```\n\nsee [configuration](../../hosting/configuration/configuration-methods/) for more info on how to set environment variables.\n\n### data collection in n8n cloud\n\nn8n cloud collects everything listed in [data collection in self-hosted n8n](#data-collection-in-self-hosted-n8n).\n\nadditionally, in n8n cloud, n8n uses [posthog](https://posthog.com/) to track events and visualise usage, including using session recordings. session recordings comprise the data seen by a user on screen, with the exception of credential values. n8n's product team uses this data to improve the product. all recordings are deleted after 21 days.\n\n### ai in n8n\n\nto provide enhanced assistance, n8n integrates ai-powered features that leverage large language models (llms).\n\n#### how n8n uses ai\n\nto assist and improve user experience, n8n may send specific context data to llms. this context data is strictly limited to information about the current workflow. n8n does not send any values from credential fields or actual output data to ai services. the data will not be incorporated, used, or retained to train the models of the ai services. any data will be deleted after 30 days.\n\n#### when n8n shares data\n\ndata is only sent to ai services if workspaces have opted in to use the assistant. the assistant is enabled by default for n8n cloud users. when a workspace opts in to use the assistant, node-specific data is transmitted only during direct interactions and active sessions with the ai assistant, ensuring no unnecessary data sharing occurs.\n\n#### what n8n shares\n\n- **general workflow information**: this includes details about which nodes are present in your workflow, the number of items currently in the workflow, and whether the workflow is active.\n- **input & output schemas of nodes**: this includes the schema of all nodes with incoming data and the output schema of a node in question. we do not send the actual data value of the schema.\n- **node configuration**: this includes the operations, options, and settings chosen in the referenced node.\n- **code and expressions**: this includes any code or expressions in the node in question to help with debugging potential issues and optimizations.\n\n#### what n8n doesn't share\n\n- **credentials**: any values of the credential fields of your nodes.\n- **output data**: the actual data processed by your workflows.\n- **sensitive information**: any personally identifiable information or other sensitive data that could compromise your privacy or security that you have not explicitly mentioned in node parameters or your code of a [code node](../../integrations/builtin/core-nodes/n8n-nodes-base.code/).\n\n### documentation telemetry\n\nn8n's documentation (this website) uses cookies to recognize your repeated visits and preferences, as well as to measure the effectiveness of n8n's documentation and whether users find what they're searching for. with your consent, you're helping n8n to make our documentation better. you can control cookie consent using the cookie widget.\n\n## retention and deletion of personal identifiable data\n\npid (personal identifiable data) is data that's personal to you and would identify you as an individual.\n\n### n8n cloud\n\n#### pid retention\n\nn8n only retains data for as long as necessary to provide the core service.\n\nfor n8n cloud, n8n stores your workflow code, credentials, and other data indefinitely, until you choose to delete it or close your account. the platform stores execution data according to the retention rules on your account.\n\nn8n deletes most internal a",
+        "fullText": "privacy # privacy\n\nthis page describes n8n's data privacy practices.\n\n## gdpr\n\n### data processing agreement\n\nfor cloud versions of n8n, n8n is considered both a controller and a processor as defined by the gdpr. as a processor, n8n implements policies and practices that secure the personal data you send to the platform, and includes a [data processing agreement](https://n8n.io/legal/#data) as part of the company's standard [terms of service](https://n8n.io/legal/#terms).\n\nthe n8n data processing agreement includes the [standard contractual clauses (sccs)](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). these clarify how n8n handles your data, and they update n8n's gdpr policies to cover the latest standards set by the european commission.\n\nyou can find a list of n8n sub-processors [here](#sub-processors).\n\nself-hosted n8n\n\nfor self-hosted versions, n8n is neither a controller nor a processor, as we don't manage your data\n\n### submitting an account deletion request\n\nemail help@n8n.io to make an account deletion request.\n\n### sub-processors\n\nthis is a list of sub-processors authorized to process customer data for n8n's service. n8n audits each sub-processor's security controls and applicable regulations for the protection of personal data.\n\n| sub-processor name | purpose                | contact details                                                                                                                                         | geographic location of processing |\n| ------------------ | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- |\n| microsoft azure    | cloud service provider | microsoft azure 1 microsoft way redmond wa 98052 usa contact information: https://privacy.microsoft.com/en-gb/privacystatement#mainhowtocontactusmodule | eu (for example, germany, sweden) |\n| hetzner online     | cloud service provider | hetzner online gmbh industriestr. 25 91710 gunzenhausen germany data-protection@hetzner.com                                                             | germany                           |\n| openai             | ai provider            | 1455 3rd street san francisco, ca 94158 united states                                                                                                   | us                                |\n| anthropic          | ai provider            | anthropic ireland, limited 6th floor south bank house, barrow street, dublin 4 ireland                                                                  | us                                |\n| google vertex ai   | ai provider            | google llc, 1600 amphitheatre parkway, mountain view, ca 94043, united states                                                                           | eu, us                            |\n| langchain          | ai provider            | langchain, inc. delaware                                                                                                                                | us                                |\n\nsubscribe [here](https://n8n-community.typeform.com/to/fderxskh?typeform-source=n8n.io) to receive updates when n8n adds or changes a sub-processor.\n\n### gdpr for self-hosted users\n\nif you self-host n8n, you are responsible for deleting user data. if you need to delete data on behalf of one of your users, you can delete the respective execution. n8n recommends configuring n8n to prune execution data automatically every few days to avoid effortful gdpr request handling as much as possible. configure this using the `executions_data_max_age` environment variable. refer to [environment variables](../../hosting/configuration/environment-variables/) for more information.\n\n## data collection\n\nn8n collects selected usage and performance data to help diagnose problems and improve the platform. read about how n8n stores and processes this information in the [privacy policy](https://n8n.io/legal/#privacy).\n\nthe data gathered is different in self-hosted n8n and n8n cloud.\n\n### data collection in self-hosted n8n\n\nn8n takes care to keep self-hosted data anonymous and avoids collecting sensitive data.\n\n#### what n8n collects\n\n- error codes and messages of failed executions (excluding any payload data, and not for custom nodes)\n- error reports for app crashes and api issues\n- the graph of a workflow (types of nodes used and how they're connected)\n- from node parameters:\n  - the 'resource' and 'operation' that a node is set to (if applicable)\n  - for http request nodes, the domain, path, and method (with personal data anonymized)\n- data around workflow executions:\n  - status\n  - the user id of the user who ran the execution\n  - the first time a workflow loads data from an external source\n  - the first successful production (non-manual) workflow execution\n- the domain of webhook calls, if specified (excluding subdomain).\n- details on how the ui is used (for example, navigation, nodes panel searches)\n- diagnostic information:\n  - n8n version\n  - selected settings:\n    - db_type\n    - n8n_version_notifications_enabled\n    - n8n_disable_production_main_process\n    - [execution variables](../../hosting/configuration/environment-variables/executions/)\n  - os, ram, and cpus\n  - anonymous instance id\n- ip address\n\n#### what n8n doesn't collect\n\nn8n doesn't collect private or sensitive information, such as:\n\n- personally identifiable information (except ip address)\n- credential information\n- node parameters (except 'resource' and 'operation')\n- execution data\n- sensitive settings (for example, endpoints, ports, db connections, username/password)\n- error payloads\n\n#### how collection works\n\nmost data is sent to n8n as events that generate it occur. workflow execution counts and an instance pulse are sent periodically (every 6 hours).\n\n#### opting out of telemetry\n\ntelemetry collection is enabled by default. to disable it you can configure the following environment variables.\n\nto opt out of telemetry events:\n\n```\nexport n8n_diagnostics_enabled=false\n```\n\nto opt out of checking for new versions of n8n:\n\n```\nexport n8n_version_notifications_enabled=false\n```\n\nto disable the templates feature (prevents background health check calls):\n\n```\nexport n8n_templates_enabled=false\n```\n\nsee [configuration](../../hosting/configuration/configuration-methods/) for more info on how to set environment variables.\n\n### data collection in n8n cloud\n\nn8n cloud collects everything listed in [data collection in self-hosted n8n](#data-collection-in-self-hosted-n8n).\n\nadditionally, in n8n cloud, n8n uses [posthog](https://posthog.com/) to track events and visualise usage, including using session recordings. session recordings comprise the data seen by a user on screen, with the exception of credential values. n8n's product team uses this data to improve the product. all recordings are deleted after 21 days.\n\n### ai in n8n\n\nto provide enhanced assistance, n8n integrates ai-powered features that leverage large language models (llms).\n\n#### how n8n uses ai\n\nto assist and improve user experience, n8n may send specific context data to llms. this context data is strictly limited to information about the current workflow. n8n does not send any values from credential fields or actual output data to ai services. the data will not be incorporated, used, or retained to train the models of the ai services. any data will be deleted after 30 days.\n\n#### when n8n shares data\n\ndata is only sent to ai services if workspaces have opted in to use the assistant. the assistant is enabled by default for n8n cloud users. when a workspace opts in to use the assistant, node-specific data is transmitted only during direct interactions and active sessions with the ai assistant, ensuring no unnecessary data sharing occurs.\n\n#### what n8n shares\n\n- **general workflow information**: this includes details about which nodes are present in your workflow, the number of items currently in the workflow, and whether the workflow is active.\n- **input & output schemas of nodes**: this includes the schema of all nodes with incoming data and the output schema of a node in question. we do not send the actual data value of the schema.\n- **node configuration**: this includes the operations, options, and settings chosen in the referenced node.\n- **code and expressions**: this includes any code or expressions in the node in question to help with debugging potential issues and optimizations.\n\n#### what n8n doesn't share\n\n- **credentials**: any values of the credential fields of your nodes.\n- **output data**: the actual data processed by your workflows.\n- **sensitive information**: any personally identifiable information or other sensitive data that could compromise your privacy or security that you have not explicitly mentioned in node parameters or your code of a [code node](../../integrations/builtin/core-nodes/n8n-nodes-base.code/).\n\n### documentation telemetry\n\nn8n's documentation (this website) uses cookies to recognize your repeated visits and preferences, as well as to measure the effectiveness of n8n's documentation and whether users find what they're searching for. with your consent, you're helping n8n to make our documentation better. you can control cookie consent using the cookie widget.\n\n## retention and deletion of personal identifiable data\n\npid (personal identifiable data) is data that's personal to you and would identify you as an individual.\n\n### n8n cloud\n\n#### pid retention\n\nn8n only retains data for as long as necessary to provide the core service.\n\nfor n8n cloud, n8n stores your workflow code, credentials, and other data indefinitely, until you choose to delete it or close your account. the platform stores execution data according to the retention rules on your account.\n\nn8n deletes most internal a",
         "importantTerms": [
           "data",
           "your",
@@ -87172,13 +87173,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Source control and environments\n\nFeature availability\n\n- Available on Enterprise.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nn8n uses Git-based source control to support environments. Linking your n8n instances to a Git repository lets you create multiple n8n environments, backed by Git branches.\n\nIn this section:\n\n- [Understand](understand/):\n  - [Environments in n8n](understand/environments/): The purpose of environments, and how they work in n8n.\n  - [Git and n8n](understand/git/): How n8n uses Git.\n  - [Branch patterns](understand/patterns/): The possible relationships between n8n instances and Git branches.\n- [Set up source control for environments](setup/): How to connect your n8n instance to Git.\n- [Using](using/):\n  - [Push and pull](using/push-pull/): Send work to Git, and fetch work from Git to your instance.\n  - [Copy work between environments](using/copy-work/): How to copy work between different n8n instances.\n- [Tutorial: Create environments with source control](create-environments/): An end-to-end tutorial, setting up environments using n8n's recommended configurations.\n\nRelated sections:\n\n- [Variables](../code/variables/): reusable values.\n- [External secrets](../external-secrets/): manage [credentials](../glossary/#credential-n8n) with an external secrets vault.\n",
-        "excerpt": "# Source control and environments  Feature availability  - Available on Enterprise. - You must be an n8n instance owner or instance admin to enable and configure source control. - Instance owners and instance admins can push changes to and pull changes from the connected repository. - Project admins can push changes to the connected repository. They can't pull changes from the repository.  n8n uses Git-based source control to support environments. Linking your n8n instances to a Git repository l...",
+        "markdown": "# Source control and environments\n\nFeature availability\n\n- Available on Business and Enterprise plans.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nn8n uses Git-based source control to support environments. Linking your n8n instances to a Git repository lets you create multiple n8n environments, backed by Git branches.\n\nIn this section:\n\n- [Understand](understand/):\n  - [Environments in n8n](understand/environments/): The purpose of environments, and how they work in n8n.\n  - [Git and n8n](understand/git/): How n8n uses Git.\n  - [Branch patterns](understand/patterns/): The possible relationships between n8n instances and Git branches.\n- [Set up source control for environments](setup/): How to connect your n8n instance to Git.\n- [Using](using/):\n  - [Push and pull](using/push-pull/): Send work to Git, and fetch work from Git to your instance.\n  - [Copy work between environments](using/copy-work/): How to copy work between different n8n instances.\n- [Tutorial: Create environments with source control](create-environments/): An end-to-end tutorial, setting up environments using n8n's recommended configurations.\n\nRelated sections:\n\n- [Variables](../code/variables/): reusable values.\n- [External secrets](../external-secrets/): manage [credentials](../glossary/#credential-n8n) with an external secrets vault.\n",
+        "excerpt": "# Source control and environments  Feature availability  - Available on Business and Enterprise plans. - You must be an n8n instance owner or instance admin to enable and configure source control. - Instance owners and instance admins can push changes to and pull changes from the connected repository. - Project admins can push changes to the connected repository. They can't pull changes from the repository.  n8n uses Git-based source control to support environments. Linking your n8n instances to...",
         "sections": [
           {
             "title": "Source control and environments",
             "level": 1,
-            "content": "Feature availability\n\n- Available on Enterprise.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nn8n uses Git-based source control to support environments. Linking your n8n instances to a Git repository lets you create multiple n8n environments, backed by Git branches.\n\nIn this section:\n\n- [Understand](understand/):\n  - [Environments in n8n](understand/environments/): The purpose of environments, and how they work in n8n.\n  - [Git and n8n](understand/git/): How n8n uses Git.\n  - [Branch patterns](understand/patterns/): The possible relationships between n8n instances and Git branches.\n- [Set up source control for environments](setup/): How to connect your n8n instance to Git.\n- [Using](using/):\n  - [Push and pull](using/push-pull"
+            "content": "Feature availability\n\n- Available on Business and Enterprise plans.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nn8n uses Git-based source control to support environments. Linking your n8n instances to a Git repository lets you create multiple n8n environments, backed by Git branches.\n\nIn this section:\n\n- [Understand](understand/):\n  - [Environments in n8n](understand/environments/): The purpose of environments, and how they work in n8n.\n  - [Git and n8n](understand/git/): How n8n uses Git.\n  - [Branch patterns](understand/patterns/): The possible relationships between n8n instances and Git branches.\n- [Set up source control for environments](setup/): How to connect your n8n instance to Git.\n- [Using](using/):\n  - [Push and pu"
           }
         ]
       },
@@ -87193,11 +87194,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 1568,
+        "contentLength": 1587,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "source control and environments # source control and environments\n\nfeature availability\n\n- available on enterprise.\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\nn8n uses git-based source control to support environments. linking your n8n instances to a git repository lets you create multiple n8n environments, backed by git branches.\n\nin this section:\n\n- [understand](understand/):\n  - [environments in n8n](understand/environments/): the purpose of environments, and how they work in n8n.\n  - [git and n8n](understand/git/): how n8n uses git.\n  - [branch patterns](understand/patterns/): the possible relationships between n8n instances and git branches.\n- [set up source control for environments](setup/): how to connect your n8n instance to git.\n- [using](using/):\n  - [push and pull](using/push-pull/): send work to git, and fetch work from git to your instance.\n  - [copy work between environments](using/copy-work/): how to copy work between different n8n instances.\n- [tutorial: create environments with source control](create-environments/): an end-to-end tutorial, setting up environments using n8n's recommended configurations.\n\nrelated sections:\n\n- [variables](../code/variables/): reusable values.\n- [external secrets](../external-secrets/): manage [credentials](../glossary/#credential-n8n) with an external secrets vault.\n source control and environments",
+        "fullText": "source control and environments # source control and environments\n\nfeature availability\n\n- available on business and enterprise plans.\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\nn8n uses git-based source control to support environments. linking your n8n instances to a git repository lets you create multiple n8n environments, backed by git branches.\n\nin this section:\n\n- [understand](understand/):\n  - [environments in n8n](understand/environments/): the purpose of environments, and how they work in n8n.\n  - [git and n8n](understand/git/): how n8n uses git.\n  - [branch patterns](understand/patterns/): the possible relationships between n8n instances and git branches.\n- [set up source control for environments](setup/): how to connect your n8n instance to git.\n- [using](using/):\n  - [push and pull](using/push-pull/): send work to git, and fetch work from git to your instance.\n  - [copy work between environments](using/copy-work/): how to copy work between different n8n instances.\n- [tutorial: create environments with source control](create-environments/): an end-to-end tutorial, setting up environments using n8n's recommended configurations.\n\nrelated sections:\n\n- [variables](../code/variables/): reusable values.\n- [external secrets](../external-secrets/): manage [credentials](../glossary/#credential-n8n) with an external secrets vault.\n source control and environments",
         "importantTerms": [
           "environments",
           "source",
@@ -87231,13 +87232,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Tutorial: Create environments with source control\n\nFeature availability\n\n- Available on Enterprise.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nThis tutorial walks through the process of setting up environments end-to-end. You'll create two environments: development and production. It uses GitHub as the Git provider. The process is similar for other providers.\n\nn8n has built its environments feature on top of Git, a version control software. You link an n8n instance to a Git branch, and use a push-pull pattern to move work between environments. You should have some understanding of environments and Git. If you need more information on these topics, refer to:\n\n- [Environments in n8n](../understand/environments/): the purpose of environments, and how they work in n8n.\n- [Git and n8n](../understand/git/): Git concepts and source control in n8n.\n\n## Choose your source control pattern\n\nBefore setting up source control and environments, you need to plan your environments, and how they relate to Git branches. n8n supports different [Branch patterns](../understand/patterns/). For environments, you need to choose between two patterns: multi-instance, multi-branch, or multi-instance, single-branch. This tutorial covers both patterns.\n\nRecommendation: don't push and pull to the same n8n instance\n\nYou can push work from an instance to a branch, and pull to the same instance. n8n doesn't recommend this. To reduce the risk of merge conflicts and overwriting work, try to create a process where work goes in one direction: either to Git, or from Git, but not both.\n\n### Multiple instances, multiple branches\n\nThe advantages of this pattern are:\n\n- An added safety layer to prevent changes getting into your production environment by mistake. You have to do a pull request in GitHub to copy work between environments.\n- It supports more than two instances.\n\nThe disadvantage is more manual steps to copy work between environments.\n\n### Multiple instances, one branch\n\nThe advantage of this pattern is that work is instantly available to other environments when you push from one instance.\n\nThe disadvantages are:\n\n- If you push by mistake, there is a risk the work will make it into your production instance. If you [use a GitHub Action to automate pulls](./#optional-use-a-github-action-to-automate-pulls) to production, you must either use the multi-instance, multi-branch pattern, or be careful to never push work that you don't want in production.\n- Pushing and pulling to the same instance can cause data loss as changes are overridden when performing these actions. You should set up processes to ensure content flows in one direction.\n\n## Set up your repository\n\nOnce you've chosen your pattern, you need to set up your GitHub repository.\n\n1. [Create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n   - Make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n   - Create the new repository with a README so you can immediately create branches.\n1. Create one branch named `production` and another named `development`. Refer to [Creating and deleting branches within your repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository) for guidance.\n\n[Create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n\n- Make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n- Create the new repository with a README. This creates the `main` branch, which you'll connect to.\n\n## Connect your n8n instances to your repository\n\nCreate two n8n instances, one for development, one for production.\n\n### Configure Git in n8n\n\n1. Go to **Settings** > **Environments**.\n1. Choose your connection method:\n   - **SSH**: In **Git repository URL**, enter the SSH URL for your repository (for example, `git@github.com:username/repo.git`).\n   - **HTTPS**: In **Git repository URL** enter the HTTPS URL for your repository (for example, `https://github.com/username/repo.git`).\n1. Configure authentication based on your connection method:\n   - **For SSH**: n8n supports ED25519 and RSA public key algorithms. ED25519 is the default. Select **RSA** under **SSH Key** if your git host requires RSA. Copy the SSH key.\n   - **For HTTPS**: Enter your credentials:\n     - **Username**: Your Git provider username.\n     - **Token**: Your Personal Access Token (PAT) from your Git provider.\n\n### Set up a deploy key\n\nSet up SSH access by creating a deploy key for the repository using the SSH key from n8n. The key must have write access. Refer to [GitHub | Managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys) for guidance.\n\n### Connect n8n and configure your instance\n\n1. In **Settings** > **Environments** in n8n, select **Connect**. n8n connects to your Git repository.\n\n1. Under **Instance settings**, choose which branch you want to use for the current n8n instance. Connect the production branch to the production instance, and the development branch to the development instance.\n\n1. Production instance only: select **Protected instance** to prevent users editing workflows in this instance.\n\n1. Select **Save settings**.\n\n1. In **Settings** > **Environments** in n8n, select **Connect**.\n\n1. Under **Instance settings**, select the main branch.\n\n1. Production instance only: select **Protected instance** to prevent users editing workflows in this instance.\n\n1. Select **Save settings**.\n\n## Push work from development\n\nIn your development instance, create a few workflows, tags, variables, and credentials.\n\nTo push work to Git:\n\n1. Select **Push** in the main menu.\n\n   View screenshot\n\n   Pull and push buttons when menu is closed\n\n   Pull and push buttons when menu is open\n\n1. In the **Commit and push changes** modal, select which workflows and data tables you want to push. You can filter by status (new, modified, deleted) and search for items. n8n automatically pushes tags, and variable and credential stubs.\n\nn8n pushes the current saved version, not the published version, of the workflow. You need to then separately publish versions on the remote server.\n\n1. Enter a commit message. This should be a one sentence description of the changes you're making.\n1. Select **Commit and Push**. n8n sends the work to Git, and displays a success message on completion.\n\n## Pull work to production\n\nYour work is now in GitHub. If you're using a multi-branch setup, it's on the development branch. If you chose the single-branch setup, it's on main.\n\n1. In GitHub, create a pull request to merge development into production.\n1. Merge the pull request.\n1. In your production instance, select **Pull** in the main menu.\n\nIn your production instance, select **Pull** in the main menu.\n\nView screenshot\n\nPull and push buttons when menu is closed\n\nPull and push buttons when menu is open\n\n### Optional: Use a GitHub Action to automate pulls\n\nIf you want to avoid logging in to your production instance to pull, you can use a [GitHub Action](https://docs.github.com/en/actions/creating-actions/about-custom-actions) and the [n8n API](../../api/) to automatically pull every time you push new work to your production or main branch.\n\nA GitHub Action example:\n\n```\nname: CI\non:\n  # Trigger the workflow on push or pull request events for the \"production\" branch\n  push:\n    branches: [ \"production\" ]\n  # Allows you to run this workflow manually from the Actions tab\n  workflow_dispatch:\njobs:\n  run-pull:\n    runs-on: ubuntu-latest\n    steps:\n      - name: PULL\n\t\t\t\t# Use GitHub secrets to protect sensitive information\n        run: >\n          curl --location '${{ secrets.INSTANCE_URL }}/version-control/pull' --header\n          'Content-Type: application/json' --header 'X-N8N-API-KEY: ${{ secrets.INSTANCE_API_KEY }}'\n```\n\n## Next steps\n\nLearn more about:\n\n- [Environments in n8n](../understand/environments/) and [Git and n8n](../understand/git/)\n- [Source control patterns](../understand/patterns/)\n",
-        "excerpt": "# Tutorial: Create environments with source control  Feature availability  - Available on Enterprise. - You must be an n8n instance owner or instance admin to enable and configure source control. - Instance owners and instance admins can push changes to and pull changes from the connected repository. - Project admins can push changes to the connected repository. They can't pull changes from the repository.  This tutorial walks through the process of setting up environments end-to-end. You'll cre...",
+        "markdown": "# Tutorial: Create environments with source control\n\nFeature availability\n\n- Available on Business and Enterprise plans.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nThis tutorial walks through the process of setting up environments end-to-end. You'll create two environments: development and production. It uses GitHub as the Git provider. The process is similar for other providers.\n\nn8n has built its environments feature on top of Git, a version control software. You link an n8n instance to a Git branch, and use a push-pull pattern to move work between environments. You should have some understanding of environments and Git. If you need more information on these topics, refer to:\n\n- [Environments in n8n](../understand/environments/): the purpose of environments, and how they work in n8n.\n- [Git and n8n](../understand/git/): Git concepts and source control in n8n.\n\n## Choose your source control pattern\n\nBefore setting up source control and environments, you need to plan your environments, and how they relate to Git branches. n8n supports different [Branch patterns](../understand/patterns/). For environments, you need to choose between two patterns: multi-instance, multi-branch, or multi-instance, single-branch. This tutorial covers both patterns.\n\nRecommendation: don't push and pull to the same n8n instance\n\nYou can push work from an instance to a branch, and pull to the same instance. n8n doesn't recommend this. To reduce the risk of merge conflicts and overwriting work, try to create a process where work goes in one direction: either to Git, or from Git, but not both.\n\n### Multiple instances, multiple branches\n\nThe advantages of this pattern are:\n\n- An added safety layer to prevent changes getting into your production environment by mistake. You have to do a pull request in GitHub to copy work between environments.\n- It supports more than two instances.\n\nThe disadvantage is more manual steps to copy work between environments.\n\n### Multiple instances, one branch\n\nThe advantage of this pattern is that work is instantly available to other environments when you push from one instance.\n\nThe disadvantages are:\n\n- If you push by mistake, there is a risk the work will make it into your production instance. If you [use a GitHub Action to automate pulls](./#optional-use-a-github-action-to-automate-pulls) to production, you must either use the multi-instance, multi-branch pattern, or be careful to never push work that you don't want in production.\n- Pushing and pulling to the same instance can cause data loss as changes are overridden when performing these actions. You should set up processes to ensure content flows in one direction.\n\n## Set up your repository\n\nOnce you've chosen your pattern, you need to set up your GitHub repository.\n\n1. [Create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n   - Make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n   - Create the new repository with a README so you can immediately create branches.\n1. Create one branch named `production` and another named `development`. Refer to [Creating and deleting branches within your repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository) for guidance.\n\n[Create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n\n- Make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n- Create the new repository with a README. This creates the `main` branch, which you'll connect to.\n\n## Connect your n8n instances to your repository\n\nCreate two n8n instances, one for development, one for production.\n\n### Configure Git in n8n\n\n1. Go to **Settings** > **Environments**.\n1. Choose your connection method:\n   - **SSH**: In **Git repository URL**, enter the SSH URL for your repository (for example, `git@github.com:username/repo.git`).\n   - **HTTPS**: In **Git repository URL** enter the HTTPS URL for your repository (for example, `https://github.com/username/repo.git`).\n1. Configure authentication based on your connection method:\n   - **For SSH**: n8n supports ED25519 and RSA public key algorithms. ED25519 is the default. Select **RSA** under **SSH Key** if your git host requires RSA. Copy the SSH key.\n   - **For HTTPS**: Enter your credentials:\n     - **Username**: Your Git provider username.\n     - **Token**: Your Personal Access Token (PAT) from your Git provider.\n\n### Set up a deploy key\n\nSet up SSH access by creating a deploy key for the repository using the SSH key from n8n. The key must have write access. Refer to [GitHub | Managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys) for guidance.\n\n### Connect n8n and configure your instance\n\n1. In **Settings** > **Environments** in n8n, select **Connect**. n8n connects to your Git repository.\n\n1. Under **Instance settings**, choose which branch you want to use for the current n8n instance. Connect the production branch to the production instance, and the development branch to the development instance.\n\n1. Production instance only: select **Protected instance** to prevent users editing workflows in this instance.\n\n1. Select **Save settings**.\n\n1. In **Settings** > **Environments** in n8n, select **Connect**.\n\n1. Under **Instance settings**, select the main branch.\n\n1. Production instance only: select **Protected instance** to prevent users editing workflows in this instance.\n\n1. Select **Save settings**.\n\n## Push work from development\n\nIn your development instance, create a few workflows, tags, variables, and credentials.\n\nTo push work to Git:\n\n1. Select **Push** in the main menu.\n\n   View screenshot\n\n   Pull and push buttons when menu is closed\n\n   Pull and push buttons when menu is open\n\n1. In the **Commit and push changes** modal, select which workflows and data tables you want to push. You can filter by status (new, modified, deleted) and search for items. n8n automatically pushes tags, and variable and credential stubs.\n\nn8n pushes the current saved version, not the published version, of the workflow. You need to then separately publish versions on the remote server.\n\n1. Enter a commit message. This should be a one sentence description of the changes you're making.\n1. Select **Commit and Push**. n8n sends the work to Git, and displays a success message on completion.\n\n## Pull work to production\n\nYour work is now in GitHub. If you're using a multi-branch setup, it's on the development branch. If you chose the single-branch setup, it's on main.\n\n1. In GitHub, create a pull request to merge development into production.\n1. Merge the pull request.\n1. In your production instance, select **Pull** in the main menu.\n\nIn your production instance, select **Pull** in the main menu.\n\nView screenshot\n\nPull and push buttons when menu is closed\n\nPull and push buttons when menu is open\n\n### Optional: Use a GitHub Action to automate pulls\n\nIf you want to avoid logging in to your production instance to pull, you can use a [GitHub Action](https://docs.github.com/en/actions/creating-actions/about-custom-actions) and the [n8n API](../../api/) to automatically pull every time you push new work to your production or main branch.\n\nA GitHub Action example:\n\n```\nname: CI\non:\n  # Trigger the workflow on push or pull request events for the \"production\" branch\n  push:\n    branches: [ \"production\" ]\n  # Allows you to run this workflow manually from the Actions tab\n  workflow_dispatch:\njobs:\n  run-pull:\n    runs-on: ubuntu-latest\n    steps:\n      - name: PULL\n\t\t\t\t# Use GitHub secrets to protect sensitive information\n        run: >\n          curl --location '${{ secrets.INSTANCE_URL }}/version-control/pull' --header\n          'Content-Type: application/json' --header 'X-N8N-API-KEY: ${{ secrets.INSTANCE_API_KEY }}'\n```\n\n## Next steps\n\nLearn more about:\n\n- [Environments in n8n](../understand/environments/) and [Git and n8n](../understand/git/)\n- [Source control patterns](../understand/patterns/)\n",
+        "excerpt": "# Tutorial: Create environments with source control  Feature availability  - Available on Business and Enterprise plans. - You must be an n8n instance owner or instance admin to enable and configure source control. - Instance owners and instance admins can push changes to and pull changes from the connected repository. - Project admins can push changes to the connected repository. They can't pull changes from the repository.  This tutorial walks through the process of setting up environments end...",
         "sections": [
           {
             "title": "Tutorial: Create environments with source control",
             "level": 1,
-            "content": "Feature availability\n\n- Available on Enterprise.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nThis tutorial walks through the process of setting up environments end-to-end. You'll create two environments: development and production. It uses GitHub as the Git provider. The process is similar for other providers.\n\nn8n has built its environments feature on top of Git, a version control software. You link an n8n instance to a Git branch, and use a push-pull pattern to move work between environments. You should have some understanding of environments and Git. If you need more information on these topics, refer to:\n\n- [Environments in n8n](../understand/environments/): the purpose of environments, and how they work in n8n.\n- [Git an"
+            "content": "Feature availability\n\n- Available on Business and Enterprise plans.\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\nThis tutorial walks through the process of setting up environments end-to-end. You'll create two environments: development and production. It uses GitHub as the Git provider. The process is similar for other providers.\n\nn8n has built its environments feature on top of Git, a version control software. You link an n8n instance to a Git branch, and use a push-pull pattern to move work between environments. You should have some understanding of environments and Git. If you need more information on these topics, refer to:\n\n- [Environments in n8n](../understand/environments/): the purpose of environments, and how they wor"
           }
         ]
       },
@@ -87283,11 +87284,11 @@
         "codeExamples": 1,
         "complexity": "intermediate",
         "readingTime": "7 min",
-        "contentLength": 8550,
+        "contentLength": 8569,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "tutorial: create environments with source control # tutorial: create environments with source control\n\nfeature availability\n\n- available on enterprise.\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\nthis tutorial walks through the process of setting up environments end-to-end. you'll create two environments: development and production. it uses github as the git provider. the process is similar for other providers.\n\nn8n has built its environments feature on top of git, a version control software. you link an n8n instance to a git branch, and use a push-pull pattern to move work between environments. you should have some understanding of environments and git. if you need more information on these topics, refer to:\n\n- [environments in n8n](../understand/environments/): the purpose of environments, and how they work in n8n.\n- [git and n8n](../understand/git/): git concepts and source control in n8n.\n\n## choose your source control pattern\n\nbefore setting up source control and environments, you need to plan your environments, and how they relate to git branches. n8n supports different [branch patterns](../understand/patterns/). for environments, you need to choose between two patterns: multi-instance, multi-branch, or multi-instance, single-branch. this tutorial covers both patterns.\n\nrecommendation: don't push and pull to the same n8n instance\n\nyou can push work from an instance to a branch, and pull to the same instance. n8n doesn't recommend this. to reduce the risk of merge conflicts and overwriting work, try to create a process where work goes in one direction: either to git, or from git, but not both.\n\n### multiple instances, multiple branches\n\nthe advantages of this pattern are:\n\n- an added safety layer to prevent changes getting into your production environment by mistake. you have to do a pull request in github to copy work between environments.\n- it supports more than two instances.\n\nthe disadvantage is more manual steps to copy work between environments.\n\n### multiple instances, one branch\n\nthe advantage of this pattern is that work is instantly available to other environments when you push from one instance.\n\nthe disadvantages are:\n\n- if you push by mistake, there is a risk the work will make it into your production instance. if you [use a github action to automate pulls](./#optional-use-a-github-action-to-automate-pulls) to production, you must either use the multi-instance, multi-branch pattern, or be careful to never push work that you don't want in production.\n- pushing and pulling to the same instance can cause data loss as changes are overridden when performing these actions. you should set up processes to ensure content flows in one direction.\n\n## set up your repository\n\nonce you've chosen your pattern, you need to set up your github repository.\n\n1. [create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n   - make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n   - create the new repository with a readme so you can immediately create branches.\n1. create one branch named `production` and another named `development`. refer to [creating and deleting branches within your repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository) for guidance.\n\n[create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n\n- make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n- create the new repository with a readme. this creates the `main` branch, which you'll connect to.\n\n## connect your n8n instances to your repository\n\ncreate two n8n instances, one for development, one for production.\n\n### configure git in n8n\n\n1. go to **settings** > **environments**.\n1. choose your connection method:\n   - **ssh**: in **git repository url**, enter the ssh url for your repository (for example, `git@github.com:username/repo.git`).\n   - **https**: in **git repository url** enter the https url for your repository (for example, `https://github.com/username/repo.git`).\n1. configure authentication based on your connection method:\n   - **for ssh**: n8n supports ed25519 and rsa public key algorithms. ed25519 is the default. select **rsa** under **ssh key** if your git host requires rsa. copy the ssh key.\n   - **for https**: enter your credentials:\n     - **username**: your git provider username.\n     - **token**: your personal access token (pat) from your git provider.\n\n### set up a deploy key\n\nset up ssh access by creating a deploy key for the repository using the ssh key from n8n. the key must have write access. refer to [github | managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys) for guidance.\n\n### connect n8n and configure your instance\n\n1. in **settings** > **environments** in n8n, select **connect**. n8n connects to your git repository.\n\n1. under **instance settings**, choose which branch you want to use for the current n8n instance. connect the production branch to the production instance, and the development branch to the development instance.\n\n1. production instance only: select **protected instance** to prevent users editing workflows in this instance.\n\n1. select **save settings**.\n\n1. in **settings** > **environments** in n8n, select **connect**.\n\n1. under **instance settings**, select the main branch.\n\n1. production instance only: select **protected instance** to prevent users editing workflows in this instance.\n\n1. select **save settings**.\n\n## push work from development\n\nin your development instance, create a few workflows, tags, variables, and credentials.\n\nto push work to git:\n\n1. select **push** in the main menu.\n\n   view screenshot\n\n   pull and push buttons when menu is closed\n\n   pull and push buttons when menu is open\n\n1. in the **commit and push changes** modal, select which workflows and data tables you want to push. you can filter by status (new, modified, deleted) and search for items. n8n automatically pushes tags, and variable and credential stubs.\n\nn8n pushes the current saved version, not the published version, of the workflow. you need to then separately publish versions on the remote server.\n\n1. enter a commit message. this should be a one sentence description of the changes you're making.\n1. select **commit and push**. n8n sends the work to git, and displays a success message on completion.\n\n## pull work to production\n\nyour work is now in github. if you're using a multi-branch setup, it's on the development branch. if you chose the single-branch setup, it's on main.\n\n1. in github, create a pull request to merge development into production.\n1. merge the pull request.\n1. in your production instance, select **pull** in the main menu.\n\nin your production instance, select **pull** in the main menu.\n\nview screenshot\n\npull and push buttons when menu is closed\n\npull and push buttons when menu is open\n\n### optional: use a github action to automate pulls\n\nif you want to avoid logging in to your production instance to pull, you can use a [github action](https://docs.github.com/en/actions/creating-actions/about-custom-actions) and the [n8n api](../../api/) to automatically pull every time you push new work to your production or main branch.\n\na github action example:\n\n```\nname: ci\non:\n  # trigger the workflow on push or pull request events for the \"production\" branch\n  push:\n    branches: [ \"production\" ]\n  # allows you to run this workflow manually from the actions tab\n  workflow_dispatch:\njobs:\n  run-pull:\n    runs-on: ubuntu-latest\n    steps:\n      - name: pull\n\t\t\t\t# use github secrets to protect sensitive information\n        run: >\n          curl --location '${{ secrets.instance_url }}/version-control/pull' --header\n          'content-type: application/json' --header 'x-n8n-api-key: ${{ secrets.instance_api_key }}'\n```\n\n## next steps\n\nlearn more about:\n\n- [environments in n8n](../understand/environments/) and [git and n8n](../understand/git/)\n- [source control patterns](../understand/patterns/)\n tutorial: create environments with source control",
+        "fullText": "tutorial: create environments with source control # tutorial: create environments with source control\n\nfeature availability\n\n- available on business and enterprise plans.\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\nthis tutorial walks through the process of setting up environments end-to-end. you'll create two environments: development and production. it uses github as the git provider. the process is similar for other providers.\n\nn8n has built its environments feature on top of git, a version control software. you link an n8n instance to a git branch, and use a push-pull pattern to move work between environments. you should have some understanding of environments and git. if you need more information on these topics, refer to:\n\n- [environments in n8n](../understand/environments/): the purpose of environments, and how they work in n8n.\n- [git and n8n](../understand/git/): git concepts and source control in n8n.\n\n## choose your source control pattern\n\nbefore setting up source control and environments, you need to plan your environments, and how they relate to git branches. n8n supports different [branch patterns](../understand/patterns/). for environments, you need to choose between two patterns: multi-instance, multi-branch, or multi-instance, single-branch. this tutorial covers both patterns.\n\nrecommendation: don't push and pull to the same n8n instance\n\nyou can push work from an instance to a branch, and pull to the same instance. n8n doesn't recommend this. to reduce the risk of merge conflicts and overwriting work, try to create a process where work goes in one direction: either to git, or from git, but not both.\n\n### multiple instances, multiple branches\n\nthe advantages of this pattern are:\n\n- an added safety layer to prevent changes getting into your production environment by mistake. you have to do a pull request in github to copy work between environments.\n- it supports more than two instances.\n\nthe disadvantage is more manual steps to copy work between environments.\n\n### multiple instances, one branch\n\nthe advantage of this pattern is that work is instantly available to other environments when you push from one instance.\n\nthe disadvantages are:\n\n- if you push by mistake, there is a risk the work will make it into your production instance. if you [use a github action to automate pulls](./#optional-use-a-github-action-to-automate-pulls) to production, you must either use the multi-instance, multi-branch pattern, or be careful to never push work that you don't want in production.\n- pushing and pulling to the same instance can cause data loss as changes are overridden when performing these actions. you should set up processes to ensure content flows in one direction.\n\n## set up your repository\n\nonce you've chosen your pattern, you need to set up your github repository.\n\n1. [create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n   - make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n   - create the new repository with a readme so you can immediately create branches.\n1. create one branch named `production` and another named `development`. refer to [creating and deleting branches within your repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository) for guidance.\n\n[create a new repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-new-repository).\n\n- make sure the repository is private, unless you want your workflows, tags, and variable and credential stubs exposed to the internet.\n- create the new repository with a readme. this creates the `main` branch, which you'll connect to.\n\n## connect your n8n instances to your repository\n\ncreate two n8n instances, one for development, one for production.\n\n### configure git in n8n\n\n1. go to **settings** > **environments**.\n1. choose your connection method:\n   - **ssh**: in **git repository url**, enter the ssh url for your repository (for example, `git@github.com:username/repo.git`).\n   - **https**: in **git repository url** enter the https url for your repository (for example, `https://github.com/username/repo.git`).\n1. configure authentication based on your connection method:\n   - **for ssh**: n8n supports ed25519 and rsa public key algorithms. ed25519 is the default. select **rsa** under **ssh key** if your git host requires rsa. copy the ssh key.\n   - **for https**: enter your credentials:\n     - **username**: your git provider username.\n     - **token**: your personal access token (pat) from your git provider.\n\n### set up a deploy key\n\nset up ssh access by creating a deploy key for the repository using the ssh key from n8n. the key must have write access. refer to [github | managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys) for guidance.\n\n### connect n8n and configure your instance\n\n1. in **settings** > **environments** in n8n, select **connect**. n8n connects to your git repository.\n\n1. under **instance settings**, choose which branch you want to use for the current n8n instance. connect the production branch to the production instance, and the development branch to the development instance.\n\n1. production instance only: select **protected instance** to prevent users editing workflows in this instance.\n\n1. select **save settings**.\n\n1. in **settings** > **environments** in n8n, select **connect**.\n\n1. under **instance settings**, select the main branch.\n\n1. production instance only: select **protected instance** to prevent users editing workflows in this instance.\n\n1. select **save settings**.\n\n## push work from development\n\nin your development instance, create a few workflows, tags, variables, and credentials.\n\nto push work to git:\n\n1. select **push** in the main menu.\n\n   view screenshot\n\n   pull and push buttons when menu is closed\n\n   pull and push buttons when menu is open\n\n1. in the **commit and push changes** modal, select which workflows and data tables you want to push. you can filter by status (new, modified, deleted) and search for items. n8n automatically pushes tags, and variable and credential stubs.\n\nn8n pushes the current saved version, not the published version, of the workflow. you need to then separately publish versions on the remote server.\n\n1. enter a commit message. this should be a one sentence description of the changes you're making.\n1. select **commit and push**. n8n sends the work to git, and displays a success message on completion.\n\n## pull work to production\n\nyour work is now in github. if you're using a multi-branch setup, it's on the development branch. if you chose the single-branch setup, it's on main.\n\n1. in github, create a pull request to merge development into production.\n1. merge the pull request.\n1. in your production instance, select **pull** in the main menu.\n\nin your production instance, select **pull** in the main menu.\n\nview screenshot\n\npull and push buttons when menu is closed\n\npull and push buttons when menu is open\n\n### optional: use a github action to automate pulls\n\nif you want to avoid logging in to your production instance to pull, you can use a [github action](https://docs.github.com/en/actions/creating-actions/about-custom-actions) and the [n8n api](../../api/) to automatically pull every time you push new work to your production or main branch.\n\na github action example:\n\n```\nname: ci\non:\n  # trigger the workflow on push or pull request events for the \"production\" branch\n  push:\n    branches: [ \"production\" ]\n  # allows you to run this workflow manually from the actions tab\n  workflow_dispatch:\njobs:\n  run-pull:\n    runs-on: ubuntu-latest\n    steps:\n      - name: pull\n\t\t\t\t# use github secrets to protect sensitive information\n        run: >\n          curl --location '${{ secrets.instance_url }}/version-control/pull' --header\n          'content-type: application/json' --header 'x-n8n-api-key: ${{ secrets.instance_api_key }}'\n```\n\n## next steps\n\nlearn more about:\n\n- [environments in n8n](../understand/environments/) and [git and n8n](../understand/git/)\n- [source control patterns](../understand/patterns/)\n tutorial: create environments with source control",
         "importantTerms": [
           "your",
           "instance",
@@ -87446,13 +87447,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Understand source control and environments\n\nFeature availability\n\n- Available on Enterprise.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Environments in n8n](environments/): The purpose of environments, and how they work in n8n.\n\n- [Git in n8n](git/): How n8n uses Git.\n\n- [Branch patterns](patterns/): The possible relationships between n8n instances and Git branches.\n",
-        "excerpt": "# Understand source control and environments  Feature availability  - Available on Enterprise.  - You must be an n8n instance owner or instance admin to enable and configure source control.  - Instance owners and instance admins can push changes to and pull changes from the connected repository.  - Project admins can push changes to the connected repository. They can't pull changes from the repository.  - [Environments in n8n](environments/): The purpose of environments, and how they work in n8n...",
+        "markdown": "# Understand source control and environments\n\nFeature availability\n\n- Available on Business and Enterprise plans.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Environments in n8n](environments/): The purpose of environments, and how they work in n8n.\n\n- [Git in n8n](git/): How n8n uses Git.\n\n- [Branch patterns](patterns/): The possible relationships between n8n instances and Git branches.\n",
+        "excerpt": "# Understand source control and environments  Feature availability  - Available on Business and Enterprise plans.  - You must be an n8n instance owner or instance admin to enable and configure source control.  - Instance owners and instance admins can push changes to and pull changes from the connected repository.  - Project admins can push changes to the connected repository. They can't pull changes from the repository.  - [Environments in n8n](environments/): The purpose of environments, and h...",
         "sections": [
           {
             "title": "Understand source control and environments",
             "level": 1,
-            "content": "Feature availability\n\n- Available on Enterprise.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Environments in n8n](environments/): The purpose of environments, and how they work in n8n.\n\n- [Git in n8n](git/): How n8n uses Git.\n\n- [Branch patterns](patterns/): The possible relationships between n8n instances and Git branches."
+            "content": "Feature availability\n\n- Available on Business and Enterprise plans.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Environments in n8n](environments/): The purpose of environments, and how they work in n8n.\n\n- [Git in n8n](git/): How n8n uses Git.\n\n- [Branch patterns](patterns/): The possible relationships between n8n instances and Git branches."
           }
         ]
       },
@@ -87468,11 +87469,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 643,
+        "contentLength": 662,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "understand source control and environments # understand source control and environments\n\nfeature availability\n\n- available on enterprise.\n\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\n- [environments in n8n](environments/): the purpose of environments, and how they work in n8n.\n\n- [git in n8n](git/): how n8n uses git.\n\n- [branch patterns](patterns/): the possible relationships between n8n instances and git branches.\n understand source control and environments",
+        "fullText": "understand source control and environments # understand source control and environments\n\nfeature availability\n\n- available on business and enterprise plans.\n\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\n- [environments in n8n](environments/): the purpose of environments, and how they work in n8n.\n\n- [git in n8n](git/): how n8n uses git.\n\n- [branch patterns](patterns/): the possible relationships between n8n instances and git branches.\n understand source control and environments",
         "importantTerms": [
           "environments",
           "source",
@@ -87715,13 +87716,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Using source control and environments\n\nFeature availability\n\n- Available on Enterprise.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Push and pull](push-pull/): Send work to Git, and fetch work from Git to your instance. Understand what gets committed, and how n8n handles merge conflicts.\n\n- [Copy work between environments](copy-work/): How to copy work between different n8n instances.\n",
-        "excerpt": "# Using source control and environments  Feature availability  - Available on Enterprise.  - You must be an n8n instance owner or instance admin to enable and configure source control.  - Instance owners and instance admins can push changes to and pull changes from the connected repository.  - Project admins can push changes to the connected repository. They can't pull changes from the repository.  - [Push and pull](push-pull/): Send work to Git, and fetch work from Git to your instance. Underst...",
+        "markdown": "# Using source control and environments\n\nFeature availability\n\n- Available on Business and Enterprise plans.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Push and pull](push-pull/): Send work to Git, and fetch work from Git to your instance. Understand what gets committed, and how n8n handles merge conflicts.\n\n- [Copy work between environments](copy-work/): How to copy work between different n8n instances.\n",
+        "excerpt": "# Using source control and environments  Feature availability  - Available on Business and Enterprise plans.  - You must be an n8n instance owner or instance admin to enable and configure source control.  - Instance owners and instance admins can push changes to and pull changes from the connected repository.  - Project admins can push changes to the connected repository. They can't pull changes from the repository.  - [Push and pull](push-pull/): Send work to Git, and fetch work from Git to you...",
         "sections": [
           {
             "title": "Using source control and environments",
             "level": 1,
-            "content": "Feature availability\n\n- Available on Enterprise.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Push and pull](push-pull/): Send work to Git, and fetch work from Git to your instance. Understand what gets committed, and how n8n handles merge conflicts.\n\n- [Copy work between environments](copy-work/): How to copy work between different n8n instances."
+            "content": "Feature availability\n\n- Available on Business and Enterprise plans.\n\n- You must be an n8n instance owner or instance admin to enable and configure source control.\n\n- Instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- Project admins can push changes to the connected repository. They can't pull changes from the repository.\n\n- [Push and pull](push-pull/): Send work to Git, and fetch work from Git to your instance. Understand what gets committed, and how n8n handles merge conflicts.\n\n- [Copy work between environments](copy-work/): How to copy work between different n8n instances."
           }
         ]
       },
@@ -87737,11 +87738,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "1 min",
-        "contentLength": 661,
+        "contentLength": 680,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "using source control and environments # using source control and environments\n\nfeature availability\n\n- available on enterprise.\n\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\n- [push and pull](push-pull/): send work to git, and fetch work from git to your instance. understand what gets committed, and how n8n handles merge conflicts.\n\n- [copy work between environments](copy-work/): how to copy work between different n8n instances.\n using source control and environments",
+        "fullText": "using source control and environments # using source control and environments\n\nfeature availability\n\n- available on business and enterprise plans.\n\n- you must be an n8n instance owner or instance admin to enable and configure source control.\n\n- instance owners and instance admins can push changes to and pull changes from the connected repository.\n\n- project admins can push changes to the connected repository. they can't pull changes from the repository.\n\n- [push and pull](push-pull/): send work to git, and fetch work from git to your instance. understand what gets committed, and how n8n handles merge conflicts.\n\n- [copy work between environments](copy-work/): how to copy work between different n8n instances.\n using source control and environments",
         "importantTerms": [
           "instance",
           "work",
@@ -88928,13 +88929,13 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# Custom project roles\n\nFeature availability\n\nCustom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**Available from:** n8n version 1.122.0 (released November 24, 2025)\n\nInstance roles vs project roles\n\nn8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the entire n8n instance and all projects * **Project roles**: Roles that apply within a specific project (Admin, Editor, Viewer, and custom roles)\n\nCustom roles are project-level roles. They define permissions within individual projects, not across the entire instance.\n\nCustom project roles allow you to create roles with specific permissions tailored to your team's needs. Unlike the built-in project roles (Admin, Editor, Viewer), custom roles let you define granular access to workflows, credentials, and other project resources.\n\n## Create a custom role\n\nInstance owners and instance admins can create custom roles.\n\nTo create a custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Select **Create role**.\n1. Enter a role name and optional description.\n1. Select the permissions (scopes) for this role:\n   - **Workflow permissions**: Create, read, update, publish, delete, list, execute, move, or share workflows\n   - **Credential permissions**: Create, read, update, delete, list, move, or share credentials\n   - **Project permissions**: List, read, update, or delete projects\n   - **Folder permissions**: Create, read, update, delete, list, or move folders\n   - **Data table permissions**: Create, read, update, delete, list project tables, read/write rows\n   - **Project variable permissions**: Create, read, update, delete, or list project variables\n   - **Source control**: Push to source control\n1. Select **Create role**.\n\n## Assign a custom role to users\n\nProject admins can assign custom roles to project members. Custom roles apply only within the specific project where they're assigned. A user can have different roles in different projects.\n\nTo assign a custom role:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Under **Project members**, browse or search for users.\n1. Select the user and choose the custom role from the dropdown.\n1. Select **Save**.\n\nProject-level permissions\n\nCustom role permissions only apply within the project where the role is assigned. To grant the same permissions across multiple projects, assign the custom role in each project individually.\n\n## Edit a custom role\n\nTo modify an existing custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the custom role you want to edit.\n1. Select the **three-dot menu** > **Edit**.\n1. Update the role name, description, or permissions.\n1. Select **Save changes**.\n\nEditing affects all assigned users\n\nChanges to a custom role immediately affect all users assigned to that role in any project. If the role is used across multiple projects, the permission changes apply everywhere the role is assigned.\n\n## Duplicate a custom role\n\nTo create a new role based on an existing one:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the role you want to duplicate.\n1. Select the **three-dot menu** > **Duplicate**.\n1. Modify the role name and permissions as needed.\n1. Select **Create role**.\n\n## Delete a custom role\n\nTo delete a custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the role you want to delete.\n1. Select the **three-dot menu** > **Delete**.\n1. Confirm the deletion.\n\nReassign users before deletion\n\nIf users are assigned to this role, you must first reassign them to a different role before deleting it.\n\n## Permission scopes reference\n\nCustom roles use permission scopes to define what users can do within a project. Here are the available scopes by resource:\n\n### Workflow scopes\n\n- `workflow:create` - Create new workflows\n- `workflow:read` - View workflow details\n- `workflow:update` - Edit workflows\n- `workflow:publish` - Publish workflows\n- `workflow:unpublish` - Unpublish workflows\n- `workflow:delete` - Delete workflows\n- `workflow:list` - View workflows in project\n- `workflow:execute-chat` - Execute workflows via chat interface\n- `workflow:move` - Move workflows between projects\n- `workflow:share` - Share workflows with other users\n\n### Credential scopes\n\n- `credential:create` - Create new credentials\n- `credential:read` - View credential details\n- `credential:update` - Edit credentials\n- `credential:delete` - Delete credentials\n- `credential:list` - View credentials in project\n- `credential:move` - Move credentials between projects\n- `credential:share` - Share credentials with other users\n\n### Project scopes\n\n- `project:list` - View available projects\n- `project:read` - View project details\n- `project:update` - Edit project settings (Admin only)\n- `project:delete` - Delete projects (Admin only)\n\n### Folder scopes\n\n- `folder:create` - Create new folders\n- `folder:read` - View folder contents\n- `folder:update` - Rename folders\n- `folder:delete` - Delete folders\n- `folder:list` - View folders in project\n- `folder:move` - Move folders\n\n### Data table scopes\n\n- `dataTable:create` - Create new data tables\n- `dataTable:read` - View data table schema\n- `dataTable:update` - Modify data table schema\n- `dataTable:delete` - Delete data tables\n- `dataTable:listProject` - View data tables in project\n- `dataTable:readRow` - Read rows from data tables\n- `dataTable:writeRow` - Insert or update rows in data tables\n\n### Project variable scopes\n\n- `projectVariable:list` - View project variables\n- `projectVariable:read` - View variable values\n- `projectVariable:create` - Create new variables\n- `projectVariable:update` - Edit variable values\n- `projectVariable:delete` - Delete variables\n\n### Source control scopes\n\n- `sourceControl:push` - Push changes to source control\n\n## Common custom role examples\n\nThese are example custom project roles you can create for common use cases. Remember that these roles apply within individual projects, not across your entire n8n instance.\n\n### Workflow Developer\n\nA role for users who work only with workflows: * `workflow:create`, `workflow:read`, `workflow:update`, `workflow:delete`, `workflow:list` * `credential:read`, `credential:list` (view credentials but not modify) * `project:list`, `project:read`\n\n### Credential Manager\n\nA role for users who manage credentials: * `credential:create`, `credential:read`, `credential:update`, `credential:delete`, `credential:list`, `credential:share` * `workflow:read`, `workflow:list` (view workflows to understand credential usage) * `project:list`, `project:read`\n\n### Workflow Publisher\n\nA role for users who can publish workflows without full edit access: * `workflow:read`, `workflow:list`, `workflow:publish`, `workflow:unpublish` * `credential:read`, `credential:list` * `project:list`, `project:read`\n\nCombining scopes\n\nYou can combine any scopes to create roles that match your specific needs. Consider the principle of least privilege: grant only the permissions users need to perform their tasks.\n",
-        "excerpt": "# Custom project roles  Feature availability  Custom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.  **Available from:** n8n version 1.122.0 (released November 24, 2025)  Instance roles vs project roles  n8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the entire n8n instance and all projects * **Project roles**: Rol...",
+        "markdown": "# Custom project roles\n\nFeature availability\n\nCustom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**Available from:** n8n version 1.122.0 (released November 24, 2025)\n\nSecret vault scopes are available from n8n version `2.13.0`\n\nInstance roles vs project roles\n\nn8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the entire n8n instance and all projects * **Project roles**: Roles that apply within a specific project (Admin, Editor, Viewer, and custom roles)\n\nCustom roles are project-level roles. They define permissions within individual projects, not across the entire instance.\n\nCustom project roles allow you to create roles with specific permissions tailored to your team's needs. Unlike the built-in project roles (Admin, Editor, Viewer), custom roles let you define granular access to workflows, credentials, and other project resources.\n\n## Create a custom role\n\nInstance owners and instance admins can create custom roles.\n\nTo create a custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Select **Create role**.\n1. Enter a role name and optional description.\n1. Select the permissions (scopes) for this role:\n   - **Workflow permissions**: Create, read, update, publish, delete, list, execute, move, or share workflows\n   - **Credential permissions**: Create, read, update, delete, list, move, or share credentials\n   - **Project permissions**: List, read, update, or delete projects\n   - **Folder permissions**: Create, read, update, delete, list, or move folders\n   - **Data table permissions**: Create, read, update, delete, list project tables, read/write rows\n   - **Project variable permissions**: Create, read, update, delete, or list project variables\n   - **Secret vault permissions**: Create, view, update, delete, and sync (reload) vaults of a project\n   - **Secrets permission**: Use secrets in credentials\n   - **Source control**: Push to source control\n1. Select **Create role**.\n\n## Assign a custom role to users\n\nProject admins can assign custom roles to project members. Custom roles apply only within the specific project where they're assigned. A user can have different roles in different projects.\n\nTo assign a custom role:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Under **Project members**, browse or search for users.\n1. Select the user and choose the custom role from the dropdown.\n1. Select **Save**.\n\nProject-level permissions\n\nCustom role permissions only apply within the project where the role is assigned. To grant the same permissions across multiple projects, assign the custom role in each project individually.\n\n## Edit a custom role\n\nTo modify an existing custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the custom role you want to edit.\n1. Select the **three-dot menu** > **Edit**.\n1. Update the role name, description, or permissions.\n1. Select **Save changes**.\n\nEditing affects all assigned users\n\nChanges to a custom role immediately affect all users assigned to that role in any project. If the role is used across multiple projects, the permission changes apply everywhere the role is assigned.\n\n## Duplicate a custom role\n\nTo create a new role based on an existing one:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the role you want to duplicate.\n1. Select the **three-dot menu** > **Duplicate**.\n1. Modify the role name and permissions as needed.\n1. Select **Create role**.\n\n## Delete a custom role\n\nTo delete a custom role:\n\n1. Go to **Settings** > **Project roles**.\n1. Find the role you want to delete.\n1. Select the **three-dot menu** > **Delete**.\n1. Confirm the deletion.\n\nReassign users before deletion\n\nIf users are assigned to this role, you must first reassign them to a different role before deleting it.\n\n## Permission scopes reference\n\nCustom roles use permission scopes to define what users can do within a project. Here are the available scopes by resource:\n\n### Workflow scopes\n\n- `workflow:create` - Create new workflows\n- `workflow:read` - View workflow details\n- `workflow:update` - Edit workflows\n- `workflow:publish` - Publish workflows\n- `workflow:unpublish` - Unpublish workflows\n- `workflow:delete` - Delete workflows\n- `workflow:list` - View workflows in project\n- `workflow:execute-chat` - Execute workflows via chat interface\n- `workflow:move` - Move workflows between projects\n- `workflow:share` - Share workflows with other users\n\n### Credential scopes\n\n- `credential:create` - Create new credentials\n- `credential:read` - View credential details\n- `credential:update` - Edit credentials\n- `credential:delete` - Delete credentials\n- `credential:list` - View credentials in project\n- `credential:move` - Move credentials between projects\n- `credential:share` - Share credentials with other users\n\n### Project scopes\n\n- `project:list` - View available projects\n- `project:read` - View project details\n- `project:update` - Edit project settings (Admin only)\n- `project:delete` - Delete projects (Admin only)\n\n### Folder scopes\n\n- `folder:create` - Create new folders\n- `folder:read` - View folder contents\n- `folder:update` - Rename folders\n- `folder:delete` - Delete folders\n- `folder:list` - View folders in project\n- `folder:move` - Move folders\n\n### Data table scopes\n\n- `dataTable:create` - Create new data tables\n- `dataTable:read` - View data table schema\n- `dataTable:update` - Modify data table schema\n- `dataTable:delete` - Delete data tables\n- `dataTable:listProject` - View data tables in project\n- `dataTable:readRow` - Read rows from data tables\n- `dataTable:writeRow` - Insert or update rows in data tables\n\n### Project variable scopes\n\n- `projectVariable:list` - View project variables\n- `projectVariable:read` - View variable values\n- `projectVariable:create` - Create new variables\n- `projectVariable:update` - Edit variable values\n- `projectVariable:delete` - Delete variables\n\n### Secret vault scopes\n\n- `secretsVaults:view` - View secret vaults in a project\n- `secretsVaults:create` - Create new secret vaults within project\n- `secretsVaults:edit` - Edit secret vault configuration\n- `secretsVaults:delete` - Delete secret vaults of a project\n- `secretsVaults:sync` - Reload a vault's secrets\n- `secrets:list` - Use secrets in credentials\n\n### Source control scopes\n\n- `sourceControl:push` - Push changes to source control\n\n## Common custom role examples\n\nThese are example custom project roles you can create for common use cases. Remember that these roles apply within individual projects, not across your entire n8n instance.\n\n### Workflow Developer\n\nA role for users who work only with workflows: * `workflow:create`, `workflow:read`, `workflow:update`, `workflow:delete`, `workflow:list` * `credential:read`, `credential:list` (view credentials but not modify) * `project:list`, `project:read`\n\n### Credential Manager\n\nA role for users who manage credentials: * `credential:create`, `credential:read`, `credential:update`, `credential:delete`, `credential:list`, `credential:share` * `workflow:read`, `workflow:list` (view workflows to understand credential usage) * `project:list`, `project:read`\n\n### Secrets User\n\nA role for users who need to use external secrets in credentials but not manage vaults: * `secrets:list` (use secrets in credentials expressions) * `credential:create`, `credential:read`, `credential:update`, `credential:list` (manage credentials with secrets) * `workflow:read`, `workflow:list` * `project:list`, `project:read`\n\n### Workflow Publisher\n\nA role for users who can publish workflows without full edit access: * `workflow:read`, `workflow:list`, `workflow:publish`, `workflow:unpublish` * `credential:read`, `credential:list` * `project:list`, `project:read`\n\nCombining scopes\n\nYou can combine any scopes to create roles that match your specific needs. Consider the principle of least privilege: grant only the permissions users need to perform their tasks.\n",
+        "excerpt": "# Custom project roles  Feature availability  Custom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.  **Available from:** n8n version 1.122.0 (released November 24, 2025)  Secret vault scopes are available from n8n version `2.13.0`  Instance roles vs project roles  n8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the...",
         "sections": [
           {
             "title": "Custom project roles",
             "level": 1,
-            "content": "Feature availability\n\nCustom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**Available from:** n8n version 1.122.0 (released November 24, 2025)\n\nInstance roles vs project roles\n\nn8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the entire n8n instance and all projects * **Project roles**: Roles that apply within a specific project (Admin, Editor, Viewer, and custom roles)\n\nCustom roles are project-level roles. They define permissions within individual projects, not across the entire instance.\n\nCustom project roles allow you to create roles with specific permissions tailored to your team's needs. Unlike the built-in project roles (Admin, Editor, Viewer), custom roles let you define granular access to workflows, credentials, and other project resources."
+            "content": "Feature availability\n\nCustom roles are available on Self-hosted Enterprise and Cloud Enterprise plans. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**Available from:** n8n version 1.122.0 (released November 24, 2025)\n\nSecret vault scopes are available from n8n version `2.13.0`\n\nInstance roles vs project roles\n\nn8n has two types of roles: * **Instance roles** ([account types](../../account-types/)): Owner, Admin, and Member roles that span the entire n8n instance and all projects * **Project roles**: Roles that apply within a specific project (Admin, Editor, Viewer, and custom roles)\n\nCustom roles are project-level roles. They define permissions within individual projects, not across the entire instance.\n\nCustom project roles allow you to create roles with specific permissions tailored to your team's needs. Unlike the built-in project roles (Admin, Editor, Viewer), custom roles let you define granular access to workflows, credentials, and other project resou"
           }
         ]
       },
@@ -88959,12 +88960,16 @@
           "data",
           "table",
           "variable",
+          "secret",
+          "vault",
           "source",
           "control",
           "common",
           "examples",
           "developer",
           "manager",
+          "secrets",
+          "user",
           "publisher"
         ],
         "useCases": [],
@@ -88972,62 +88977,62 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "6 min",
-        "contentLength": 7096,
+        "contentLength": 8028,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "custom roles # custom project roles\n\nfeature availability\n\ncustom roles are available on self-hosted enterprise and cloud enterprise plans. refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**available from:** n8n version 1.122.0 (released november 24, 2025)\n\ninstance roles vs project roles\n\nn8n has two types of roles: * **instance roles** ([account types](../../account-types/)): owner, admin, and member roles that span the entire n8n instance and all projects * **project roles**: roles that apply within a specific project (admin, editor, viewer, and custom roles)\n\ncustom roles are project-level roles. they define permissions within individual projects, not across the entire instance.\n\ncustom project roles allow you to create roles with specific permissions tailored to your team's needs. unlike the built-in project roles (admin, editor, viewer), custom roles let you define granular access to workflows, credentials, and other project resources.\n\n## create a custom role\n\ninstance owners and instance admins can create custom roles.\n\nto create a custom role:\n\n1. go to **settings** > **project roles**.\n1. select **create role**.\n1. enter a role name and optional description.\n1. select the permissions (scopes) for this role:\n   - **workflow permissions**: create, read, update, publish, delete, list, execute, move, or share workflows\n   - **credential permissions**: create, read, update, delete, list, move, or share credentials\n   - **project permissions**: list, read, update, or delete projects\n   - **folder permissions**: create, read, update, delete, list, or move folders\n   - **data table permissions**: create, read, update, delete, list project tables, read/write rows\n   - **project variable permissions**: create, read, update, delete, or list project variables\n   - **source control**: push to source control\n1. select **create role**.\n\n## assign a custom role to users\n\nproject admins can assign custom roles to project members. custom roles apply only within the specific project where they're assigned. a user can have different roles in different projects.\n\nto assign a custom role:\n\n1. select the project.\n1. select **project settings**.\n1. under **project members**, browse or search for users.\n1. select the user and choose the custom role from the dropdown.\n1. select **save**.\n\nproject-level permissions\n\ncustom role permissions only apply within the project where the role is assigned. to grant the same permissions across multiple projects, assign the custom role in each project individually.\n\n## edit a custom role\n\nto modify an existing custom role:\n\n1. go to **settings** > **project roles**.\n1. find the custom role you want to edit.\n1. select the **three-dot menu** > **edit**.\n1. update the role name, description, or permissions.\n1. select **save changes**.\n\nediting affects all assigned users\n\nchanges to a custom role immediately affect all users assigned to that role in any project. if the role is used across multiple projects, the permission changes apply everywhere the role is assigned.\n\n## duplicate a custom role\n\nto create a new role based on an existing one:\n\n1. go to **settings** > **project roles**.\n1. find the role you want to duplicate.\n1. select the **three-dot menu** > **duplicate**.\n1. modify the role name and permissions as needed.\n1. select **create role**.\n\n## delete a custom role\n\nto delete a custom role:\n\n1. go to **settings** > **project roles**.\n1. find the role you want to delete.\n1. select the **three-dot menu** > **delete**.\n1. confirm the deletion.\n\nreassign users before deletion\n\nif users are assigned to this role, you must first reassign them to a different role before deleting it.\n\n## permission scopes reference\n\ncustom roles use permission scopes to define what users can do within a project. here are the available scopes by resource:\n\n### workflow scopes\n\n- `workflow:create` - create new workflows\n- `workflow:read` - view workflow details\n- `workflow:update` - edit workflows\n- `workflow:publish` - publish workflows\n- `workflow:unpublish` - unpublish workflows\n- `workflow:delete` - delete workflows\n- `workflow:list` - view workflows in project\n- `workflow:execute-chat` - execute workflows via chat interface\n- `workflow:move` - move workflows between projects\n- `workflow:share` - share workflows with other users\n\n### credential scopes\n\n- `credential:create` - create new credentials\n- `credential:read` - view credential details\n- `credential:update` - edit credentials\n- `credential:delete` - delete credentials\n- `credential:list` - view credentials in project\n- `credential:move` - move credentials between projects\n- `credential:share` - share credentials with other users\n\n### project scopes\n\n- `project:list` - view available projects\n- `project:read` - view project details\n- `project:update` - edit project settings (admin only)\n- `project:delete` - delete projects (admin only)\n\n### folder scopes\n\n- `folder:create` - create new folders\n- `folder:read` - view folder contents\n- `folder:update` - rename folders\n- `folder:delete` - delete folders\n- `folder:list` - view folders in project\n- `folder:move` - move folders\n\n### data table scopes\n\n- `datatable:create` - create new data tables\n- `datatable:read` - view data table schema\n- `datatable:update` - modify data table schema\n- `datatable:delete` - delete data tables\n- `datatable:listproject` - view data tables in project\n- `datatable:readrow` - read rows from data tables\n- `datatable:writerow` - insert or update rows in data tables\n\n### project variable scopes\n\n- `projectvariable:list` - view project variables\n- `projectvariable:read` - view variable values\n- `projectvariable:create` - create new variables\n- `projectvariable:update` - edit variable values\n- `projectvariable:delete` - delete variables\n\n### source control scopes\n\n- `sourcecontrol:push` - push changes to source control\n\n## common custom role examples\n\nthese are example custom project roles you can create for common use cases. remember that these roles apply within individual projects, not across your entire n8n instance.\n\n### workflow developer\n\na role for users who work only with workflows: * `workflow:create`, `workflow:read`, `workflow:update`, `workflow:delete`, `workflow:list` * `credential:read`, `credential:list` (view credentials but not modify) * `project:list`, `project:read`\n\n### credential manager\n\na role for users who manage credentials: * `credential:create`, `credential:read`, `credential:update`, `credential:delete`, `credential:list`, `credential:share` * `workflow:read`, `workflow:list` (view workflows to understand credential usage) * `project:list`, `project:read`\n\n### workflow publisher\n\na role for users who can publish workflows without full edit access: * `workflow:read`, `workflow:list`, `workflow:publish`, `workflow:unpublish` * `credential:read`, `credential:list` * `project:list`, `project:read`\n\ncombining scopes\n\nyou can combine any scopes to create roles that match your specific needs. consider the principle of least privilege: grant only the permissions users need to perform their tasks.\n custom project roles",
+        "fullText": "custom roles # custom project roles\n\nfeature availability\n\ncustom roles are available on self-hosted enterprise and cloud enterprise plans. refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\n**available from:** n8n version 1.122.0 (released november 24, 2025)\n\nsecret vault scopes are available from n8n version `2.13.0`\n\ninstance roles vs project roles\n\nn8n has two types of roles: * **instance roles** ([account types](../../account-types/)): owner, admin, and member roles that span the entire n8n instance and all projects * **project roles**: roles that apply within a specific project (admin, editor, viewer, and custom roles)\n\ncustom roles are project-level roles. they define permissions within individual projects, not across the entire instance.\n\ncustom project roles allow you to create roles with specific permissions tailored to your team's needs. unlike the built-in project roles (admin, editor, viewer), custom roles let you define granular access to workflows, credentials, and other project resources.\n\n## create a custom role\n\ninstance owners and instance admins can create custom roles.\n\nto create a custom role:\n\n1. go to **settings** > **project roles**.\n1. select **create role**.\n1. enter a role name and optional description.\n1. select the permissions (scopes) for this role:\n   - **workflow permissions**: create, read, update, publish, delete, list, execute, move, or share workflows\n   - **credential permissions**: create, read, update, delete, list, move, or share credentials\n   - **project permissions**: list, read, update, or delete projects\n   - **folder permissions**: create, read, update, delete, list, or move folders\n   - **data table permissions**: create, read, update, delete, list project tables, read/write rows\n   - **project variable permissions**: create, read, update, delete, or list project variables\n   - **secret vault permissions**: create, view, update, delete, and sync (reload) vaults of a project\n   - **secrets permission**: use secrets in credentials\n   - **source control**: push to source control\n1. select **create role**.\n\n## assign a custom role to users\n\nproject admins can assign custom roles to project members. custom roles apply only within the specific project where they're assigned. a user can have different roles in different projects.\n\nto assign a custom role:\n\n1. select the project.\n1. select **project settings**.\n1. under **project members**, browse or search for users.\n1. select the user and choose the custom role from the dropdown.\n1. select **save**.\n\nproject-level permissions\n\ncustom role permissions only apply within the project where the role is assigned. to grant the same permissions across multiple projects, assign the custom role in each project individually.\n\n## edit a custom role\n\nto modify an existing custom role:\n\n1. go to **settings** > **project roles**.\n1. find the custom role you want to edit.\n1. select the **three-dot menu** > **edit**.\n1. update the role name, description, or permissions.\n1. select **save changes**.\n\nediting affects all assigned users\n\nchanges to a custom role immediately affect all users assigned to that role in any project. if the role is used across multiple projects, the permission changes apply everywhere the role is assigned.\n\n## duplicate a custom role\n\nto create a new role based on an existing one:\n\n1. go to **settings** > **project roles**.\n1. find the role you want to duplicate.\n1. select the **three-dot menu** > **duplicate**.\n1. modify the role name and permissions as needed.\n1. select **create role**.\n\n## delete a custom role\n\nto delete a custom role:\n\n1. go to **settings** > **project roles**.\n1. find the role you want to delete.\n1. select the **three-dot menu** > **delete**.\n1. confirm the deletion.\n\nreassign users before deletion\n\nif users are assigned to this role, you must first reassign them to a different role before deleting it.\n\n## permission scopes reference\n\ncustom roles use permission scopes to define what users can do within a project. here are the available scopes by resource:\n\n### workflow scopes\n\n- `workflow:create` - create new workflows\n- `workflow:read` - view workflow details\n- `workflow:update` - edit workflows\n- `workflow:publish` - publish workflows\n- `workflow:unpublish` - unpublish workflows\n- `workflow:delete` - delete workflows\n- `workflow:list` - view workflows in project\n- `workflow:execute-chat` - execute workflows via chat interface\n- `workflow:move` - move workflows between projects\n- `workflow:share` - share workflows with other users\n\n### credential scopes\n\n- `credential:create` - create new credentials\n- `credential:read` - view credential details\n- `credential:update` - edit credentials\n- `credential:delete` - delete credentials\n- `credential:list` - view credentials in project\n- `credential:move` - move credentials between projects\n- `credential:share` - share credentials with other users\n\n### project scopes\n\n- `project:list` - view available projects\n- `project:read` - view project details\n- `project:update` - edit project settings (admin only)\n- `project:delete` - delete projects (admin only)\n\n### folder scopes\n\n- `folder:create` - create new folders\n- `folder:read` - view folder contents\n- `folder:update` - rename folders\n- `folder:delete` - delete folders\n- `folder:list` - view folders in project\n- `folder:move` - move folders\n\n### data table scopes\n\n- `datatable:create` - create new data tables\n- `datatable:read` - view data table schema\n- `datatable:update` - modify data table schema\n- `datatable:delete` - delete data tables\n- `datatable:listproject` - view data tables in project\n- `datatable:readrow` - read rows from data tables\n- `datatable:writerow` - insert or update rows in data tables\n\n### project variable scopes\n\n- `projectvariable:list` - view project variables\n- `projectvariable:read` - view variable values\n- `projectvariable:create` - create new variables\n- `projectvariable:update` - edit variable values\n- `projectvariable:delete` - delete variables\n\n### secret vault scopes\n\n- `secretsvaults:view` - view secret vaults in a project\n- `secretsvaults:create` - create new secret vaults within project\n- `secretsvaults:edit` - edit secret vault configuration\n- `secretsvaults:delete` - delete secret vaults of a project\n- `secretsvaults:sync` - reload a vault's secrets\n- `secrets:list` - use secrets in credentials\n\n### source control scopes\n\n- `sourcecontrol:push` - push changes to source control\n\n## common custom role examples\n\nthese are example custom project roles you can create for common use cases. remember that these roles apply within individual projects, not across your entire n8n instance.\n\n### workflow developer\n\na role for users who work only with workflows: * `workflow:create`, `workflow:read`, `workflow:update`, `workflow:delete`, `workflow:list` * `credential:read`, `credential:list` (view credentials but not modify) * `project:list`, `project:read`\n\n### credential manager\n\na role for users who manage credentials: * `credential:create`, `credential:read`, `credential:update`, `credential:delete`, `credential:list`, `credential:share` * `workflow:read`, `workflow:list` (view workflows to understand credential usage) * `project:list`, `project:read`\n\n### secrets user\n\na role for users who need to use external secrets in credentials but not manage vaults: * `secrets:list` (use secrets in credentials expressions) * `credential:create`, `credential:read`, `credential:update`, `credential:list` (manage credentials with secrets) * `workflow:read`, `workflow:list` * `project:list`, `project:read`\n\n### workflow publisher\n\na role for users who can publish workflows without full edit access: * `workflow:read`, `workflow:list`, `workflow:publish`, `workflow:unpublish` * `credential:read`, `credential:list` * `project:list`, `project:read`\n\ncombining scopes\n\nyou can combine any scopes to create roles that match your specific needs. consider the principle of least privilege: grant only the permissions users need to perform their tasks.\n custom project roles",
         "importantTerms": [
           "project",
           "role",
+          "create",
           "roles",
           "custom",
-          "create",
           "workflow",
           "delete",
           "read",
           "credential",
           "list",
           "update",
-          "permissions",
-          "workflows",
           "view",
+          "permissions",
           "scopes",
+          "credentials",
+          "workflows",
           "users",
           "select",
           "projects",
-          "credentials",
+          "secrets",
+          "edit",
           "move",
           "folder",
           "data",
-          "edit",
+          "secret",
           "instance",
+          "within",
           "share",
           "datatable",
-          "within",
           "settings",
           "folders",
           "tables",
           "only",
           "assigned",
+          "available",
+          "vault",
           "admin",
           "that",
           "apply",
+          "with",
           "publish",
+          "vaults",
           "projectvariable",
-          "available",
+          "secretsvaults",
           "details",
+          "from",
           "specific",
           "across",
-          "with",
           "table",
-          "variable",
-          "variables",
-          "source",
-          "control",
-          "assign",
-          "modify",
-          "changes"
+          "variable"
         ]
       }
     },
@@ -89041,7 +89046,7 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "Feature availability\n\nRBAC is available on all plans except the Community edition. Different plans have different numbers of projects and roles. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\nn8n uses projects to group workflows and [credentials](../../../glossary/#credential-n8n), and assigns [roles](../role-types/) to users in each project. This means that a single user can have different roles in different projects, giving them different levels of access.\n\n## Create a project\n\nInstance owners and instance admins can create projects.\n\nTo create a project:\n\n1. Select **Add project**.\n1. Fill out the project settings.\n1. Select **Save**.\n\n## Add and remove users in a project\n\nProject admins can add and remove users.\n\nTo add a user to a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Under **Project members**, browse for users or search by username or email address.\n1. Select the user you want to add.\n1. Check the [role type](../role-types/) and change it if needed.\n1. Select **Save**.\n\nTo remove a user from a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. In the **three-dot menu** for the user you want to remove, select **Remove user**.\n1. Select **Save**.\n\n## Delete a project\n\nTo delete a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Select **Delete project**.\n1. Choose what to do with the workflows and credentials. You can select:\n   - **Transfer its workflows and credentials to another project**: n8n prompts you to choose a project to move the data to.\n   - **Delete its workflows and credentials**: n8n prompts you to confirm that you want to delete all the data in the project.\n\n## Move workflows and credentials between projects or users\n\nWorkflow and credential owners can move workflows or credentials (changing ownership) to other users or projects they have access to.\n\nMoving revokes sharing\n\nMoving workflows or credentials removes all existing sharing. Be aware that this could impact other workflows currently sharing these resources.\n\n1. Select **Workflow menu** or **Credential menu** > **Move**.\n\n   Moving workflows with credentials\n\n   When moving a workflow with credentials you have permission to share, you can choose to share the credentials as well. This ensures that the workflow continues to have access to the credentials it needs to execute. n8n will note any credentials that can't be moved (credentials you don't have permission to share).\n\n1. Select the project or user you want to move to.\n\n1. Select **Next**.\n\n1. Confirm you understand the impact of the move: workflows may stop working if the credentials they need aren't available in the target project, and n8n removes any current individual sharing.\n\n1. Select **Confirm move to new project**.\n\n## Using external secrets in projects\n\nTo use [external secrets](../../../external-secrets/) in a project, you must have an [instance owner or instance admin](../../account-types/) as a member of the project.\n",
+        "markdown": "Feature availability\n\nRBAC is available on all plans except the Community edition. Different plans have different numbers of projects and roles. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\nn8n uses projects to group workflows and [credentials](../../../glossary/#credential-n8n), and assigns [roles](../role-types/) to users in each project. This means that a single user can have different roles in different projects, giving them different levels of access.\n\n## Create a project\n\nInstance owners and instance admins can create projects.\n\nTo create a project:\n\n1. Select **Add project**.\n1. Fill out the project settings.\n1. Select **Save**.\n\n## Add and remove users in a project\n\nProject admins can add and remove users.\n\nTo add a user to a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Under **Project members**, browse for users or search by username or email address.\n1. Select the user you want to add.\n1. Check the [role type](../role-types/) and change it if needed.\n1. Select **Save**.\n\nTo remove a user from a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. In the **three-dot menu** for the user you want to remove, select **Remove user**.\n1. Select **Save**.\n\n## Delete a project\n\nTo delete a project:\n\n1. Select the project.\n1. Select **Project settings**.\n1. Select **Delete project**.\n1. Choose what to do with the workflows and credentials. You can select:\n   - **Transfer its workflows and credentials to another project**: n8n prompts you to choose a project to move the data to.\n   - **Delete its workflows and credentials**: n8n prompts you to confirm that you want to delete all the data in the project.\n\n## Move workflows and credentials between projects or users\n\nWorkflow and credential owners can move workflows or credentials (changing ownership) to other users or projects they have access to.\n\nMoving revokes sharing\n\nMoving workflows or credentials removes all existing sharing. Be aware that this could impact other workflows currently sharing these resources.\n\n1. Select **Workflow menu** or **Credential menu** > **Move**.\n\n   Moving workflows with credentials\n\n   When moving a workflow with credentials you have permission to share, you can choose to share the credentials as well. This ensures that the workflow continues to have access to the credentials it needs to execute. n8n will note any credentials that can't be moved (credentials you don't have permission to share).\n\n1. Select the project or user you want to move to.\n\n1. Select **Next**.\n\n1. Confirm you understand the impact of the move: workflows may stop working if the credentials they need aren't available in the target project, and n8n removes any current individual sharing.\n\n1. Select **Confirm move to new project**.\n\n## Using external secrets in projects\n\nFrom version `2.13.0`, instance owners and admins can enable [external secrets](../../../external-secrets/) access for project editors and admins. Refer to [Access for project roles](../../../external-secrets/#access-for-project-roles) for details on enabling this and the permissions each role gets.\n\nIn older versions (or when the opt-in toggle is off), using external secrets in a project requires an [instance owner or instance admin](../../account-types/) as a member of the project.\n",
         "excerpt": "Feature availability  RBAC is available on all plans except the Community edition. Different plans have different numbers of projects and roles. Refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.  n8n uses projects to group workflows and [credentials](../../../glossary/#credential-n8n), and assigns [roles](../role-types/) to users in each project. This means that a single user can have different roles in different projects, giving them different levels of access.  ## Create...",
         "sections": [
           {
@@ -89067,7 +89072,7 @@
           {
             "title": "Using external secrets in projects",
             "level": 2,
-            "content": "To use [external secrets](../../../external-secrets/) in a project, you must have an [instance owner or instance admin](../../account-types/) as a member of the project."
+            "content": "From version `2.13.0`, instance owners and admins can enable [external secrets](../../../external-secrets/) access for project editors and admins. Refer to [Access for project roles](../../../external-secrets/#access-for-project-roles) for details on enabling this and the permissions each role gets.\n\nIn older versions (or when the opt-in toggle is off), using external secrets in a project requires an [instance owner or instance admin](../../account-types/) as a member of the project."
           }
         ]
       },
@@ -89092,11 +89097,11 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "3 min",
-        "contentLength": 3006,
+        "contentLength": 3325,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "projects feature availability\n\nrbac is available on all plans except the community edition. different plans have different numbers of projects and roles. refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\nn8n uses projects to group workflows and [credentials](../../../glossary/#credential-n8n), and assigns [roles](../role-types/) to users in each project. this means that a single user can have different roles in different projects, giving them different levels of access.\n\n## create a project\n\ninstance owners and instance admins can create projects.\n\nto create a project:\n\n1. select **add project**.\n1. fill out the project settings.\n1. select **save**.\n\n## add and remove users in a project\n\nproject admins can add and remove users.\n\nto add a user to a project:\n\n1. select the project.\n1. select **project settings**.\n1. under **project members**, browse for users or search by username or email address.\n1. select the user you want to add.\n1. check the [role type](../role-types/) and change it if needed.\n1. select **save**.\n\nto remove a user from a project:\n\n1. select the project.\n1. select **project settings**.\n1. in the **three-dot menu** for the user you want to remove, select **remove user**.\n1. select **save**.\n\n## delete a project\n\nto delete a project:\n\n1. select the project.\n1. select **project settings**.\n1. select **delete project**.\n1. choose what to do with the workflows and credentials. you can select:\n   - **transfer its workflows and credentials to another project**: n8n prompts you to choose a project to move the data to.\n   - **delete its workflows and credentials**: n8n prompts you to confirm that you want to delete all the data in the project.\n\n## move workflows and credentials between projects or users\n\nworkflow and credential owners can move workflows or credentials (changing ownership) to other users or projects they have access to.\n\nmoving revokes sharing\n\nmoving workflows or credentials removes all existing sharing. be aware that this could impact other workflows currently sharing these resources.\n\n1. select **workflow menu** or **credential menu** > **move**.\n\n   moving workflows with credentials\n\n   when moving a workflow with credentials you have permission to share, you can choose to share the credentials as well. this ensures that the workflow continues to have access to the credentials it needs to execute. n8n will note any credentials that can't be moved (credentials you don't have permission to share).\n\n1. select the project or user you want to move to.\n\n1. select **next**.\n\n1. confirm you understand the impact of the move: workflows may stop working if the credentials they need aren't available in the target project, and n8n removes any current individual sharing.\n\n1. select **confirm move to new project**.\n\n## using external secrets in projects\n\nto use [external secrets](../../../external-secrets/) in a project, you must have an [instance owner or instance admin](../../account-types/) as a member of the project.\n create a project add and remove users in a project delete a project move workflows and credentials between projects or users using external secrets in projects",
+        "fullText": "projects feature availability\n\nrbac is available on all plans except the community edition. different plans have different numbers of projects and roles. refer to n8n's [pricing page](https://n8n.io/pricing/) for plan details.\n\nn8n uses projects to group workflows and [credentials](../../../glossary/#credential-n8n), and assigns [roles](../role-types/) to users in each project. this means that a single user can have different roles in different projects, giving them different levels of access.\n\n## create a project\n\ninstance owners and instance admins can create projects.\n\nto create a project:\n\n1. select **add project**.\n1. fill out the project settings.\n1. select **save**.\n\n## add and remove users in a project\n\nproject admins can add and remove users.\n\nto add a user to a project:\n\n1. select the project.\n1. select **project settings**.\n1. under **project members**, browse for users or search by username or email address.\n1. select the user you want to add.\n1. check the [role type](../role-types/) and change it if needed.\n1. select **save**.\n\nto remove a user from a project:\n\n1. select the project.\n1. select **project settings**.\n1. in the **three-dot menu** for the user you want to remove, select **remove user**.\n1. select **save**.\n\n## delete a project\n\nto delete a project:\n\n1. select the project.\n1. select **project settings**.\n1. select **delete project**.\n1. choose what to do with the workflows and credentials. you can select:\n   - **transfer its workflows and credentials to another project**: n8n prompts you to choose a project to move the data to.\n   - **delete its workflows and credentials**: n8n prompts you to confirm that you want to delete all the data in the project.\n\n## move workflows and credentials between projects or users\n\nworkflow and credential owners can move workflows or credentials (changing ownership) to other users or projects they have access to.\n\nmoving revokes sharing\n\nmoving workflows or credentials removes all existing sharing. be aware that this could impact other workflows currently sharing these resources.\n\n1. select **workflow menu** or **credential menu** > **move**.\n\n   moving workflows with credentials\n\n   when moving a workflow with credentials you have permission to share, you can choose to share the credentials as well. this ensures that the workflow continues to have access to the credentials it needs to execute. n8n will note any credentials that can't be moved (credentials you don't have permission to share).\n\n1. select the project or user you want to move to.\n\n1. select **next**.\n\n1. confirm you understand the impact of the move: workflows may stop working if the credentials they need aren't available in the target project, and n8n removes any current individual sharing.\n\n1. select **confirm move to new project**.\n\n## using external secrets in projects\n\nfrom version `2.13.0`, instance owners and admins can enable [external secrets](../../../external-secrets/) access for project editors and admins. refer to [access for project roles](../../../external-secrets/#access-for-project-roles) for details on enabling this and the permissions each role gets.\n\nin older versions (or when the opt-in toggle is off), using external secrets in a project requires an [instance owner or instance admin](../../account-types/) as a member of the project.\n create a project add and remove users in a project delete a project move workflows and credentials between projects or users using external secrets in projects",
         "importantTerms": [
           "project",
           "select",
@@ -89105,33 +89110,36 @@
           "projects",
           "users",
           "move",
-          "have",
           "user",
+          "have",
+          "access",
           "remove",
           "delete",
+          "external",
+          "secrets",
           "different",
+          "roles",
           "that",
-          "create",
           "instance",
+          "role",
+          "this",
+          "create",
+          "admins",
           "settings",
           "want",
           "workflow",
           "moving",
           "sharing",
-          "external",
-          "secrets",
-          "roles",
           "credential",
-          "role",
           "types",
-          "this",
-          "access",
+          "owners",
           "save",
           "menu",
           "choose",
           "with",
           "confirm",
-          "share"
+          "share",
+          "using"
         ]
       }
     },
@@ -89145,7 +89153,7 @@
       "nodeName": null,
       "nodeType": null,
       "content": {
-        "markdown": "# RBAC role types\n\nFeature availability\n\n- The Project Editor role is available on Pro Cloud and Self-hosted Enterprise plans.\n- The Project Viewer role is only available on Self-hosted Enterprise and Cloud Enterprise plans.\n\nWithin projects, there are three user roles: Admin, Editor, and Viewer. These roles control what the user can do in a project. A user can have different roles within different projects.\n\n## Project Admin\n\nA Project Admin role has the highest level of permissions. Project admins can:\n\n- Manage project settings: Change name, delete project.\n- Manage project members: Invite members and remove members, change members' roles.\n- View, create, update, and delete any workflows, credentials, or executions within a project.\n\n## Project Editor\n\nA Project Editor can view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## Project Viewer\n\nA Project Viewer is effectively a `read-only` role with access to all workflows, credentials, and executions within a project.\n\nViewers aren't able to manually execute any workflows that exist in a project.\n\nRole types and account types\n\nRole types and [account types](../../account-types/) are different things. Every account has one type. The account can have different role types for different [projects](../projects/).\n\n| Permission                      | Admin | Editor | Viewer |\n| ------------------------------- | ----- | ------ | ------ |\n| View workflows in the project   |       |        |        |\n| View credentials in the project |       |        |        |\n| View executions                 |       |        |        |\n| Edit credentials and workflows  |       |        |        |\n| Add workflows and credentials   |       |        |        |\n| Execute workflows               |       |        |        |\n| Manage members                  |       |        |        |\n| Modify the project              |       |        |        |\n\n[Variables](../../../code/variables/) and [tags](../../../workflows/tags/) aren't affected by RBAC: they're global across the n8n instance.\n",
+        "markdown": "# RBAC role types\n\nFeature availability\n\n- The Project Editor role is available on Pro Cloud and Self-hosted Enterprise plans.\n- The Project Viewer role is only available on Self-hosted Enterprise and Cloud Enterprise plans.\n\nWithin projects, there are three user roles: Admin, Editor, and Viewer. These roles control what the user can do in a project. A user can have different roles within different projects.\n\n## Project Admin\n\nA Project Admin role has the highest level of permissions. Project admins can:\n\n- Manage project settings: Change name, delete project.\n- Manage project members: Invite members and remove members, change members' roles.\n- View, create, update, and delete any workflows, credentials, or executions within a project.\n\n## Project Editor\n\nA Project Editor can view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## Project Viewer\n\nA Project Viewer is effectively a `read-only` role with access to all workflows, credentials, and executions within a project.\n\nViewers aren't able to manually execute any workflows that exist in a project.\n\nRole types and account types\n\nRole types and [account types](../../account-types/) are different things. Every account has one type. The account can have different role types for different [projects](../projects/).\n\n| Permission                          | Admin | Editor | Viewer |\n| ----------------------------------- | ----- | ------ | ------ |\n| View workflows in the project       |       |        |        |\n| View credentials in the project     |       |        |        |\n| View executions                     |       |        |        |\n| Edit credentials and workflows      |       |        |        |\n| Add workflows and credentials       |       |        |        |\n| Execute workflows                   |       |        |        |\n| Manage members                      |       |        |        |\n| Modify the project                  |       |        |        |\n| Use external secrets in credentials | \\*    | \\*     |        |\n| Manage project secret vaults        | \\*    |        |        |\n\n\\* Requires **Enable external secrets for project roles** to be enabled by an instance owner or admin. Refer to [Access for project roles](../../../external-secrets/#access-for-project-roles). This is available from n8n version `2.13.0`.\n\n[Variables](../../../code/variables/) and [tags](../../../workflows/tags/) aren't affected by RBAC: they're global across the n8n instance.\n",
         "excerpt": "# RBAC role types  Feature availability  - The Project Editor role is available on Pro Cloud and Self-hosted Enterprise plans. - The Project Viewer role is only available on Self-hosted Enterprise and Cloud Enterprise plans.  Within projects, there are three user roles: Admin, Editor, and Viewer. These roles control what the user can do in a project. A user can have different roles within different projects.  ## Project Admin  A Project Admin role has the highest level of permissions. Project ad...",
         "sections": [
           {
@@ -89170,33 +89178,37 @@
         "codeExamples": 0,
         "complexity": "beginner",
         "readingTime": "2 min",
-        "contentLength": 2085,
+        "contentLength": 2496,
         "relatedPages": []
       },
       "searchIndex": {
-        "fullText": "role types # rbac role types\n\nfeature availability\n\n- the project editor role is available on pro cloud and self-hosted enterprise plans.\n- the project viewer role is only available on self-hosted enterprise and cloud enterprise plans.\n\nwithin projects, there are three user roles: admin, editor, and viewer. these roles control what the user can do in a project. a user can have different roles within different projects.\n\n## project admin\n\na project admin role has the highest level of permissions. project admins can:\n\n- manage project settings: change name, delete project.\n- manage project members: invite members and remove members, change members' roles.\n- view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## project editor\n\na project editor can view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## project viewer\n\na project viewer is effectively a `read-only` role with access to all workflows, credentials, and executions within a project.\n\nviewers aren't able to manually execute any workflows that exist in a project.\n\nrole types and account types\n\nrole types and [account types](../../account-types/) are different things. every account has one type. the account can have different role types for different [projects](../projects/).\n\n| permission                      | admin | editor | viewer |\n| ------------------------------- | ----- | ------ | ------ |\n| view workflows in the project   |       |        |        |\n| view credentials in the project |       |        |        |\n| view executions                 |       |        |        |\n| edit credentials and workflows  |       |        |        |\n| add workflows and credentials   |       |        |        |\n| execute workflows               |       |        |        |\n| manage members                  |       |        |        |\n| modify the project              |       |        |        |\n\n[variables](../../../code/variables/) and [tags](../../../workflows/tags/) aren't affected by rbac: they're global across the n8n instance.\n rbac role types",
+        "fullText": "role types # rbac role types\n\nfeature availability\n\n- the project editor role is available on pro cloud and self-hosted enterprise plans.\n- the project viewer role is only available on self-hosted enterprise and cloud enterprise plans.\n\nwithin projects, there are three user roles: admin, editor, and viewer. these roles control what the user can do in a project. a user can have different roles within different projects.\n\n## project admin\n\na project admin role has the highest level of permissions. project admins can:\n\n- manage project settings: change name, delete project.\n- manage project members: invite members and remove members, change members' roles.\n- view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## project editor\n\na project editor can view, create, update, and delete any workflows, credentials, or executions within a project.\n\n## project viewer\n\na project viewer is effectively a `read-only` role with access to all workflows, credentials, and executions within a project.\n\nviewers aren't able to manually execute any workflows that exist in a project.\n\nrole types and account types\n\nrole types and [account types](../../account-types/) are different things. every account has one type. the account can have different role types for different [projects](../projects/).\n\n| permission                          | admin | editor | viewer |\n| ----------------------------------- | ----- | ------ | ------ |\n| view workflows in the project       |       |        |        |\n| view credentials in the project     |       |        |        |\n| view executions                     |       |        |        |\n| edit credentials and workflows      |       |        |        |\n| add workflows and credentials       |       |        |        |\n| execute workflows                   |       |        |        |\n| manage members                      |       |        |        |\n| modify the project                  |       |        |        |\n| use external secrets in credentials | \\*    | \\*     |        |\n| manage project secret vaults        | \\*    |        |        |\n\n\\* requires **enable external secrets for project roles** to be enabled by an instance owner or admin. refer to [access for project roles](../../../external-secrets/#access-for-project-roles). this is available from n8n version `2.13.0`.\n\n[variables](../../../code/variables/) and [tags](../../../workflows/tags/) aren't affected by rbac: they're global across the n8n instance.\n rbac role types",
         "importantTerms": [
           "project",
           "role",
           "types",
           "workflows",
+          "roles",
           "credentials",
           "editor",
           "viewer",
           "within",
+          "admin",
           "different",
           "members",
           "view",
           "account",
           "projects",
-          "roles",
-          "admin",
+          "manage",
           "executions",
           "rbac",
+          "available",
           "enterprise",
           "user",
-          "manage",
-          "delete"
+          "delete",
+          "access",
+          "external",
+          "secrets"
         ]
       }
     },
@@ -89335,6 +89347,95 @@
     },
     {
       "id": "page-1228",
+      "title": "Okta Workforce Identity SAML setup",
+      "url": "https://docs.n8n.io/user-management/saml/okta/index.md",
+      "urlPath": "user-management/saml/okta/index.md",
+      "category": "other",
+      "subcategory": null,
+      "nodeName": null,
+      "nodeType": null,
+      "content": {
+        "markdown": "# Okta Workforce Identity SAML setup\n\nSet up SAML SSO in n8n with Okta.\n\nWorkforce Identity and Customer Identity\n\nThis guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired.\n\n## Prerequisites\n\nYou need an Okta Workforce Identity account, and the redirect URL and entity ID from n8n's SAML settings.\n\nOkta Workforce may enforce two factor authentication for users, depending on your Okta configuration.\n\nRead the [Set up SAML](../setup/) guide first.\n\n## Setup\n\nIn addition to the following instructions, [this PDF](../n8n-saml-with-okta.pdf) provides visual step-by-step guide on how to setup SAML in n8n with Okta.\n\n1. In your Okta admin panel, select **Applications** > **Applications**.\n\n1. Select **Create App Integration**. Okta opens the app creation modal.\n\n1. Select **SAML 2.0**, then select **Next**.\n\n1. On the **General Settings** tab, enter `n8n` as the **App name**.\n\n1. Select **Next** .\n\n1. On the **Configure SAML** tab, complete the following **General** fields:\n\n   - **Single sign-on URL**: the **Redirect URL** from n8n.\n   - **Audience URI (SP Entity ID)**: the **Entity ID** from n8n.\n   - **Default RelayState**: leave this empty.\n   - **Name ID format**: `EmailAddress`.\n   - **Application username**: `Okta username`.\n   - **Update application username on**: `Create and update`.\n\n1. Create **Attribute Statements**:\n\n   | **Name**                                                             | **Name format** | **Value**      |\n   | -------------------------------------------------------------------- | --------------- | -------------- |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname`    | URI Reference   | user.firstName |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname`     | URI Reference   | user.lastName  |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn`          | URI Reference   | user.login     |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` | URI Reference   | user.email     |\n\n1. Select **Next**. Okta may prompt you to complete a marketing form, or may take you directly to your new n8n Okta app.\n\n1. Assign the n8n app to people:\n\n   1. On the n8n app dashboard in Okta, select **Assignments**.\n   1. Select **Assign** > **Assign to People**. Okta displays a modal with a list of available people.\n   1. Select **Assign** next to the person you want to add. Okta displays a prompt to confirm the username.\n   1. Leave the username as email address. Select **Save and Go Back**.\n   1. Select **Done**.\n\n1. Get the metadata XML: on the **Sign On** tab, copy the Metadata URL. Navigate to it, and copy the XML. Paste this into **Identity Provider Settings** in n8n.\n\n1. Select **Save settings**.\n\n1. Select **Test settings**. n8n opens a new tab. If you're not currently logged in, Okta prompts you to sign in. n8n then displays a success message confirming the attributes returned by Okta.\n\n### Instance and project access provisioning\n\nSee the [Set up SAML page](../setup/#instance-and-project-access-provisioning) for additional information of this feature.\n\n**Adding the required attributes**\n\n1. In your Okta admin panel, select **Applications** > **Applications**.\n\n1. Go to the configuration of your n8n application\n\n1. On the **General** tab, click **Edit** next to **SAML Settings**\n\n1. In the page that opens, continue to step 2: **Configure SAML**\n\n1. Add the following two **Attribute Statements**:\n\n   | **Name**          | **Name format** | **Value**                 |\n   | ----------------- | --------------- | ------------------------- |\n   | n8n_instance_role | Basic           | appuser.n8n_instance_role |\n   | n8n_projects      | Basic           | appuser.n8n_projects      |\n\n1. Click **Next**\n\n1. Click **Finish**\n\n**Updating the app profile**\n\n1. In your Okta admin panel, select **Directory** > **Profile Editor**.\n1. Go to the profile of your n8n application\n1. Click **Add Attribute**\n1. Add the **n8n_instance_role** attribute\n   - **Data type**: string\n   - **Display name**: n8n_instance_role\n   - **Variable name**: n8n_instance_role\n   - **Attribute type**: Group\n1. Add the **n8n_projects** attribute\n   - **Data type**: string array\n   - **Display name**: n8n_projects\n   - **Variable name**: n8n_projects\n   - **Attribute type**: Group\n   - **Group priority**: Combine values across groups\n\nNow when you go to **Directory** > **Groups** and edit the assigned n8n application, you can configure the **n8n_instance_role** and **n8n_projects** to be sent to n8n upon logging in via SAML.\n",
+        "excerpt": "# Okta Workforce Identity SAML setup  Set up SAML SSO in n8n with Okta.  Workforce Identity and Customer Identity  This guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired.  ## Prerequisites  You need an Okta Workforce Identity account, and the redirect URL and entity ID from n8n's SAML settings.  Okta Workforce may enforce two factor authentication for users, depending on your Okta configuration.  Read...",
+        "sections": [
+          {
+            "title": "Okta Workforce Identity SAML setup",
+            "level": 1,
+            "content": "Set up SAML SSO in n8n with Okta.\n\nWorkforce Identity and Customer Identity\n\nThis guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired."
+          }
+        ]
+      },
+      "metadata": {
+        "keywords": [
+          "okta",
+          "workforce",
+          "identity",
+          "saml",
+          "setup",
+          "prerequisites",
+          "instance",
+          "project",
+          "access",
+          "provisioning"
+        ],
+        "useCases": [],
+        "operations": [],
+        "codeExamples": 0,
+        "complexity": "beginner",
+        "readingTime": "4 min",
+        "contentLength": 4645,
+        "relatedPages": []
+      },
+      "searchIndex": {
+        "fullText": "okta workforce identity saml setup # okta workforce identity saml setup\n\nset up saml sso in n8n with okta.\n\nworkforce identity and customer identity\n\nthis guide covers setting up workforce identity. this is the original okta product. customer identity is okta's name for auth0, which they've acquired.\n\n## prerequisites\n\nyou need an okta workforce identity account, and the redirect url and entity id from n8n's saml settings.\n\nokta workforce may enforce two factor authentication for users, depending on your okta configuration.\n\nread the [set up saml](../setup/) guide first.\n\n## setup\n\nin addition to the following instructions, [this pdf](../n8n-saml-with-okta.pdf) provides visual step-by-step guide on how to setup saml in n8n with okta.\n\n1. in your okta admin panel, select **applications** > **applications**.\n\n1. select **create app integration**. okta opens the app creation modal.\n\n1. select **saml 2.0**, then select **next**.\n\n1. on the **general settings** tab, enter `n8n` as the **app name**.\n\n1. select **next** .\n\n1. on the **configure saml** tab, complete the following **general** fields:\n\n   - **single sign-on url**: the **redirect url** from n8n.\n   - **audience uri (sp entity id)**: the **entity id** from n8n.\n   - **default relaystate**: leave this empty.\n   - **name id format**: `emailaddress`.\n   - **application username**: `okta username`.\n   - **update application username on**: `create and update`.\n\n1. create **attribute statements**:\n\n   | **name**                                                             | **name format** | **value**      |\n   | -------------------------------------------------------------------- | --------------- | -------------- |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname`    | uri reference   | user.firstname |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname`     | uri reference   | user.lastname  |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn`          | uri reference   | user.login     |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` | uri reference   | user.email     |\n\n1. select **next**. okta may prompt you to complete a marketing form, or may take you directly to your new n8n okta app.\n\n1. assign the n8n app to people:\n\n   1. on the n8n app dashboard in okta, select **assignments**.\n   1. select **assign** > **assign to people**. okta displays a modal with a list of available people.\n   1. select **assign** next to the person you want to add. okta displays a prompt to confirm the username.\n   1. leave the username as email address. select **save and go back**.\n   1. select **done**.\n\n1. get the metadata xml: on the **sign on** tab, copy the metadata url. navigate to it, and copy the xml. paste this into **identity provider settings** in n8n.\n\n1. select **save settings**.\n\n1. select **test settings**. n8n opens a new tab. if you're not currently logged in, okta prompts you to sign in. n8n then displays a success message confirming the attributes returned by okta.\n\n### instance and project access provisioning\n\nsee the [set up saml page](../setup/#instance-and-project-access-provisioning) for additional information of this feature.\n\n**adding the required attributes**\n\n1. in your okta admin panel, select **applications** > **applications**.\n\n1. go to the configuration of your n8n application\n\n1. on the **general** tab, click **edit** next to **saml settings**\n\n1. in the page that opens, continue to step 2: **configure saml**\n\n1. add the following two **attribute statements**:\n\n   | **name**          | **name format** | **value**                 |\n   | ----------------- | --------------- | ------------------------- |\n   | n8n_instance_role | basic           | appuser.n8n_instance_role |\n   | n8n_projects      | basic           | appuser.n8n_projects      |\n\n1. click **next**\n\n1. click **finish**\n\n**updating the app profile**\n\n1. in your okta admin panel, select **directory** > **profile editor**.\n1. go to the profile of your n8n application\n1. click **add attribute**\n1. add the **n8n_instance_role** attribute\n   - **data type**: string\n   - **display name**: n8n_instance_role\n   - **variable name**: n8n_instance_role\n   - **attribute type**: group\n1. add the **n8n_projects** attribute\n   - **data type**: string array\n   - **display name**: n8n_projects\n   - **variable name**: n8n_projects\n   - **attribute type**: group\n   - **group priority**: combine values across groups\n\nnow when you go to **directory** > **groups** and edit the assigned n8n application, you can configure the **n8n_instance_role** and **n8n_projects** to be sent to n8n upon logging in via saml.\n okta workforce identity saml setup",
+        "importantTerms": [
+          "okta",
+          "select",
+          "saml",
+          "identity",
+          "name",
+          "workforce",
+          "setup",
+          "your",
+          "attribute",
+          "this",
+          "settings",
+          "next",
+          "application",
+          "username",
+          "with",
+          "applications",
+          "http",
+          "schemas",
+          "xmlsoap",
+          "claims",
+          "reference",
+          "user",
+          "assign",
+          "click",
+          "type",
+          "guide",
+          "entity",
+          "from",
+          "following",
+          "step",
+          "admin",
+          "panel",
+          "create",
+          "opens",
+          "general",
+          "configure",
+          "sign",
+          "format",
+          "people",
+          "displays",
+          "profile",
+          "group"
+        ]
+      }
+    },
+    {
+      "id": "page-1229",
       "title": "Manage users with SAML",
       "url": "https://docs.n8n.io/user-management/saml/managing/index.md",
       "urlPath": "user-management/saml/managing/index.md",
@@ -89383,95 +89484,6 @@
         ]
       }
     },
-    {
-      "id": "page-1229",
-      "title": "Okta Workforce Identity SAML setup",
-      "url": "https://docs.n8n.io/user-management/saml/okta/index.md",
-      "urlPath": "user-management/saml/okta/index.md",
-      "category": "other",
-      "subcategory": null,
-      "nodeName": null,
-      "nodeType": null,
-      "content": {
-        "markdown": "# Okta Workforce Identity SAML setup\n\nSet up SAML SSO in n8n with Okta.\n\nWorkforce Identity and Customer Identity\n\nThis guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired.\n\n## Prerequisites\n\nYou need an Okta Workforce Identity account, and the redirect URL and entity ID from n8n's SAML settings.\n\nOkta Workforce may enforce two factor authentication for users, depending on your Okta configuration.\n\nRead the [Set up SAML](../setup/) guide first.\n\n## Setup\n\nIn addition to the following instructions, [this PDF](../n8n-saml-with-okta.pdf) provides visual step-by-step guide on how to setup SAML in n8n with Okta.\n\n1. In your Okta admin panel, select **Applications** > **Applications**.\n\n1. Select **Create App Integration**. Okta opens the app creation modal.\n\n1. Select **SAML 2.0**, then select **Next**.\n\n1. On the **General Settings** tab, enter `n8n` as the **App name**.\n\n1. Select **Next** .\n\n1. On the **Configure SAML** tab, complete the following **General** fields:\n\n   - **Single sign-on URL**: the **Redirect URL** from n8n.\n   - **Audience URI (SP Entity ID)**: the **Entity ID** from n8n.\n   - **Default RelayState**: leave this empty.\n   - **Name ID format**: `EmailAddress`.\n   - **Application username**: `Okta username`.\n   - **Update application username on**: `Create and update`.\n\n1. Create **Attribute Statements**:\n\n   | **Name**                                                             | **Name format** | **Value**      |\n   | -------------------------------------------------------------------- | --------------- | -------------- |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname`    | URI Reference   | user.firstName |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname`     | URI Reference   | user.lastName  |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn`          | URI Reference   | user.login     |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` | URI Reference   | user.email     |\n\n1. Select **Next**. Okta may prompt you to complete a marketing form, or may take you directly to your new n8n Okta app.\n\n1. Assign the n8n app to people:\n\n   1. On the n8n app dashboard in Okta, select **Assignments**.\n   1. Select **Assign** > **Assign to People**. Okta displays a modal with a list of available people.\n   1. Select **Assign** next to the person you want to add. Okta displays a prompt to confirm the username.\n   1. Leave the username as email address. Select **Save and Go Back**.\n   1. Select **Done**.\n\n1. Get the metadata XML: on the **Sign On** tab, copy the Metadata URL. Navigate to it, and copy the XML. Paste this into **Identity Provider Settings** in n8n.\n\n1. Select **Save settings**.\n\n1. Select **Test settings**. n8n opens a new tab. If you're not currently logged in, Okta prompts you to sign in. n8n then displays a success message confirming the attributes returned by Okta.\n\n### Instance and project access provisioning\n\nSee the [Set up SAML page](../setup/#instance-and-project-access-provisioning) for additional information of this feature.\n\n**Adding the required attributes**\n\n1. In your Okta admin panel, select **Applications** > **Applications**.\n\n1. Go to the configuration of your n8n application\n\n1. On the **General** tab, click **Edit** next to **SAML Settings**\n\n1. In the page that opens, continue to step 2: **Configure SAML**\n\n1. Add the following two **Attribute Statements**:\n\n   | **Name**          | **Name format** | **Value**                 |\n   | ----------------- | --------------- | ------------------------- |\n   | n8n_instance_role | Basic           | appuser.n8n_instance_role |\n   | n8n_projects      | Basic           | appuser.n8n_projects      |\n\n1. Click **Next**\n\n1. Click **Finish**\n\n**Updating the app profile**\n\n1. In your Okta admin panel, select **Directory** > **Profile Editor**.\n1. Go to the profile of your n8n application\n1. Click **Add Attribute**\n1. Add the **n8n_instance_role** attribute\n   - **Data type**: string\n   - **Display name**: n8n_instance_role\n   - **Variable name**: n8n_instance_role\n   - **Attribute type**: Group\n1. Add the **n8n_projects** attribute\n   - **Data type**: string array\n   - **Display name**: n8n_projects\n   - **Variable name**: n8n_projects\n   - **Attribute type**: Group\n   - **Group priority**: Combine values across groups\n\nNow when you go to **Directory** > **Groups** and edit the assigned n8n application, you can configure the **n8n_instance_role** and **n8n_projects** to be sent to n8n upon logging in via SAML.\n",
-        "excerpt": "# Okta Workforce Identity SAML setup  Set up SAML SSO in n8n with Okta.  Workforce Identity and Customer Identity  This guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired.  ## Prerequisites  You need an Okta Workforce Identity account, and the redirect URL and entity ID from n8n's SAML settings.  Okta Workforce may enforce two factor authentication for users, depending on your Okta configuration.  Read...",
-        "sections": [
-          {
-            "title": "Okta Workforce Identity SAML setup",
-            "level": 1,
-            "content": "Set up SAML SSO in n8n with Okta.\n\nWorkforce Identity and Customer Identity\n\nThis guide covers setting up Workforce Identity. This is the original Okta product. Customer Identity is Okta's name for Auth0, which they've acquired."
-          }
-        ]
-      },
-      "metadata": {
-        "keywords": [
-          "okta",
-          "workforce",
-          "identity",
-          "saml",
-          "setup",
-          "prerequisites",
-          "instance",
-          "project",
-          "access",
-          "provisioning"
-        ],
-        "useCases": [],
-        "operations": [],
-        "codeExamples": 0,
-        "complexity": "beginner",
-        "readingTime": "4 min",
-        "contentLength": 4645,
-        "relatedPages": []
-      },
-      "searchIndex": {
-        "fullText": "okta workforce identity saml setup # okta workforce identity saml setup\n\nset up saml sso in n8n with okta.\n\nworkforce identity and customer identity\n\nthis guide covers setting up workforce identity. this is the original okta product. customer identity is okta's name for auth0, which they've acquired.\n\n## prerequisites\n\nyou need an okta workforce identity account, and the redirect url and entity id from n8n's saml settings.\n\nokta workforce may enforce two factor authentication for users, depending on your okta configuration.\n\nread the [set up saml](../setup/) guide first.\n\n## setup\n\nin addition to the following instructions, [this pdf](../n8n-saml-with-okta.pdf) provides visual step-by-step guide on how to setup saml in n8n with okta.\n\n1. in your okta admin panel, select **applications** > **applications**.\n\n1. select **create app integration**. okta opens the app creation modal.\n\n1. select **saml 2.0**, then select **next**.\n\n1. on the **general settings** tab, enter `n8n` as the **app name**.\n\n1. select **next** .\n\n1. on the **configure saml** tab, complete the following **general** fields:\n\n   - **single sign-on url**: the **redirect url** from n8n.\n   - **audience uri (sp entity id)**: the **entity id** from n8n.\n   - **default relaystate**: leave this empty.\n   - **name id format**: `emailaddress`.\n   - **application username**: `okta username`.\n   - **update application username on**: `create and update`.\n\n1. create **attribute statements**:\n\n   | **name**                                                             | **name format** | **value**      |\n   | -------------------------------------------------------------------- | --------------- | -------------- |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname`    | uri reference   | user.firstname |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname`     | uri reference   | user.lastname  |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn`          | uri reference   | user.login     |\n   | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` | uri reference   | user.email     |\n\n1. select **next**. okta may prompt you to complete a marketing form, or may take you directly to your new n8n okta app.\n\n1. assign the n8n app to people:\n\n   1. on the n8n app dashboard in okta, select **assignments**.\n   1. select **assign** > **assign to people**. okta displays a modal with a list of available people.\n   1. select **assign** next to the person you want to add. okta displays a prompt to confirm the username.\n   1. leave the username as email address. select **save and go back**.\n   1. select **done**.\n\n1. get the metadata xml: on the **sign on** tab, copy the metadata url. navigate to it, and copy the xml. paste this into **identity provider settings** in n8n.\n\n1. select **save settings**.\n\n1. select **test settings**. n8n opens a new tab. if you're not currently logged in, okta prompts you to sign in. n8n then displays a success message confirming the attributes returned by okta.\n\n### instance and project access provisioning\n\nsee the [set up saml page](../setup/#instance-and-project-access-provisioning) for additional information of this feature.\n\n**adding the required attributes**\n\n1. in your okta admin panel, select **applications** > **applications**.\n\n1. go to the configuration of your n8n application\n\n1. on the **general** tab, click **edit** next to **saml settings**\n\n1. in the page that opens, continue to step 2: **configure saml**\n\n1. add the following two **attribute statements**:\n\n   | **name**          | **name format** | **value**                 |\n   | ----------------- | --------------- | ------------------------- |\n   | n8n_instance_role | basic           | appuser.n8n_instance_role |\n   | n8n_projects      | basic           | appuser.n8n_projects      |\n\n1. click **next**\n\n1. click **finish**\n\n**updating the app profile**\n\n1. in your okta admin panel, select **directory** > **profile editor**.\n1. go to the profile of your n8n application\n1. click **add attribute**\n1. add the **n8n_instance_role** attribute\n   - **data type**: string\n   - **display name**: n8n_instance_role\n   - **variable name**: n8n_instance_role\n   - **attribute type**: group\n1. add the **n8n_projects** attribute\n   - **data type**: string array\n   - **display name**: n8n_projects\n   - **variable name**: n8n_projects\n   - **attribute type**: group\n   - **group priority**: combine values across groups\n\nnow when you go to **directory** > **groups** and edit the assigned n8n application, you can configure the **n8n_instance_role** and **n8n_projects** to be sent to n8n upon logging in via saml.\n okta workforce identity saml setup",
-        "importantTerms": [
-          "okta",
-          "select",
-          "saml",
-          "identity",
-          "name",
-          "workforce",
-          "setup",
-          "your",
-          "attribute",
-          "this",
-          "settings",
-          "next",
-          "application",
-          "username",
-          "with",
-          "applications",
-          "http",
-          "schemas",
-          "xmlsoap",
-          "claims",
-          "reference",
-          "user",
-          "assign",
-          "click",
-          "type",
-          "guide",
-          "entity",
-          "from",
-          "following",
-          "step",
-          "admin",
-          "panel",
-          "create",
-          "opens",
-          "general",
-          "configure",
-          "sign",
-          "format",
-          "people",
-          "displays",
-          "profile",
-          "group"
-        ]
-      }
-    },
     {
       "id": "page-1230",
       "title": "Set up SAML",
@@ -89721,66 +89733,6 @@
     },
     {
       "id": "page-1234",
-      "title": "Export and import",
-      "url": "https://docs.n8n.io/workflows/export-import/index.md",
-      "urlPath": "workflows/export-import/index.md",
-      "category": "workflows",
-      "subcategory": null,
-      "nodeName": null,
-      "nodeType": null,
-      "content": {
-        "markdown": "# Export and import workflows\n\nn8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.\n\nSharing credentials\n\nExported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Remove or anonymize this information from the JSON file before sharing to protect your credentials.\n\n## Copy-Paste\n\nYou can copy and paste a workflow or parts of it by selecting the nodes you want to copy to the clipboard (`Ctrl + c` or `cmd +c`) and pasting it (`Ctrl + v` or `cmd + v`) into the Editor UI.\n\nTo select all nodes or a group of nodes, click and drag:\n\n## From the Editor UI menu\n\nFrom the top navigation bar, select the three dots in the upper right to see the following options:\n\n*Import & Export workflows menu*\n\n- **Download**: Downloads your current workflow as a JSON file to your computer.\n- **Import from URL**: Imports workflow JSON from a URL, for example, [this workflow JSON file on GitHub](https://raw.githubusercontent.com/n8n-io/self-hosted-ai-starter-kit/refs/heads/main/n8n/demo-data/workflows/srOnR8PAY3u4RSwb.json).\n- **Import from File**: Imports a workflow as a JSON file from your computer.\n\n## From the command line\n\n- Export: See the [full list of commands](../../hosting/cli-commands/#export-workflows-and-credentials) for exporting workflows or credentials.\n- Import: See the [full list of commands](../../hosting/cli-commands/#import-workflows-and-credentials) for importing workflows or credentials.\n",
-        "excerpt": "# Export and import workflows  n8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.  Sharing credentials  Exported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Re...",
-        "sections": [
-          {
-            "title": "Export and import workflows",
-            "level": 1,
-            "content": "n8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.\n\nSharing credentials\n\nExported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Remove or anonymize this information from the JSON file before sharing to protect your credentials."
-          }
-        ]
-      },
-      "metadata": {
-        "keywords": [
-          "export",
-          "import",
-          "workflows",
-          "copy",
-          "paste",
-          "from",
-          "editor",
-          "menu",
-          "command",
-          "line"
-        ],
-        "useCases": [],
-        "operations": [],
-        "codeExamples": 0,
-        "complexity": "beginner",
-        "readingTime": "2 min",
-        "contentLength": 1740,
-        "relatedPages": []
-      },
-      "searchIndex": {
-        "fullText": "export and import # export and import workflows\n\nn8n saves workflows in json format. you can export your workflows as json files or import json files into your n8n library. you can export and import workflows in several ways.\n\nsharing credentials\n\nexported workflow json files include [credential](../../glossary/#credential-n8n) names and ids. while ids aren't sensitive, the names could be, depending on how you name your credentials. http request nodes may contain authentication headers when imported from curl. remove or anonymize this information from the json file before sharing to protect your credentials.\n\n## copy-paste\n\nyou can copy and paste a workflow or parts of it by selecting the nodes you want to copy to the clipboard (`ctrl + c` or `cmd +c`) and pasting it (`ctrl + v` or `cmd + v`) into the editor ui.\n\nto select all nodes or a group of nodes, click and drag:\n\n## from the editor ui menu\n\nfrom the top navigation bar, select the three dots in the upper right to see the following options:\n\n*import & export workflows menu*\n\n- **download**: downloads your current workflow as a json file to your computer.\n- **import from url**: imports workflow json from a url, for example, [this workflow json file on github](https://raw.githubusercontent.com/n8n-io/self-hosted-ai-starter-kit/refs/heads/main/n8n/demo-data/workflows/sronr8pay3u4rswb.json).\n- **import from file**: imports a workflow as a json file from your computer.\n\n## from the command line\n\n- export: see the [full list of commands](../../hosting/cli-commands/#export-workflows-and-credentials) for exporting workflows or credentials.\n- import: see the [full list of commands](../../hosting/cli-commands/#import-workflows-and-credentials) for importing workflows or credentials.\n export and import workflows",
-        "importantTerms": [
-          "workflows",
-          "import",
-          "json",
-          "from",
-          "export",
-          "your",
-          "credentials",
-          "workflow",
-          "file",
-          "nodes",
-          "commands",
-          "files",
-          "copy"
-        ]
-      }
-    },
-    {
-      "id": "page-1235",
       "title": "Workflow history",
       "url": "https://docs.n8n.io/workflows/history/index.md",
       "urlPath": "workflows/history/index.md",
@@ -89841,6 +89793,66 @@
         ]
       }
     },
+    {
+      "id": "page-1235",
+      "title": "Export and import",
+      "url": "https://docs.n8n.io/workflows/export-import/index.md",
+      "urlPath": "workflows/export-import/index.md",
+      "category": "workflows",
+      "subcategory": null,
+      "nodeName": null,
+      "nodeType": null,
+      "content": {
+        "markdown": "# Export and import workflows\n\nn8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.\n\nSharing credentials\n\nExported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Remove or anonymize this information from the JSON file before sharing to protect your credentials.\n\n## Copy-Paste\n\nYou can copy and paste a workflow or parts of it by selecting the nodes you want to copy to the clipboard (`Ctrl + c` or `cmd +c`) and pasting it (`Ctrl + v` or `cmd + v`) into the Editor UI.\n\nTo select all nodes or a group of nodes, click and drag:\n\n## From the Editor UI menu\n\nFrom the top navigation bar, select the three dots in the upper right to see the following options:\n\n*Import & Export workflows menu*\n\n- **Download**: Downloads your current workflow as a JSON file to your computer.\n- **Import from URL**: Imports workflow JSON from a URL, for example, [this workflow JSON file on GitHub](https://raw.githubusercontent.com/n8n-io/self-hosted-ai-starter-kit/refs/heads/main/n8n/demo-data/workflows/srOnR8PAY3u4RSwb.json).\n- **Import from File**: Imports a workflow as a JSON file from your computer.\n\n## From the command line\n\n- Export: See the [full list of commands](../../hosting/cli-commands/#export-workflows-and-credentials) for exporting workflows or credentials.\n- Import: See the [full list of commands](../../hosting/cli-commands/#import-workflows-and-credentials) for importing workflows or credentials.\n",
+        "excerpt": "# Export and import workflows  n8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.  Sharing credentials  Exported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Re...",
+        "sections": [
+          {
+            "title": "Export and import workflows",
+            "level": 1,
+            "content": "n8n saves workflows in JSON format. You can export your workflows as JSON files or import JSON files into your n8n library. You can export and import workflows in several ways.\n\nSharing credentials\n\nExported workflow JSON files include [credential](../../glossary/#credential-n8n) names and IDs. While IDs aren't sensitive, the names could be, depending on how you name your credentials. HTTP Request nodes may contain authentication headers when imported from cURL. Remove or anonymize this information from the JSON file before sharing to protect your credentials."
+          }
+        ]
+      },
+      "metadata": {
+        "keywords": [
+          "export",
+          "import",
+          "workflows",
+          "copy",
+          "paste",
+          "from",
+          "editor",
+          "menu",
+          "command",
+          "line"
+        ],
+        "useCases": [],
+        "operations": [],
+        "codeExamples": 0,
+        "complexity": "beginner",
+        "readingTime": "2 min",
+        "contentLength": 1740,
+        "relatedPages": []
+      },
+      "searchIndex": {
+        "fullText": "export and import # export and import workflows\n\nn8n saves workflows in json format. you can export your workflows as json files or import json files into your n8n library. you can export and import workflows in several ways.\n\nsharing credentials\n\nexported workflow json files include [credential](../../glossary/#credential-n8n) names and ids. while ids aren't sensitive, the names could be, depending on how you name your credentials. http request nodes may contain authentication headers when imported from curl. remove or anonymize this information from the json file before sharing to protect your credentials.\n\n## copy-paste\n\nyou can copy and paste a workflow or parts of it by selecting the nodes you want to copy to the clipboard (`ctrl + c` or `cmd +c`) and pasting it (`ctrl + v` or `cmd + v`) into the editor ui.\n\nto select all nodes or a group of nodes, click and drag:\n\n## from the editor ui menu\n\nfrom the top navigation bar, select the three dots in the upper right to see the following options:\n\n*import & export workflows menu*\n\n- **download**: downloads your current workflow as a json file to your computer.\n- **import from url**: imports workflow json from a url, for example, [this workflow json file on github](https://raw.githubusercontent.com/n8n-io/self-hosted-ai-starter-kit/refs/heads/main/n8n/demo-data/workflows/sronr8pay3u4rswb.json).\n- **import from file**: imports a workflow as a json file from your computer.\n\n## from the command line\n\n- export: see the [full list of commands](../../hosting/cli-commands/#export-workflows-and-credentials) for exporting workflows or credentials.\n- import: see the [full list of commands](../../hosting/cli-commands/#import-workflows-and-credentials) for importing workflows or credentials.\n export and import workflows",
+        "importantTerms": [
+          "workflows",
+          "import",
+          "json",
+          "from",
+          "export",
+          "your",
+          "credentials",
+          "workflow",
+          "file",
+          "nodes",
+          "commands",
+          "files",
+          "copy"
+        ]
+      }
+    },
     {
       "id": "page-1236",
       "title": "Save and publish",
@@ -92146,7 +92158,7 @@
         "page-1211",
         "page-1223",
         "page-1233",
-        "page-1235",
+        "page-1234",
         "page-1236",
         "page-1237",
         "page-1238",
@@ -92195,7 +92207,6 @@
       ],
       "owner": [
         "page-0002",
-        "page-0005",
         "page-1208"
       ],
       "account": [
@@ -92235,6 +92246,7 @@
       ],
       "custom": [
         "page-0002",
+        "page-0005",
         "page-0013",
         "page-0052",
         "page-0060",
@@ -92517,7 +92529,7 @@
         "page-0002",
         "page-0195",
         "page-0196",
-        "page-0913"
+        "page-0912"
       ],
       "remove": [
         "page-0002",
@@ -92743,8 +92755,8 @@
         "page-1197",
         "page-1199",
         "page-1211",
-        "page-1228",
-        "page-1234",
+        "page-1229",
+        "page-1235",
         "page-1249"
       ],
       "waiting": [
@@ -92816,7 +92828,7 @@
         "page-1224",
         "page-1232",
         "page-1233",
-        "page-1234",
+        "page-1235",
         "page-1236",
         "page-1238",
         "page-1249",
@@ -92907,6 +92919,7 @@
       ],
       "access": [
         "page-0003",
+        "page-0005",
         "page-0018",
         "page-0060",
         "page-0061",
@@ -92922,7 +92935,7 @@
         "page-0721",
         "page-0727",
         "page-0730",
-        "page-0739",
+        "page-0740",
         "page-0747",
         "page-0757",
         "page-0760",
@@ -92969,7 +92982,7 @@
         "page-1216",
         "page-1220",
         "page-1222",
-        "page-1229",
+        "page-1228",
         "page-1230",
         "page-1237",
         "page-1242",
@@ -93709,7 +93722,7 @@
         "page-0702",
         "page-0703",
         "page-1149",
-        "page-1234"
+        "page-1235"
       ],
       "update:workflow": [
         "page-0003"
@@ -94011,7 +94024,7 @@
         "page-0004",
         "page-0226",
         "page-1197",
-        "page-1235",
+        "page-1234",
         "page-1236"
       ],
       "paid": [
@@ -94023,6 +94036,7 @@
         "page-0013",
         "page-0181",
         "page-1197",
+        "page-1223",
         "page-1224"
       ],
       "connect": [
@@ -94106,7 +94120,8 @@
       ],
       "vault": [
         "page-0005",
-        "page-1197"
+        "page-1197",
+        "page-1223"
       ],
       "hashicorp": [
         "page-0005"
@@ -94571,7 +94586,7 @@
         "page-0736",
         "page-0737",
         "page-0738",
-        "page-0740",
+        "page-0739",
         "page-0741",
         "page-0742",
         "page-0743",
@@ -94912,7 +94927,7 @@
         "page-1199",
         "page-1206",
         "page-1211",
-        "page-1228",
+        "page-1229",
         "page-1238"
       ],
       "environments": [
@@ -94932,6 +94947,36 @@
         "page-1224",
         "page-1230"
       ],
+      "project": [
+        "page-0005",
+        "page-0006",
+        "page-0013",
+        "page-0153",
+        "page-0203",
+        "page-0204",
+        "page-0205",
+        "page-0345",
+        "page-1019",
+        "page-1020",
+        "page-1021",
+        "page-1148",
+        "page-1151",
+        "page-1197",
+        "page-1203",
+        "page-1220",
+        "page-1223",
+        "page-1224",
+        "page-1225",
+        "page-1228",
+        "page-1230"
+      ],
+      "roles": [
+        "page-0005",
+        "page-0013",
+        "page-1197",
+        "page-1223",
+        "page-1238"
+      ],
       "troubleshooting": [
         "page-0005",
         "page-0018",
@@ -94952,79 +94997,31 @@
         "page-1231",
         "page-1253"
       ],
-      "only": [
+      "don't": [
         "page-0005",
-        "page-0166",
-        "page-0195",
-        "page-0219",
-        "page-0228",
-        "page-0512",
-        "page-0519",
-        "page-0626",
-        "page-0630",
-        "page-0666",
-        "page-0678",
-        "page-0696",
-        "page-0703",
+        "page-0015",
+        "page-0211",
+        "page-1153",
+        "page-1180"
+      ],
+      "resolve": [
+        "page-0005",
+        "page-1001",
+        "page-1002"
+      ],
+      "production": [
+        "page-0005",
+        "page-0655",
+        "page-0656",
         "page-0710",
+        "page-0711",
         "page-1054",
         "page-1097",
         "page-1110",
         "page-1136",
-        "page-1163"
-      ],
-      "owned": [
-        "page-0005"
-      ],
-      "instance": [
-        "page-0005",
-        "page-0012",
-        "page-0018",
-        "page-0042",
-        "page-0046",
-        "page-0047",
-        "page-0149",
-        "page-0167",
-        "page-0168",
-        "page-0190",
-        "page-0215",
-        "page-0222",
-        "page-0547",
-        "page-0596",
-        "page-0597",
-        "page-0598",
-        "page-0599",
-        "page-0600",
-        "page-0601",
-        "page-0618",
-        "page-0626",
-        "page-0630",
-        "page-0632",
-        "page-0750",
-        "page-0894",
-        "page-1171",
-        "page-1182",
-        "page-1190",
-        "page-1197",
         "page-1199",
-        "page-1200",
-        "page-1218",
-        "page-1220",
-        "page-1229",
-        "page-1230"
-      ],
-      "admin": [
-        "page-0005",
-        "page-0306",
-        "page-0330",
-        "page-0732",
-        "page-0734",
-        "page-0807",
-        "page-0866",
-        "page-0869",
-        "page-1183",
-        "page-1197",
-        "page-1225"
+        "page-1237",
+        "page-1253"
       ],
       "glossary": [
         "page-0006"
@@ -95181,7 +95178,7 @@
         "page-1180",
         "page-1196",
         "page-1225",
-        "page-1234"
+        "page-1235"
       ],
       "entitlement": [
         "page-0006"
@@ -95255,28 +95252,6 @@
       "(llm)": [
         "page-0006"
       ],
-      "project": [
-        "page-0006",
-        "page-0013",
-        "page-0153",
-        "page-0203",
-        "page-0204",
-        "page-0205",
-        "page-0345",
-        "page-1019",
-        "page-1020",
-        "page-1021",
-        "page-1148",
-        "page-1151",
-        "page-1197",
-        "page-1203",
-        "page-1220",
-        "page-1223",
-        "page-1224",
-        "page-1225",
-        "page-1229",
-        "page-1230"
-      ],
       "root": [
         "page-0006",
         "page-0041",
@@ -96018,6 +95993,42 @@
         "page-0068",
         "page-1123"
       ],
+      "instance": [
+        "page-0012",
+        "page-0018",
+        "page-0042",
+        "page-0046",
+        "page-0047",
+        "page-0149",
+        "page-0167",
+        "page-0168",
+        "page-0190",
+        "page-0215",
+        "page-0222",
+        "page-0547",
+        "page-0596",
+        "page-0597",
+        "page-0598",
+        "page-0599",
+        "page-0600",
+        "page-0601",
+        "page-0618",
+        "page-0626",
+        "page-0630",
+        "page-0632",
+        "page-0750",
+        "page-0894",
+        "page-1171",
+        "page-1182",
+        "page-1190",
+        "page-1197",
+        "page-1199",
+        "page-1200",
+        "page-1218",
+        "page-1220",
+        "page-1228",
+        "page-1230"
+      ],
       "empty": [
         "page-0012",
         "page-0514",
@@ -96520,12 +96531,6 @@
       "syslog": [
         "page-0013"
       ],
-      "roles": [
-        "page-0013",
-        "page-1197",
-        "page-1223",
-        "page-1238"
-      ],
       "streaming:": [
         "page-0013"
       ],
@@ -96874,12 +96879,6 @@
       "permitted": [
         "page-0015"
       ],
-      "don't": [
-        "page-0015",
-        "page-0211",
-        "page-1153",
-        "page-1180"
-      ],
       "open": [
         "page-0015",
         "page-0021",
@@ -97014,7 +97013,7 @@
         "page-0713",
         "page-1156",
         "page-1197",
-        "page-1235",
+        "page-1234",
         "page-1249"
       ],
       "arrangement": [
@@ -98719,7 +98718,7 @@
         "page-0721",
         "page-0727",
         "page-0734",
-        "page-0740",
+        "page-0739",
         "page-0742",
         "page-0747",
         "page-0753",
@@ -98760,7 +98759,7 @@
         "page-0904",
         "page-0909",
         "page-0911",
-        "page-0917",
+        "page-0916",
         "page-0925",
         "page-0930",
         "page-0935",
@@ -98858,8 +98857,8 @@
         "page-0903",
         "page-0904",
         "page-0911",
+        "page-0914",
         "page-0915",
-        "page-0916",
         "page-0929",
         "page-0932",
         "page-0933",
@@ -98946,13 +98945,13 @@
         "page-0099",
         "page-0547",
         "page-0567",
-        "page-0582",
+        "page-0581",
         "page-0583",
         "page-0586",
         "page-0652",
         "page-0688",
         "page-0694",
-        "page-0913"
+        "page-0912"
       ],
       "examples": [
         "page-0018",
@@ -99563,7 +99562,8 @@
         "page-1214",
         "page-1215",
         "page-1216",
-        "page-1217"
+        "page-1217",
+        "page-1223"
       ],
       "role": [
         "page-0020",
@@ -99959,7 +99959,7 @@
         "page-1196",
         "page-1197",
         "page-1206",
-        "page-1235",
+        "page-1234",
         "page-1238",
         "page-1254"
       ],
@@ -100481,7 +100481,7 @@
         "page-0879",
         "page-0884",
         "page-0901",
-        "page-0913",
+        "page-0912",
         "page-0923",
         "page-0931",
         "page-0972"
@@ -102677,7 +102677,7 @@
         "page-1151",
         "page-1200",
         "page-1227",
-        "page-1229"
+        "page-1228"
       ],
       "generating": [
         "page-0093"
@@ -102821,7 +102821,7 @@
         "page-0098",
         "page-0639",
         "page-1201",
-        "page-1235"
+        "page-1234"
       ],
       "you're": [
         "page-0098"
@@ -104083,7 +104083,7 @@
       "export": [
         "page-0151",
         "page-1196",
-        "page-1234"
+        "page-1235"
       ],
       "entities": [
         "page-0151"
@@ -104092,7 +104092,7 @@
         "page-0151",
         "page-0703",
         "page-1196",
-        "page-1234"
+        "page-1235"
       ],
       "clear": [
         "page-0151",
@@ -104150,7 +104150,7 @@
         "page-0887",
         "page-0888",
         "page-0889",
-        "page-0912",
+        "page-0917",
         "page-0922",
         "page-0946",
         "page-0955",
@@ -104167,14 +104167,14 @@
       ],
       "identity": [
         "page-0153",
-        "page-1229"
+        "page-1228"
       ],
       "history": [
         "page-0153",
         "page-0193",
         "page-0705",
         "page-1197",
-        "page-1235",
+        "page-1234",
         "page-1236"
       ],
       "entity": [
@@ -104237,7 +104237,7 @@
         "page-0697",
         "page-0846",
         "page-1149",
-        "page-1234"
+        "page-1235"
       ],
       "compose": [
         "page-0155",
@@ -104339,7 +104339,7 @@
         "page-0205",
         "page-0216",
         "page-0694",
-        "page-0739",
+        "page-0740",
         "page-1230"
       ],
       "container": [
@@ -104391,7 +104391,7 @@
         "page-1215",
         "page-1220",
         "page-1227",
-        "page-1229",
+        "page-1228",
         "page-1230"
       ],
       "smtp": [
@@ -104421,7 +104421,7 @@
         "page-1217",
         "page-1223",
         "page-1224",
-        "page-1228"
+        "page-1229"
       ],
       "base": [
         "page-0160",
@@ -104495,6 +104495,26 @@
       "builtin": [
         "page-0166"
       ],
+      "only": [
+        "page-0166",
+        "page-0195",
+        "page-0219",
+        "page-0228",
+        "page-0512",
+        "page-0519",
+        "page-0626",
+        "page-0630",
+        "page-0666",
+        "page-0678",
+        "page-0696",
+        "page-0703",
+        "page-0710",
+        "page-1054",
+        "page-1097",
+        "page-1110",
+        "page-1136",
+        "page-1163"
+      ],
       "crypto": [
         "page-0166",
         "page-0642"
@@ -104562,7 +104582,7 @@
         "page-0170",
         "page-0223",
         "page-0555",
-        "page-0582",
+        "page-0581",
         "page-0583",
         "page-0586",
         "page-0694",
@@ -104879,7 +104899,7 @@
         "page-0517",
         "page-0519",
         "page-0598",
-        "page-0913",
+        "page-0912",
         "page-1089",
         "page-1197"
       ],
@@ -105098,7 +105118,8 @@
         "page-0905",
         "page-0949",
         "page-0962",
-        "page-0975"
+        "page-0975",
+        "page-1223"
       ],
       "deploy": [
         "page-0203",
@@ -105445,7 +105466,7 @@
         "page-0882",
         "page-0884",
         "page-0901",
-        "page-0913",
+        "page-0912",
         "page-0923",
         "page-0926",
         "page-0931",
@@ -106184,7 +106205,7 @@
       ],
       "bitly": [
         "page-0263",
-        "page-0740"
+        "page-0739"
       ],
       "bitwarden": [
         "page-0264",
@@ -106381,6 +106402,18 @@
         "page-0306",
         "page-0807"
       ],
+      "admin": [
+        "page-0306",
+        "page-0330",
+        "page-0732",
+        "page-0734",
+        "page-0807",
+        "page-0866",
+        "page-0869",
+        "page-1183",
+        "page-1197",
+        "page-1225"
+      ],
       "github": [
         "page-0307",
         "page-0570",
@@ -106551,7 +106584,7 @@
       "keap": [
         "page-0347",
         "page-0840",
-        "page-1071"
+        "page-1072"
       ],
       "kitemaker": [
         "page-0348",
@@ -106560,7 +106593,7 @@
       "kobotoolbox": [
         "page-0349",
         "page-0843",
-        "page-1072"
+        "page-1071"
       ],
       "submission": [
         "page-0349"
@@ -106830,7 +106863,7 @@
         "page-0893",
         "page-1197",
         "page-1220",
-        "page-1229"
+        "page-1228"
       ],
       "onfleet": [
         "page-0400",
@@ -106880,7 +106913,7 @@
       ],
       "plivo": [
         "page-0411",
-        "page-0912"
+        "page-0917"
       ],
       "postbin": [
         "page-0412",
@@ -106891,7 +106924,7 @@
         "page-1142",
         "page-1184",
         "page-1217",
-        "page-1228",
+        "page-1229",
         "page-1241"
       ],
       "bins": [
@@ -106899,15 +106932,15 @@
       ],
       "posthog": [
         "page-0413",
-        "page-0914"
+        "page-0913"
       ],
       "profitwell": [
         "page-0414",
-        "page-0916"
+        "page-0915"
       ],
       "pushbullet": [
         "page-0415",
-        "page-0917"
+        "page-0916"
       ],
       "pushcut": [
         "page-0416",
@@ -107228,7 +107261,7 @@
       ],
       "anthropic": [
         "page-0485",
-        "page-0581",
+        "page-0582",
         "page-0725"
       ],
       "gemini": [
@@ -107750,7 +107783,7 @@
         "page-0871",
         "page-0887",
         "page-0888",
-        "page-0912",
+        "page-0917",
         "page-0922",
         "page-0946",
         "page-0967",
@@ -108185,7 +108218,7 @@
       ],
       "bedrock": [
         "page-0571",
-        "page-0582"
+        "page-0581"
       ],
       "cohere": [
         "page-0573",
@@ -108582,19 +108615,6 @@
       "exclusive": [
         "page-0655"
       ],
-      "production": [
-        "page-0655",
-        "page-0656",
-        "page-0710",
-        "page-0711",
-        "page-1054",
-        "page-1097",
-        "page-1110",
-        "page-1136",
-        "page-1199",
-        "page-1237",
-        "page-1253"
-      ],
       "respond": [
         "page-0656",
         "page-0674",
@@ -109089,7 +109109,7 @@
         "page-1118"
       ],
       "bitbucket": [
-        "page-0739",
+        "page-0740",
         "page-1039"
       ],
       "calendly": [
@@ -109304,7 +109324,7 @@
         "page-0903"
       ],
       "postmark": [
-        "page-0915",
+        "page-0914",
         "page-1090"
       ],
       "qradar": [
@@ -109410,10 +109430,6 @@
       "type:": [
         "page-0995"
       ],
-      "resolve": [
-        "page-1001",
-        "page-1002"
-      ],
       "\"consumer": [
         "page-1002"
       ],
@@ -109763,7 +109779,7 @@
       ],
       "deleting": [
         "page-1162",
-        "page-1228"
+        "page-1229"
       ],
       "simplifying": [
         "page-1162"
@@ -109971,7 +109987,7 @@
       ],
       "menu": [
         "page-1180",
-        "page-1234"
+        "page-1235"
       ],
       "refreshing": [
         "page-1180"
@@ -110126,7 +110142,7 @@
       "provisioning": [
         "page-1197",
         "page-1220",
-        "page-1229",
+        "page-1228",
         "page-1230"
       ],
       "critical": [
@@ -110455,19 +110471,19 @@
       "references": [
         "page-1227"
       ],
-      "exempt": [
+      "workforce": [
         "page-1228"
       ],
-      "workforce": [
+      "exempt": [
         "page-1229"
       ],
       "idps": [
         "page-1230"
       ],
-      "paste": [
+      "restore": [
         "page-1234"
       ],
-      "restore": [
+      "paste": [
         "page-1235"
       ],
       "collaboration": [
@@ -112955,10 +112971,10 @@
       "kafkatrigger": [
         "page-1070"
       ],
-      "keaptrigger": [
+      "kobotoolboxtrigger": [
         "page-1071"
       ],
-      "kobotoolboxtrigger": [
+      "keaptrigger": [
         "page-1072"
       ],
       "lemlisttrigger": [