n8n is an open-source workflow automation tool that lets you connect apps, APIs, and databases without heavy coding. To make these connections work, you need credentials - secure ways to prove your identity to services like Google, Facebook, Linkedin, or a custom API. This beginner-friendly guide explains what n8n credentials are, how to set up n8n for the first time, and how to run your first credential-based workflow. What Are n8n Credentials? Credentials in n8n are the login or access details you provide so workflows can talk to external services. Think of them as digital keys. Without them, your workflow cannot fetch data, post updates, or trigger events. Why n8n credentials are required in workflows They authenticate requests to APIs. They protect sensitive data from being exposed. They allow multiple users to safely share workflows without sharing passwords. Types of n8n credentials API Key: A unique token you copy from a service and paste into n8n (e.g., OpenWeather API). OAuth2: A secure handshake used by platforms like Google, Facebook, and x.com. Custom Credentials: For private APIs or unusual authentication methods. Preparing Your Environment Before adding credentials, you need a working n8n environment. Installing n8n You can run n8n in three common ways: n8n Cloud – hosted by the official team, no setup needed. Local installation (npm) – install using Node.js and run on your computer. npm install n8n -gn8n start Docker installation – best for production setups. docker run -it --rm \-p 5678:5678 \-v ~/.n8n:/home/node/.n8n \n8nio/n8n Pro Tip: Quick Alternative with Free Credits: If you don’t want to manage hosting yourself, you can also use: Free $5 every month with quick GitHub verification. 50% off yearly Hobby & Pro plans (until Oct-31). No credit card needed, setup in under 1 minute. Start with RunClaw Environment variables and configuration basics Environment variables are key-value pairs stored outside your code. Commonly used in .env files for sensitive credentials. Example: • N8N_BASIC_AUTH_USER=admin • N8N_BASIC_AUTH_PASSWORD=securePass Adding Credentials in n8n Using the n8n UI (step-by-step) Open your n8n editor at http://localhost:5678 or your hosted URL. Go to Credentials in the left-hand menu. Click New Credential and choose the service (e.g., Google Sheets, Slack). Enter your API key, client ID, or OAuth details. Save and test. Setting API keys securely Always copy API keys from your provider’s developer dashboard. Store them in environment variables instead of hardcoding. OAuth2 flow in n8n Select OAuth2 when creating credentials. Provide client ID, secret, and redirect URL Approve access in the popup window. Example: First Workflow with Credentials Connect to a Public API (OpenWeather Example) Let’s walk through a simple workflow that fetches live weather data using the OpenWeather API. Go to OpenWeather and create a free account. Generate your API key from the dashboard. In n8n, create a new credential: o Type: HTTP Request o Authentication: Header Auth with API key (or use environment variables for security). Create a workflow with the following nodes: o Cron Node → triggers workflow every hour. o HTTP Request Node → fetches data from OpenWeather. o Function Node → parses the JSON response. o Google Sheets or Email Node → outputs the weather info. Test and Debug Credentials Click Execute Workflow in n8n. If the API key is valid, you’ll see a JSON response with weather details (temperature, humidity, condition). Common fixes: Ensure you copied the API key correctly. If you see a 401 Unauthorized, the API key may be invalid or missing. Check that you used HTTPS in the request URL. Try This JSON Workflow You can import the workflow below into your n8n editor and add your API key. {"name": "Weather Fetch Example","nodes": [{"parameters": {"triggerTimes": [{"hour": 9,"minute": 0}]},"name": "Cron","type": "n8n-nodes-base.cron","typeVersion": 1,"position": [250, 300]},{"parameters": {"url": "https://api.openweathermap.org/data/2.5/weather?q=London&appid={{$env.OPENWEATHER_API_KEY}}&units=metric","responseFormat": "json"},"name": "HTTP Request","type": "n8n-nodes-base.httpRequest","typeVersion": 2,"position": [500, 300],"credentials": {"httpBasicAuth": {"id": "your-credential-id","name": "OpenWeather API"}}},{"parameters": {"functionCode": "return [{json: {temp: $json.main.temp, condition: $json.weather[0].description}}];"},"name": "Function","type": "n8n-nodes-base.function","typeVersion": 1,"position": [750, 300]},{"parameters": {"operation": "append","sheetId": "your-google-sheet-id","range": "Sheet1!A:C","valueInputMode": "USER_ENTERED","options": {}},"name": "Google Sheets","type": "n8n-nodes-base.googleSheets","typeVersion": 2,"position": [1000, 300],"credentials": {"googleApi": {"id": "your-credential-id","name": "Google API"}}}],"connections": {"Cron": {"main": [[{"node": "HTTP Request","type": "main","index": 0}]]},"HTTP Request": {"main": [[{"node": "Function","type": "main","index": 0}]]},"Function": {"main": [[{"node": "Google Sheets","type": "main","index": 0}]]}}} Tip: Save your API key in an .env file as OPENWEATHER_API_KEY for better security, then reference it in the request URL as shown above. Alternative: Send Weather Update by Email If you prefer getting updates by email, you can use this workflow. Just configure your Email credentials (Gmail, SMTP, or Outlook) in n8n. {"name": "Weather Email Example","nodes": [{"parameters": {"triggerTimes": [{"hour": 9,"minute": 0}]},"name": "Cron","type": "n8n-nodes-base.cron","typeVersion": 1,"position": [250, 300]},{"parameters": {"url": "https://api.openweathermap.org/data/2.5/weather?q=London&appid={{$env.OPENWEATHER_API_KEY}}&units=metric","responseFormat": "json"},"name": "HTTP Request","type": "n8n-nodes-base.httpRequest","typeVersion": 2,"position": [500, 300],"credentials": {"httpBasicAuth": {"id": "your-credential-id","name": "OpenWeather API"}}},{"parameters": {"functionCode": "return [{json: {subject: 'Daily Weather Report', body: `The current temperature is ${$json.main.temp}°C with ${$json.weather[0].description}.`}}];"},"name": "Function","type": "n8n-nodes-base.function","typeVersion": 1,"position": [750, 300]},{"parameters": {"fromEmail": "your-email@example.com","toEmail": "receiver@example.com","subject": "={{$json[\"subject\"]}}","text": "={{$json[\"body\"]}}"},"name": "Email","type": "n8n-nodes-base.emailSend","typeVersion": 1,"position": [1000, 300],"credentials": {"smtp": {"id": "your-email-credential-id","name": "Email Account"}}}],"connections": {"Cron": {"main": [[{"node": "HTTP Request","type": "main","index": 0}]]},"HTTP Request": {"main": [[{"node": "Function","type": "main","index": 0}]]},"Function": {"main": [[{"node": "Email","type": "main","index": 0}]]}}} How it works Cron Node → runs daily at 9:00 AM. HTTP Request Node → fetches weather data from OpenWeather. Function Node → formats the data into a message. Email Node → sends the weather report to your inbox. Managing Credentials Securely Using environment variables for sensitive data Example in .env: • OPENWEATHER_API_KEY=12345abc In n8n, reference it as {{$env.OPENWEATHER_API_KEY}}. Role of .env files and Docker secrets .env files simplify local development. For production: use Docker secrets or secure vaults like AWS Secrets Manager. Common mistakes to avoid Hardcoding API keys inside nodes. Sharing workflows without removing sensitive credentials. Using the same credentials for dev and production. Troubleshooting n8n Credentials & Setup Invalid API keys Double-check for extra spaces. Confirm your subscription tier supports the request. Expired OAuth tokens Some tokens expire in hours. Enable token refresh in n8n. Docker environment variable issues Verify .env is mounted into the container. Use docker-compose.yml for persistent setups. Best Practices for Beginners Keep secrets in environment variables, not in workflows. Use role-based access if multiple users share the same n8n instance. Document your credentials usage (service, scope, expiry). Separate development credentials from production credentials. This guide covered the essentials of n8n credentials and how to use them safely in your first workflows. In short: credentials are the keys that let n8n talk to external services, so treat them as sensitive data — store them outside your workflow, limit their scope, and separate development and production credentials. Next steps Import one of the JSON workflows above into your n8n editor. Add your API key (for example, OPENWEATHER_API_KEY) in an .env file or in n8n’s credential entry. Execute the workflow and check the node output to confirm the data is flowing. If you prefer managed hosting, consider the RunClaw option mentioned earlier for quick setup and monthly credits (optional). Quick checklist (before you go live) Store secrets in environment variables or a secrets manager (not in nodes). Use separate credentials for dev and prod. Limit credential scopes and rotate keys regularly (for example, every 90 days). Use role-based access when multiple people use the same n8n instance. Monitor logs and test refresh/expiry flows for OAuth credentials. Some helpful resource for n8n credentials n8n Documentation  | OpenWeather API Docs | Docker Documentation  Some Free Tools Image to Text Tool | SEO Tools Collection  FAQs for n8n credentials Q1: What are n8n credentials used for?A: They authenticate workflows with external services like Google, Slack, or APIs, ensuring secure and successful requests.2: Can I use the same credentials across workflows?A: Yes, n8n allows credentials to be reused across multiple workflows, reducing duplication.3: Where are my n8n credentials stored?A: By default, credentials are encrypted and stored in the n8n database. Encryption keys come from environment variables.4: Is it safe to share workflows containing credentials?A: No. Always export workflows without credentials or use placeholder variables.5: Do I need Docker to run n8n with credentials?A: Not strictly. You can run n8n locally or on cloud, but Docker is recommended for secure production setups.6: How do I rotate expired credentials?A: Edit the credential entry in n8n, update the API key or OAuth details, and save. Existing workflows will use the updated credential.

When you build reliable automations with n8n, you often need a place to store data — not only credentials and workflow metadata but also files, cached items, and lookup records. This guide shows practical, secure steps to connect n8n to Redis (fast key-value/cache), Google Cloud Storage (GCS) for object files, and Supabase for app-friendly storage and Postgres data. You’ll get step-by-step setup, importable test flows, and simple troubleshooting tips. Quick note: n8n uses SQLite by default for local setups but supports external databases and external binary storage via environment variables. Use external storage for production workloads. Pro Tip: Start working on n8n with Quick Alternative with Free Credits: If you don’t want to manage hosting yourself, you can also use: Free $5 every month with quick GitHub verification. 50% off yearly Hobby & Pro plans (until Oct-31). No credit card needed, setup in under 1 minute. Start with RunClaw What / Why / Who this guide is for What: How to connect n8n to common storage backends (Redis, GCS, Supabase) and run test flows. Why: External storage improves reliability (files survive container restarts), performance (Redis cache), and scalability. Who: n8n hobbyists, devs, and no-code makers who want production-ready storage patterns. Quick comparison: Redis, GCS, Supabase Use case Best for Cost/notes Redis Cache, ephemeral queues, session store Low-latency; not for large files. Use managed Redis for persistence. Google Cloud Storage Large files, backups, media Object storage with lifecycle rules & versioning. Supabase Storage App files, CDN, small/medium assets Easy auth + Postgres integration; good for web apps.   Common configuration patterns Environment variables are the safest way to provide credentials to n8n. n8n also supports file-based overrides (append _FILE to variable names), which is perfect for Docker or Kubernetes secrets. Pro tip: If you need a walkthrough on n8n credentials, see our n8n credentials & setup guide Example .env (local dev) # DatabaseDB_TYPE=postgresdbDB_POSTGRESDB_HOST=postgres.example.comDB_POSTGRESDB_PORT=5432DB_POSTGRESDB_DATABASE=n8nDB_POSTGRESDB_USER=n8nDB_POSTGRESDB_PASSWORD_FILE=/run/secrets/db_password # External storage (example)N8N_EXTERNAL_BINARY_DATA_STORAGE=gcsN8N_EXTERNAL_GCS_BUCKET=my-n8n-bucketGOOGLE_APPLICATION_CREDENTIALS=/run/secrets/gcs_service_account.json # Redis (if using as cache)REDIS_HOST=redis.example.comREDIS_PORT=6379REDIS_PASSWORD_FILE=/run/secrets/redis_password Best practice: Keep secrets out of Git. Use Docker secrets, cloud secret managers (AWS Secrets Manager, Google Secret Manager), or Kubernetes Secrets with the _FILE pattern. n8n docs Redis — cache, queue, and light DB When to pick Redis Use Redis when you need very fast reads/writes, ephemeral queues, rate limiting, or session data. Not for large files. Managed Redis providers offer free tiers and simple dashboards. n8n Storage Database Setup - Quick steps (create Redis and connect) 1. Go to https://redis.io/ and Click "Try Redis" 2. Create an account3. Log in and click "New database"4. Select "Essentials".5. Enter a Database name, choose any cloud vendor, and pick the nearest Region.6. Choose the "30 MB Free Plan" and click "Create database".7. Click "Connect to database" → "Connect".8. Open "Redis CLI" and click the eye icon (or "View") to reveal connection details.9. In your n8n editor go to "Credentials" → "Add credential".10. In "Search for app" type "Redis" and click "Continue".11. Map the fields Password, User, Host, and Port, then click "Save". Example n8n workflow (Redis SET → GET) — importable JSON Import this JSON into n8n (Editor → Import), then edit credentials to match your Redis instance. {"name": "Redis SetGet Example","nodes": [{"name": "Manual Trigger","type": "n8n-nodes-base.manualTrigger","typeVersion": 1,"position": [250, 200]},{"name": "Redis SET","type": "n8n-nodes-base.redis","typeVersion": 1,"position": [500, 200],"parameters": {"operation": "set","key": "n8n_test_key","value": "Hello from n8n","ttl": 3600},"credentials": {"redis": {"id": "your-redis-credential-id","name": "Redis"}}},{"name": "Redis GET","type": "n8n-nodes-base.redis","typeVersion": 1,"position": [750, 200],"parameters": {"operation": "get","key": "n8n_test_key"},"credentials": {"redis": {"id": "your-redis-credential-id","name": "Redis"}}}],"connections": {"Manual Trigger": { "main": [[ { "node": "Redis SET", "type": "main", "index": 0 } ]] },"Redis SET": { "main": [[ { "node": "Redis GET", "type": "main", "index": 0 } ]] }}} Troubleshooting Redis Connection errors: check firewall/VPC rules. Auth errors: verify username/password; try connecting with redis-cli first. Persistence: enable AOF/RDB or use your provider’s snapshot/backup features. Docs  Google Cloud Storage (GCS) — file and binary storage When to pick GCS Choose GCS for large assets: Images, backups, logs, and binary objects. GCS supports lifecycle rules, versioning, and regional buckets. GSC Docs  n8n Storage Database Setup - Quick steps: create service account and bucket Create a service account by visiting -> https://cloud.google.com/iam/docs/service-accounts Grant minimal permissions needed (for testing, Storage Object Admin is fine; tighten later). Create a JSON key for the service account and store it securely (don’t commit to source control). Create a bucket and note the name with this page -> https://cloud.google.com/storage/docs/creating-buckets Configure n8n to use GCS Store the service account JSON in a secure path inside the container or use the _FILE pattern with Docker secrets: GOOGLE_APPLICATION_CREDENTIALS=/run/secrets/gcs_service_account.json Set environment variables in n8n: N8N_EXTERNAL_BINARY_DATA_STORAGE=gcsN8N_EXTERNAL_GCS_BUCKET=my-n8n-bucketGOOGLE_APPLICATION_CREDENTIALS=/run/secrets/gcs_service_account.json Example n8n workflow (Upload file to GCS) Import and set your credentials. {"name": "GCS Upload Example","nodes": [{ "name": "Manual Trigger", "type": "n8n-nodes-base.manualTrigger", "typeVersion": 1, "position":[250,200] },{"name": "Set Binary Data","type": "n8n-nodes-base.set","typeVersion": 1,"position":[450,200],"parameters": {"values": {"binary": [{ "key": "data", "value": "={{Buffer.from('My sample file content').toString('base64')}}" }]},"options": {}}},{"name": "Google Cloud Storage","type": "n8n-nodes-base.googleCloudStorage","typeVersion": 1,"position":[700,200],"parameters": {"operation": "upload","bucket": "my-n8n-bucket","binaryPropertyName": "data","fileName": "sample.txt"},"credentials": {"googleCloud": {"id": "gcs-credential-id","name": "GCS Service Account"}}}],"connections": {"Manual Trigger": { "main":[[{"node":"Set Binary Data","type":"main","index":0}]] },"Set Binary Data": { "main":[[{"node":"Google Cloud Storage","type":"main","index":0}]] }}} Troubleshooting GCS uploads Permission errors usually mean the service account role is too limited. Try Storage Object Admin for testing, then narrow. Bucket not found: confirm bucket name and region. Check GCS docs from main website n8n configuration reference Supabase — app-friendly storage and Postgres metadata When to pick Supabase Use Supabase when you need both file storage (CDN-enabled) and database metadata (Postgres) with simple auth. Good for web apps and prototypes.  n8n Storage Database Setup - Quick steps of Supabase setup Create a Supabase project and open Storage → create a bucket Create an API key (service role key) for server-side access; use anon/public keys for client usage with RLS. In n8n, configure the Supabase node with supabaseUrl and supabaseKey in credentials. Example flow idea (high level) Trigger: HTTP/Webhook receives an uploaded file or URL. Action: Use Supabase Storage node to upload the file to a bucket. Action: Insert a metadata row into a Supabase table (filename, URL, uploaded_by). Optional: Need OCR before upload? Try our Image to Text Tool Test flows and retry strategies How to run test flows: Import the JSON examples into n8n Editor (Menu → Import). Map your credentials (Redis, GCS, Supabase). Run manual triggers or test executions. Retry strategies: use node-level retries and error workflows (Error Trigger → notification). For HTTP/Storage nodes, check response codes and apply retries with backoff. For critical writes, add idempotency keys to avoid duplicates. Security, backups, and monitoring Rotate keys regularly (every 60–90 days) and use least-privilege roles. Backups: Redis — enable snapshotting/AOF or managed backups; GCS — enable versioning and lifecycle rules; Postgres — scheduled backups. Redis persistence overview Monitoring: use provider logs plus n8n workflow logs/alerts on failures. Common mistakes & fixes Hardcoding credentials in nodes → switch to env vars or secret files Wrong bucket/region → double-check exact bucket name and region in Google Cloud Console. No retry/alerts → add error workflows and notifications. Conclusion & next steps You now have a clear path for adding storage to n8n: pick Redis for fast ephemeral data, GCS for large files, and Supabase for app-centric storage + Postgres. Import the example flows, add credentials, and test. After that, set up secrets management, add retry/error handling, and enable backups for production. FAQ Q1: Do I need a paid plan to use Redis/GCS/Supabase with n8n?No — all three providers offer free tiers suitable for testing. Free tiers have limits (storage size, request quotas). For production use choose a paid tier that fits your reliability needs and set up backups and monitoring. Q2: Where should I store service account JSON files?Store them outside your codebase, ideally in Docker secrets, Kubernetes secrets, or cloud secret managers. Use the _FILE pattern with n8n so the secret is mounted into the container and referenced as a file path in env vars. Q3: Can n8n use Redis as the primary database?No — Redis is great for caches, queues, and ephemeral data, but n8n requires a proper database like Postgres for workflow metadata in production. Use Redis alongside a supported DB for best results. Q4: How do I test file uploads to GCS from n8n?Import the GCS Upload Example JSON, set your GCS credentials, run the Manual Trigger, then check the bucket in Google Cloud Console for the uploaded file. If you get permission errors, verify the service account role and bucket name. Q5: What retry strategy should I add for storage writes?Add node-level retries for intermittent errors, use idempotency keys to avoid duplicates, and create an error workflow that sends alerts (email/Slack) on repeated failures. For large file uploads, retry in chunks or use resumable upload APIs where supported. Q6: Can n8n store files in Google Cloud Storage?Yes — use the Google Cloud Storage node and authenticate with a service account JSON. Set N8N_EXTERNAL_BINARY_DATA_STORAGE=gcs if you want n8n to store binary data externally. Q7: Is Redis persistent for n8n data?Redis can be persistent if you enable snapshotting/AOF or use a managed provider with backups. For durable long-term storage, prefer GCS for files and Postgres for metadata.  Q8: Does Supabase work with n8n?Yes — n8n has a Supabase node to upload files and work with Postgres in the same project.  Q9: How to keep service account keys secure?Use Docker/Kubernetes secrets or a cloud secret manager, and the _FILE env var pattern to avoid plaintext in env vars. Q10: Should I use external storage for a small hobby project?For simple hobby projects, local storage is fine, but external storage increases reliability and is better for containers/cloud hosting.