workflows.fit
Back to n8n workflows
n8n templateFreeBy Marco Cassar

Automatic Google Cloud Run auth with JWT token management (sub-workflow)

Who it’s for? Anyone calling a Google Cloud Run service from n8n who wants a small, reusable auth layer instead of wiring tokens in every workflow. What it does / How it works This sub-workflow checks whether an incom...

DevelopmentCore NodesIfSetMergeJwt
Loading interactive preview...

Template notes

Who it’s for? Anyone calling a Google Cloud Run service from n8n who wants a small, reusable auth layer instead of wiring tokens in every workflow.

What it does / How it works This sub-workflow checks whether an incoming idtoken exists and is still valid (with a 5-minute buffer). If it’s good, it reuses it. If not, it signs a short-lived JWT with your service account, exchanges it at Google’s token endpoint, and returns a fresh idtoken. It also passes through serviceurl and an optional servicepath so the caller can hit the endpoint right away. (Designed to be called via Execute Workflow from your main flow.)

How to set up - Add your JWT (PEM) credential using the service account privatekey. - In Vars, set clientemail (from your key) and confirm tokenuri is https://oauth2.googleapis.com/token. - Call this sub-workflow with serviceurl (and optional servicepath). Optionally include a prior idtoken to enable reuse.

Inputs / Outputs Inputs: idtoken (optional), serviceurl, servicepath Outputs: idtoken, serviceurl, servicepath

Notes - Built for loops: pair with a Merge/Split strategy to attach idtoken to each item. - Keep credentials in n8n Credentials (no keys in nodes). - Full write-up and context: [Build a Secure Google Cloud Run API, Then Call It from n8n (Free Tier)](https://medium.com/@marcocodes/build-a-secure-google-cloud-run-api-then-call-it-from-n8n-88c03291a95f) — by Marco Cassar