n8n Auth & Secrets

Documentation Index

Fetch the complete documentation index at: https://docs.sitecopilot.ai/llms.txt

Use this file to discover all available pages before exploring further.

​

Which token do I need?

• Tenant token (site operations) — use this for day‑to‑day actions against a single site (pages, content, assets, settings, sitemap, notifications, chatbot). Obtain it from the Tenant Dashboard when authenticated.
• Server (central) admin token (tenant management) — use this if you operate your own Sitecopilot server and want to create/update/delete tenants or issue tenant API tokens automatically. Obtain it from the Central Dashboard when authenticated on your server instance.

Keep tokens separate. Never reuse a central admin token in tenant flows.

​

Credential strategy

• Sitecopilot Central — SITECOPILOT_ADMIN_BASE_URL, SITECOPILOT_ADMIN_TOKEN
• Sitecopilot Tenant — SITECOPILOT_TENANT_BASE_URL, SITECOPILOT_TENANT_TOKEN

​

Using Environment Variables

# Docker compose example
environment:
- SITECOPILOT_TENANT_BASE_URL=https://tenant.example.com
- SITECOPILOT_TENANT_TOKEN=xxx.yyy.zzz
- SITECOPILOT_ADMIN_BASE_URL=https://central.example.com
- SITECOPILOT_ADMIN_TOKEN=aaa.bbb.ccc
volumes:
- n8n_data:/home/node/.n8n

• URL: {{$env.SITECOPILOT_TENANT_BASE_URL}}/api/pages
• Headers: Authorization: Bearer {{$env.SITECOPILOT_TENANT_TOKEN}}

​

Using n8n Credentials UI

• Name: Sitecopilot Tenant
• Header: Authorization
• Value: Bearer {{$credentials.apiToken}}
• Name: Sitecopilot Central
• Header: Authorization
• Value: Bearer {{$credentials.apiToken}}

​

Token rotation

• Store a short‑lived token in one place (env or credential) and re‑use via expressions.
• Use a dedicated workflow to refresh or rotate tokens and update the n8n credential via n8n API if needed.

​

Least privilege

• Separate central and tenant tokens.
• Avoid placing tokens in plaintext within node parameters or notes.

​

Example mappings