n8n Workflow Orchestration
Use n8n for the integration layer, Flowly for the agent layer — the AI calls webhooks, n8n handles credentials and side effects.
- Tools
exec- Plugins
n8n-bridge- Channels
telegramdesktop
A common architecture failure: giving your AI agent direct credentials to every SaaS — Slack tokens, Salesforce keys, Stripe secrets. Each one is a foot-gun. n8n is built for that layer: visual workflows, credential vault, idempotency. Flowly handles natural language and reasoning. Bridge them with webhooks: the agent calls n8n, n8n executes the actual side effects.
What it does
- Agent calls n8n workflows via webhook tools — no SaaS credentials in agent context
- n8n handles auth, retries, error states
- Audit trail lives in n8n's execution history
- Easy to add new integrations: build the n8n workflow, register a tool in Flowly, done
- Idempotency at the n8n layer — agent can be retry-safe
What you'll need
- n8n running somewhere (cloud, self-hosted, or in-app)
- An
n8n-bridgeplugin - HMAC secret for webhook authentication
Setup
1. Build your first n8n workflow
In n8n, create a workflow that exposes a webhook. Example: "Send Slack message". Inputs: channel, message. The workflow uses your stored Slack credentials, calls the API, returns success/failure.
Add HMAC validation at the webhook level so only requests signed with a shared secret are accepted.
2. Build the n8n-bridge plugin
3. Register tools per workflow
For each n8n workflow you build, add a thin tool wrapper. Example prompt to agent:
The agent calls slack_message, the plugin calls n8n_call, n8n
authenticates and posts. None of those credentials touch the LLM
context.
Tips
- Use n8n for anything credentialed. Stripe, Salesforce, Twilio, Slack — all live in n8n. Keep the agent context credential-free.
- Idempotency keys. Pass a deterministic key to every workflow so retries don't double-charge / double-post. n8n has good support for this.
- Version workflows. When you change a workflow's behaviour, bump its ID. Old plugin versions stay pointed at old workflow versions until you upgrade.
- Audit via n8n, not the agent. When something didn't fire, n8n's execution log is the source of truth. The agent thinks it succeeded if it got HTTP 200 back; n8n shows you what actually happened on the SaaS side.
- Limit by namespace. Don't expose every workflow to every agent
session. Use the plugin's
check_fnto gate access — e.g. only enable Stripe-related tools when a billing skill is loaded.