I’m working with n8n and trying to create an automatic system for renewing AWS Cognito OAuth tokens. Right now I have to manually update the token each day which is getting pretty annoying.
I built a workflow that calls the AWS Cognito token refresh endpoint but it’s not working like I hoped. The workflow runs but the access token doesn’t get updated automatically inside n8n. I still end up having to manually run things to get a fresh token.
Does anyone know how to make this work properly? I want the token to refresh on its own without me having to click anything or run the workflow manually every time.
i’ve dealt with the same cognito token headaches. skip credential storage and use environment variables instead - way easier to update programmatically. set up your refresh workflow to write the new token to a file, then have n8n read it as an env var when it restarts. or throw redis/a database in between as storage that both workflows can hit.
Yes, this is a frequent issue with token management in n8n. I recommend setting up a scheduled workflow that executes every few hours to automate the refresh. The crucial part is utilizing a Set node to store the new token in n8n’s internal storage with global scope. This allows other workflows to access the token without hardcoding it. Ensure your refresh workflow updates the credentials through the n8n API. I typically schedule mine to run every 12 hours for tokens that are valid for 24 hours, which provides a healthy buffer. This approach ensures all your workflows have a valid token without manual intervention.
You’re encountering a credential scope issue. When your refresh workflow obtains a new token, it must update the actual AWS Cognito credential object referenced by other workflows, rather than just storing the token elsewhere. I faced this same issue previously. You need to use n8n’s internal API to update stored credentials. Specifically, your refresh workflow should send a PUT request to /rest/credentials/{credentialId} with the updated token data. An API key from your n8n instance is necessary to authenticate this request. Additionally, ensure that your main workflows reference the credential object instead of hardcoding the tokens. This way, when the refresh workflow updates the credential, all other workflows automatically use the new token in subsequent runs.