n8n Community Node
The Scopebound community node lets you validate AI agent workflows against authorization scopes before they run, directly inside n8n. Drop it into any workflow, configure the agent role, and get back pass/fail per compliance profile with cryptographically signed attestation tokens.
- npm:
@scopebound/n8n-nodes-scopebound - Repository: scopebound-ai/n8n-nodes-scopebound
- Status: Public preview (0.1.0-preview.9). n8n verification submitted; in-canvas install coming when their manual review completes.
- License: MIT
Install
Two paths — pick whichever fits your n8n deployment.
Via n8n's Community Nodes settings (recommended)
- Open your n8n instance
- Navigate to Settings → Community Nodes
- Click Install a community node
- Enter
@scopebound/n8n-nodes-scopebound - Check the acknowledgment and click Install
The node will appear in the node picker (search for "Scopebound") within a few seconds.
Via npm (self-hosted only)
For self-hosted n8n instances, you can install via npm directly:
Restart n8n and the node will be available.
Configure the credential
The Scopebound API credential needs two fields:
- API Key — your Scopebound enforcement plane API key (starts with
sb-) - Base URL — your enforcement plane endpoint (e.g.,
https://your-partner.api.scopebound.ai)
For local development with a self-hosted enforcement plane running on the same machine as Docker n8n, use:
The credential test button validates connectivity by calling the enforcement plane's health endpoint.Workflow structure
The simplest valid workflow has three nodes:
The Scopebound node has two outputs —Pass and Fail — letting you branch downstream logic on the evaluation result. Items always flow to Pass when in Warn Only mode (the safe default); items with critical violations flow to Fail in Block on Critical mode.
Node parameters
| Parameter | Description |
|---|---|
| Identify Role By | Choose UUID (Role ID) or human-readable Name |
| Role ID or Role Name | Identifier of the agent role to evaluate against |
| Evaluation Profile | One or more of: SOC1, SOC2 Type II, Production Readiness, HIPAA |
| Workflow Source | From Input Field (per-item) or From Node Parameter (paste JSON) |
| Workflow Field | If reading from input: name of the JSON field. Leave empty to use the entire input item. |
| Workflow Format | Canonical (default) or n8n (native n8n exports). Also: Make, Zapier. |
| Mode | Warn Only, Block on Critical, or Throw on Critical |
Workflow formats
The node supports two workflow shapes:
Canonical (recommended for hand-built workflows)
{
"workflowId": "demo",
"nodes": [
{"id": "src", "type": "source", "tool": "manual_trigger"},
{"id": "dst", "type": "destination", "tool": "post_to_erp", "credentials": ["sap-prod-api"]}
],
"edges": [{"from": "src", "to": "dst"}]
}
n8n (for evaluating native n8n workflow exports)
{
"name": "your-workflow-name",
"nodes": [
{"id": "a", "name": "Manual Trigger", "type": "n8n-nodes-base.manualTrigger", "typeVersion": 1, "position": [0, 0], "parameters": {}}
],
"connections": {
"Manual Trigger": {"main": [[{"node": "...", "type": "main", "index": 0}]]}
}
}
⚠️ Set the Workflow Format dropdown to match the shape of your input data. If the format and shape don't match, the server will reject the request with a translator error.
Operating modes
Warn Only (default)
Every item passes through to the Pass output. The evaluation result attaches to each item as _scopebound metadata, so downstream nodes can inspect violations without halting the workflow. Use this for monitoring or A/B testing without changing execution behavior.
Block on Critical Violations
Items with critical-severity violations are routed to the Fail output. Items with no critical violations (or only lower-severity issues) flow to Pass. Use this for gating execution while letting safer items through.
Throw on Critical Violations
If any critical violation is found, the node throws a NodeOperationError and halts the workflow. Use this when no workflow should continue past a scope violation.
Output metadata
Every item routed to Pass (or Fail, in Block mode) carries a _scopebound field with the full evaluation result:
{
"_scopebound": {
"evaluationId": "eval_d98a4b8c-5534-4d62-ac45-38103e5f5669",
"workflowId": "demo",
"roleId": "747b0d54-3b89-48ab-b0d3-5f0f551630d6",
"workflowHash": "67ab1998e8c93e6df883b016604a2bab11fa840621b7be6c873e0e02219673f0",
"productionReadinessStatus": "fail",
"violations": [
{
"code": "SB-SCOPE-003",
"nodeId": "dst",
"severity": "critical",
"message": "Credential 'sap-prod-api' is not authorized for role vision-invoice-processor",
"remediation": "Add 'sap-prod-api' to role.allowed_credentials or remove from workflow"
}
],
"attestationToken": "eyJhbGc...",
"evaluatedAt": "2026-06-25T16:49:57.964557Z"
}
}
Downstream nodes can inspect _scopebound.productionReadinessStatus, iterate violations, or store the attestation token for audit retention.
Example workflow
A complete working example, downloadable and importable:
curl -O https://raw.githubusercontent.com/scopebound-ai/n8n-nodes-scopebound/main/examples/scopebound-canonical-demo.json
Import this JSON into n8n (Workflows → Import from File), configure the Scopebound credential, set your Role ID, and execute.
The repository includes two example workflows:
scopebound-canonical-demo.json— Canonical format workflowscopebound-n8n-demo.json— n8n native format workflow
Common patterns
Validating workflows from a workflow management system
If you store workflows in a separate system (Notion, database, custom UI), the node's per-item mode lets you fetch them in bulk and evaluate each independently:
HTTP Request (fetch workflows) → Edit Fields (extract JSON) → Scopebound Scope Check → Branch on Pass/Fail
definition).
Pre-execution gating
Use Block on Critical mode to route failing workflows to an alerting path instead of executing them:
Workflow trigger → Edit Fields → Scopebound Scope Check
├── Pass → Execute workflow
└── Fail → Slack alert + Notion log
Production audit trail
In Warn Only mode, every execution is enriched with a signed attestation token. Send _scopebound to your logging pipeline:
/v1/attestation/pubkey — useful for audit retention without ongoing dependence on Scopebound's API.
Verification status
Scopebound has submitted this node to n8n's community verification program. The submission includes the full demo recording, screenshots, and example workflows.
While verification is in flight, the node is fully usable via Settings → Community Nodes. After verification approves, it will also appear in the in-canvas "More from the community" panel for one-click discovery.
Troubleshooting
"Workflow has no nodes" error
The most common cause is a mismatch between the Workflow Format dropdown and the actual shape of the workflow JSON. If you set the format to n8n, ensure the input JSON has the n8n shape (name, nodes array with typeVersion, connections). If you set it to Canonical, ensure the input has the canonical shape (workflowId, nodes with type/tool, edges).
"API key rejected" (HTTP 401/403)
Check that the credential is configured correctly. The API key should start with sb- and the Base URL should reach your enforcement plane (test with curl <base_url>/healthz from your n8n host).
"Role not found" (HTTP 404)
The Role ID or Name doesn't exist in your enforcement plane. Verify with:
If the role doesn't exist, create it via the management API.
Next steps
- Setting up your enforcement plane? See the Quickstart.
- Working in TypeScript/Node.js code? Use the TypeScript SDK directly.
- Need raw API access? See the API reference.