packages/@n8n/eslint-plugin-community-nodes/docs/rules/no-credential-reuse.md
@n8n/community-nodes/no-credential-reuse)💼 This rule is enabled in the following configs: ✅ recommended, ☑️ recommendedWithoutN8nCloudSupport.
💡 This rule is manually fixable by editor suggestions.
<!-- end auto-generated rule header -->Ensures your nodes only reference credentials by their name property that match credential classes declared in your package's package.json file. This prevents security issues where nodes could access credentials from other packages.
// MyApiCredential.credentials.ts
export class MyApiCredential implements ICredentialType {
name = 'myApiCredential';
displayName = 'My API';
// ...
}
// package.json: "n8n": { "credentials": ["dist/credentials/MyApiCredential.credentials.js"] }
export class MyNode implements INodeType {
description: INodeTypeDescription = {
displayName: 'My Node',
name: 'myNode',
credentials: [
{
name: 'someOtherCredential', // No credential class with this name in package
required: true,
},
],
// ...
};
}
// MyApiCredential.credentials.ts
export class MyApiCredential implements ICredentialType {
name = 'myApiCredential'; // This name must match what's used in nodes
displayName = 'My API';
// ...
}
// package.json: "n8n": { "credentials": ["dist/credentials/MyApiCredential.credentials.js"] }
export class MyNode implements INodeType {
description: INodeTypeDescription = {
displayName: 'My Node',
name: 'myNode',
credentials: [
{
name: 'myApiCredential', // Matches credential class name property
required: true,
},
],
// ...
};
}
Declare your credential files in package.json and ensure the credential name in nodes matches the name property in your credential classes:
{
"name": "n8n-nodes-my-service",
"n8n": {
"credentials": [
"dist/credentials/MyApiCredential.credentials.js"
]
}
}