n8n
The official n8n-nodes-hostsmith community node lets an n8n workflow drive Hostsmith over OAuth 2.0: deploy files to a site, create or delete sites, list domains, fetch account info. Authentication is handled by an OAuth2 credential in n8n, so every action runs as the user who connected the credential.
Works with n8n Cloud, self-hosted n8n, and local n8n for development.
1. Install the node
In your n8n instance, open Settings → Community nodes → Install and enter:
n8n-nodes-hostsmith
n8n Cloud users: community nodes are available on all current plans. For self-hosted instances, set N8N_COMMUNITY_PACKAGES_ENABLED=true if you have not already.
2. Get a client_id from Hostsmith
How you get a client_id depends on where your n8n runs:
n8n Cloud or self-hosted (any non-loopback URL)
- Sign in to Hostsmith and open OAuth Clients in the sidebar.
- Click New client.
- Client name: anything human-readable, e.g.
n8n. This is what users will see on the consent screen. - Redirect URI: paste the exact URL n8n shows at the top of the credential form. The format is:
https://<your-n8n-host>/rest/oauth2-credential/callback
For n8n Cloud, that ishttps://<your-workspace>.app.n8n.cloud/rest/oauth2-credential/callback. For self-hosted, substitute your own domain. Copy from n8n verbatim - matching is exact, so a trailing slash or wrong subdomain will fail at authorize time. - Click Create, then click the copy icon next to the generated
client_id.
You can add multiple redirect URIs to one client (e.g. staging + production), or create a separate client per environment. Hostsmith clients are public (no secret) and use PKCE, so the client_id alone is enough.
Local n8n (running on localhost)
Use the built-in trusted n8n client. No registration step: in the n8n credential, set Client ID = n8n and leave the redirect URI at whatever n8n suggests (http://localhost:5678/rest/oauth2-credential/callback). Hostsmith recognises this client_id and only allows it for loopback hosts (localhost, 127.0.0.1, [::1]).
3. Create the n8n credential
In n8n, open Credentials → New → Hostsmith OAuth2 API (the credential type registered by the node).
| Field | Value |
|---|---|
| Grant Type | Authorization Code (PKCE) |
| Authorization URL | https://hostsmith.net/api/oauth/authorize |
| Access Token URL | https://hostsmith.net/api/oauth/token |
| Client ID | The client_id from step 2 (or n8n for local) |
| Scope | account:read sites:read sites:write domains:read files:write |
| Auth URI Query Parameters | resource=https://us.api.hostsmith.net (or https://eu.api.hostsmith.net for EU) |
| Authentication | Body |
If you installed the community node, most of these fields are pre-filled by the credential type; you only need to paste the client_id (and pick the correct resource for your data partition).
Click Connect my account. n8n opens a Hostsmith sign-in window, you authorize the scopes, and the credential is saved.
4. Use the node in a workflow
Add a Hostsmith node to your workflow and pick the credential you just created. The node exposes operations grouped by resource:
| Resource | Operations | Scopes used |
|---|---|---|
| Account | read account info | account:read |
| Sites | list, get, create, delete; deploy files to a site | sites:read, sites:write, files:write |
| Domains | list configured domains | domains:read |
Typical pattern: an upstream node (e.g. Read Binary Files, Google Drive, Slack trigger) feeds files into the Hostsmith → Sites → Deploy action, which publishes them to a live HTTPS URL on the site you specify.
The credential's Scope field is set by the node and should be left as-is - shrinking it can break resource pickers and deploy actions. For the full list of scopes Hostsmith supports and what each grants, see Scopes.
Rotating or revoking access
- Revoke a single credential: delete the credential in n8n, or revoke the refresh token from inside Hostsmith.
- Revoke a
client_identirely (all credentials using it stop working immediately): in Hostsmith, open OAuth Clients and delete the client. This is the right move if aclient_idwas leaked or an environment is decommissioned. - Rotate a redirect URI: redirect URIs cannot be edited in place. Create a new client with the new URI, switch the n8n credential to its
client_id, then delete the old client.
Troubleshooting
invalid_redirect_uriat authorize time - the URI in the Hostsmith client does not match what n8n sends. Copy from the n8n credential form, do not hand-type. Check the trailing slash and the exact host.invalid_targetor 401 from the API - theresource=query parameter does not match your data partition. EU accounts must usehttps://eu.api.hostsmith.net; US accounts usehttps://us.api.hostsmith.net.- Connection works but every action returns 403 - the user who connected the credential does not have access to that org's resources, or the requested scope was dropped at consent.
See also
- Authentication - the underlying OAuth 2.0 + PKCE flow, including DCR for programmatic clients
- OAuth Clients dashboard - manage your org's clients
- MCP server - for AI-agent integrations instead of workflow automation