Trying to authenticate to a local n8n REST API (self-hosted CE on Docker Desktop / Windows 11) — 401 Unauthorized returned for both an env-set API key and UI-created API keys; need help diagnosing why

pflautomates · October 1, 2025, 7:03pm

I have a self-hosted n8n Community Edition instance running on Windows 11 via Docker Desktop (plain docker run). My end goal is to build a Custom GPT that can interact with my local n8n via the REST API (list workflows, create workflows, patch/activate, etc.) so I can automate deployment and editing of workflows programmatically.

Despite many attempts and different authentication approaches, every request to GET /rest/workflows returns:

{"status":"error","message":"Unauthorized"}

I have tried:

Starting n8n with an environment API key (N8N_API_KEY) passed via docker run.
Creating an API key in the n8n UI (Settings → n8n API) and using that UI key in requests.
Testing with curl.exe on Windows, Invoke-RestMethod in PowerShell, and from a Linux curl container (curlimages/curl) to avoid Windows client quirks.
Running without mounting any host volume (ephemeral container) to eliminate permission issues.

All attempts return HTTP 401. I’ve inspected docker logs and the instance shows normal startup and DB migrations, and netstat indicates port 5678 is listening. I’m stuck and asking whether this is a misconfiguration on my side, a Windows/Docker Desktop networking/header stripping problem, or a bug/behavior in n8n v1.112.4 where env/static keys and UI keys conflict.

What the error message is:

Primary API error (every request to /rest/* when providing a key):
{"status":"error","message":"Unauthorized"} (HTTP/1.1 401 Unauthorized)
Earlier while experimenting with host volume mounts (before switching to an ephemeral container) I hit a permissions issue when mapping ~/.n8n from Windows into the container:

Error: EACCES: permission denied, open '/home/node/.n8n/config'

(fixed by running without host mount / using named volume or different mount path)

n8n logs show standard startup + migrations; no obvious auth stack trace printed for the 401 responses.

Information on your n8n setup

n8n version: 1.112.4 (from container logs: Version: 1.112.4)
Database: Default SQLite (the container ran migrations on startup; no external DB configured).
n8n EXECUTIONS_PROCESS setting: Default (no custom EXECUTIONS_PROCESS / N8N_RUNNERS_ENABLED set — running with default execution process).
Running n8n via: Docker (plain docker run under Docker Desktop on Windows 11).
Operating system (host): Windows 11 (Docker Desktop).

Chronological list of what I tried (commands + relevant outputs; keys redacted)

tested from Windows PowerShell

curl.exe -v -H “X-N8N-API-KEY: firstkey123” “http: //localh ost :5678/rest/workflows” (ignore the spaces in the links)


`curl -v` showed the header being sent, but server returned:

< HTTP/1.1 401 Unauthorized
{“status”:“error”,“message”:“Unauthorized”}


I validated inside the container that the env var was present:

docker exec -it n8n printenv | findstr N8N_API_KEY

output: N8N_API_KEY=firstkey123


Yet 401 persisted.

---

### C. Tried from a Linux curl container to avoid Windows/curl quirks

I ran curl from inside a small container to ensure the header reached the server verbatim:

docker run --rm curlimages/curl:latest -v -H “X-N8N-API-KEY: <ENV_OR_UI_KEY_PLACEHOLDER>” ht tp://h ost.docker. internal:5678/rest/workflows


Result: still `401 Unauthorized` (response body `{"status":"error","message":"Unauthorized"}`).

(Note: I used `host.docker.internal` for the container -> host networking and saw `Established connection` in curl output, so networking was OK.)

---

### D. Created a UI API key (Settings → n8n API) and tested that

* In the running n8n UI I created an API key via Settings → n8n API. I copied the token.

I then tested with that UI key (using both Windows `curl.exe` and the `curlimages/curl` container):

i) from container

docker run --rm curlimages/curl:latest -v -H “X-N8N-API-KEY: <UI_KEY_REDACTED>” ht tp://ho st.docker.internal:5678/rest/workflows

ii) or from host

curl.exe -H “X-N8N-API-KEY: <UI_KEY_REDACTED>” “h ttp://loc alhost:5678/rest/workflows”


Result: still `401 Unauthorized`. I also tried `Authorization: Bearer <UI_KEY>` just in case — same 401.

---

### E. Checked logs & ports

* `docker logs n8n` shows normal startup and full set of DB migrations finishing, then:
`Editor is now accessible via: http://localhost:5678`
`Owner was set up successfully`
`Version: 1.112.4`
(No obvious auth exception in the log for the 401 response).
* `netstat` shows port 5678 listening. `docker ps` shows port mapping `0.0.0.0:5678->5678`.
* PowerShell `Invoke-RestMethod` with headers also returned the same `{"status":"error","message":"Unauthorized"}`.

bluepuma77 · October 2, 2025, 7:37am

Check inside the container if env and config are correct. Beside that I would rather look for a dedicated n8n forum, seems like an application issue, not a Docker issue.

system · November 1, 2025, 7:37am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Put https://validate.docker.com/api: Forbidden Docker Desktop	0	1008	May 13, 2016
How to get the API-URL of a Docker 1.12 installation on Windows? Docker Desktop windows	9	17245	November 10, 2016
Docker unauthorized: authentication required Docker Desktop docker	1	2155	June 1, 2018
Unauthorized: authentication required Docker Desktop windows	2	9258	June 24, 2018
Authentication work local but not at Digital Ocean (403 forbidden) closed General	0	965	August 15, 2019