What is n8n?
n8n is a fair-code workflow automation platform — think Zapier or Make, but self-hostable and developer-friendly. You drag nodes onto a canvas, wire them together, and ship integrations without writing glue code. With n8n-nodes-openinbox, every OpenInbox API endpoint is now available as a first-class node, plus a trigger node that fires the moment a webhook is delivered.
What you can build
- Auto-extract OTPs / magic links from incoming emails and post them to Slack, Discord, or your QA tool.
- Spin up a fresh inbox per signup test, run verification, and tear it down — fully orchestrated from n8n.
- Forward filtered emails to a Google Sheet, Notion database, or webhook for product-led growth experiments.
- Compliance archives — when an email matches a rule, push a copy to S3 with attachments preserved.
Install the node
Open n8n and go to Settings → Community Nodes → Install. Enter the package name and confirm:
n8n-nodes-openinboxYou'll get two nodes: the OpenInbox action node (Inbox / Email / Webhook / Account operations) and the OpenInbox Trigger node which auto-registers a webhook subscription when the workflow activates.
Source on GitHub
MIT-licensed. Open issues, PRs, and a downloadable demo workflow.
openinbox-io/n8n-nodes-openinboxAuthenticate
Generate an API key from the OpenInbox dashboard (Pro / Business / 7-Day Pass), then in n8n create a new OpenInbox API credential and paste the key. The node sends it as the X-API-Key header — base URL defaults to https://api.openinbox.io.
Tutorial: catch an OTP in 4 nodes
Here's the simplest useful workflow:
- OpenInbox Trigger — listen for
email.received. - Function / Code node — verify the
X-Webhook-Signatureusing your webhook secret (HMAC-SHA256 oftimestamp + "." + JSON.stringify(payload)). - OpenInbox — operation Email → Get, pass in
{{ $json.data.emailId }}to fetch the full body. - Set / Function — extract the OTP with a regex like
/\b\d{6}\b/and pass it to whatever needs it.
The repo ships a complete demo workflow (including HMAC verification and a Switch node that routes by event) that you can import directly.
Operations at a glance
| Resource | Operations |
|---|---|
| Inbox | Create, Get, Get Many, Delete |
| Get, Get Many, Delete | |
| Webhook | Create, Get Many, Delete |
| Account | Get (tier, rate limits, usage) |
Verifying the webhook signature
Every delivery includes a header in this format:
X-Webhook-Signature: t=1714200000000,v1=<sha256_hex>The signed payload is `$${t}.$${JSON.stringify(payload)}`. In n8n's Code node:
const crypto = require('crypto');
const { signature, ...payload } = $input.first().json.__delivery;
const [tPart, v1Part] = signature.split(',');
const t = tPart.split('=')[1];
const expected = crypto
.createHmac('sha256', $env.OPENINBOX_WEBHOOK_SECRET)
.update(`${t}.${JSON.stringify(payload)}`)
.digest('hex');
return [{ json: { valid: expected === v1Part.split('=')[1], payload } }];Why a community node?
Real-time
Webhook trigger fires within ~100ms of inbound email — no polling.
Secure
HMAC-SHA256 signed deliveries; API key never leaves the credential vault.
Self-managing
Activate the workflow → webhook is registered. Deactivate → it cleans up.
Get started
The node is open source and free to use. You'll need an OpenInbox API key for actual API calls — start with a 7-Day Pass if you just want to try it out.
Ready to ship?
Install n8n-nodes-openinbox from the n8n community panel, or grab the demo workflow from GitHub.
Related
- Automate OTP testing in Playwright using a disposable email API
- Stop using your real email in CI/CD — here's the fix
- Test email verification flows in Jest without a real inbox
Found a bug or want a new operation? Open an issue on GitHub.