Build a secure entry point for any incoming HTTP request. It checks a secret token and confirms that all needed fields are present before your main logic runs. This is useful for teams that accept data from forms, apps, or partners and want clean, safe requests.

The flow starts with a POST Webhook that waits for requests. A Configuration step stores the expected Bearer token and a list of required fields. An authorization check compares the header value with your token and sends a 401 if it is wrong. A Code validator then inspects the request body and flags missing fields. If any field is missing, a 400 response returns with a clear message. Valid requests continue to your business logic placeholder. A response builder creates a simple JSON payload, and a 200 step returns it to the caller.

To set it up, choose a strong token and list the fields that must be in the body. Expect fewer support tickets and faster debugging because bad requests never reach the core flow. Common uses include intake for forms, partner callbacks, and simple API endpoints that need basic protection and clear responses.

• POST Webhook endpoint with a fixed path for clean intake
• Configuration step to store a Bearer token and required field keys
• Authorization check that compares the incoming header to your token
• 401 JSON response with a helpful hint when the token is missing or invalid
• Custom Code validator that confirms all required fields exist in the request body
• 400 JSON response when any required field is missing
• Placeholder node to attach your downstream business logic
• Response builder that returns a clean 200 JSON payload

• Reduce manual request checks from hours each week to minutes by rejecting bad calls at the edge
• Eliminate up to 100 percent of missing field errors reaching your core workflow
• Cut troubleshooting time by 50 percent with clear 400 and 401 JSON messages
• Scale safely as traffic grows because validation happens before your business logic
• Standardize API replies so clients get fast, consistent feedback

1. Import the template into n8n: Create a new workflow in n8n > Click the three dots menu > Select 'Import from File' > Choose the downloaded JSON file.
2. Open the Webhook node. Confirm the HTTP Method is POST, set the Path to a unique route, and keep Response Mode as 'Respond to Webhook' via response node.
3. Open the Configuration node. Set a strong value for config.bearerToken and add keys under config.requiredFields for every field the request must contain.
4. Review the Check Authorization Header node to confirm it reads the Authorization header and matches Bearer YOUR_SECRET_TOKEN.
5. Open the Has required fields code node and confirm it reads the body from the Webhook node. Leave the logic as is unless you need extra validation.
6. Replace the Add workflow nodes here node with your own logic, such as writing to a database or calling another API.
7. Update the Create Response node to return the values clients should receive after a successful call.
8. Activate the workflow. Copy the production Webhook URL from n8n and save it in your client app or form.
9. Test a valid request using curl or Postman. Include the Authorization header with Bearer your token and a JSON body with all required fields. You should see a 200 JSON response.
10. Test error cases. Send a request with a wrong or missing token to confirm the 401 response. Remove a required field to confirm the 400 response with the hint.
11. If you do not see the Authorization header in the request data, check your client or proxy to ensure headers are forwarded and not stripped.
12. Monitor execution logs in n8n to verify throughput and to adjust required fields as your schema changes.