Problem
When using the Browserbase node for back-office automation (e.g., expense processing, HR workflows, internal tools), browser sessions may display sensitive employee and business data. The current default behavior (recordSession: true, logSession: true) causes this data to be captured and stored on Browserbase servers for up to 30 days.
While individual workflow creators can toggle these options off in Browser Options, there is no way for an organization's n8n administrator to enforce this policy across all workflows using the same Browserbase credential.
Proposal
Add two optional boolean fields to BrowserbaseApi.credentials.ts that allow credential owners to force-disable session recording and logging for all workflows using that credential:
// credentials/BrowserbaseApi.credentials.ts
{
displayName: 'Disable Session Recording',
name: 'disableSessionRecording',
type: 'boolean',
default: false,
description: 'Force-disable session recording for all workflows using this credential. When enabled, the per-node "Record Session" option is ignored.',
},
{
displayName: 'Disable Session Logging',
name: 'disableSessionLogging',
type: 'boolean',
default: false,
description: 'Force-disable session logging for all workflows using this credential. When enabled, the per-node "Log Session" option is ignored.',
},In the node execution logic:
const credentials = await this.getCredentials('browserbaseApi');
const browserSettings = {
recordSession: credentials.disableSessionRecording
? false
: (browserOptions.recordSession ?? true),
logSession: credentials.disableSessionLogging
? false
: (browserOptions.logSession ?? true),
// ...
};Why credential-level?
- Admin control: In n8n, credentials are typically managed by admins/owners — regular workflow creators use shared credentials without editing them.
- Organization-wide enforcement: A single credential shared across multiple workflows applies the policy uniformly.
- No breaking changes: Defaults to
false, preserving existing behavior for all current users.
- Works on n8n Cloud and self-hosted: No dependency on environment variables or instance-level settings.
Alternatives considered
| Approach |
Pros |
Cons |
Change defaults to false |
Simple |
Users can re-enable; no enforcement |
| Environment variable |
True admin control |
Not available on n8n Cloud |
| Credential-level option |
Admin control + Cloud compatible |
Slightly unconventional use of credentials |
Context
We operate n8n Cloud for back-office automation (CS, Finance, HR departments) and encountered this issue when evaluating Browserbase for internal workflows. We're happy to submit a PR implementing this change if the approach is acceptable.
Problem
When using the Browserbase node for back-office automation (e.g., expense processing, HR workflows, internal tools), browser sessions may display sensitive employee and business data. The current default behavior (
recordSession: true,logSession: true) causes this data to be captured and stored on Browserbase servers for up to 30 days.While individual workflow creators can toggle these options off in Browser Options, there is no way for an organization's n8n administrator to enforce this policy across all workflows using the same Browserbase credential.
Proposal
Add two optional boolean fields to
BrowserbaseApi.credentials.tsthat allow credential owners to force-disable session recording and logging for all workflows using that credential:In the node execution logic:
Why credential-level?
false, preserving existing behavior for all current users.Alternatives considered
falseContext
We operate n8n Cloud for back-office automation (CS, Finance, HR departments) and encountered this issue when evaluating Browserbase for internal workflows. We're happy to submit a PR implementing this change if the approach is acceptable.