B2B organisations often float between shared spreadsheets, inbox threads, and aging line-of-business apps where data is retyped because nothing neutral moves it when reality changes — a signed deal, a fulfilled order, a breached SLA.
n8n sits in a sweet spot: visual automation with escape hatches into code, deployable self-hosted, which matters as soon as privacy policies get serious.
Anchor the use case before glam connectors
Integrations fail when nobody agrees on the true triggering event. Ask up front:
- Which system is least likely to lie about canonical state?
- What does a happy-path API response actually look like?
- What happens when the payload arrives late?
Mental model stays constant: trigger → read/normalize → side effect → audit log.
Authentication and security basics
Mixed REST stacks may use JWT alongside long-lived API keys. Pragmatic checklist:
- Credentials live in mounted secrets, never embedded in shared canvases when outsiders collaborate.
- Rotation documented even if today only you hold the tokens — future you will thank past you.
- Egress allowlists when the downstream SaaS insists on them.
For distributed partners I often pair n8n with signed inbound webhooks when volume allows: verifiable origin hashing, with lightweight queues when bursts get heavy.
Idempotency saves support hours
Duplicate purchase rows are expensive. If the same logical event hits twice because HTTP timed out before acknowledgement, will your flow create a second invoice?
Before the big POST, persist a correlation row (external_ref, state) — even a guarded Google Sheet is better than nothing while volume is small and pain is acute.
Governance for “shadow automation”
Invisible automation multiplies. I have seen “unofficial” infra still holding regulated personal data. Agree on:
- Who signs off a flow before production promotion?
- Where logs live when alerts fire at 3 a.m.?
- How you diff versions without rewriting tribal knowledge every quarter.
Pair technical and operations folks: publish a short textual diagram (“when CRM emits X, ERP receives Y”) and rehearse in sandbox with synthetic rows that mimic legacy quirks.
Conclusion
n8n should not be CRM duct tape — it should be an orchestration layer with written rules. Narrow REST contracts, classified errors, and idempotent side effects cut manual toil and give sales teams time to sell instead of re-keying the same cells.