n8n template · Compliance & Audit Pack
Record every audit answer in Supabase with n8n
The pack's reliability layer: a write endpoint that validates required fields, timestamps server-side and inserts every answer into the audit_responses table. Use it from the pack's bot, your forms, or anything that can send a POST.
- Réponse reçue (Webhook)triggerWebhook
- Champs requis ?IF (condition)
- Horodater et normaliserSet (fields)
- Insérer la réponseSupabase
- Accusé de réceptionWebhook response
- Erreur 400Webhook response
$ n8n import:workflow --input=enregistrement-audit-supabase.json ✔ Import successful — 6 nodes, valid connections
The problem it solves
An audit trail is only worth having if writes are systematic and normalized: required fields present, tamper-proof timestamps, constant format. Letting every source write directly to the database multiplies variants and gaps.
Centralizing writes behind a single webhook fixes it: one entry door, one validation, one format. And the day you change databases, only this workflow moves.
How the workflow works, node by node
Node names are in French, exactly as they appear in the imported workflow — the logic is language-agnostic.
- 01
Réponse reçue (Webhook)
WebhookPOST to flowkit-audit-record with a JSON body carrying dossier_id, question and reponse. All your audit sources converge here.
- 02
Champs requis ?
IF (condition)Checks that dossier_id and question are non-empty (AND-combined conditions): no silent partial writes into the audit trail.
- 03
Horodater et normaliser
Set (fields)Freezes the definitive fields and adds recorded_at using the n8n server clock ($now.toISO()): the timestamp never depends on the client.
- 04
Insérer la réponse
SupabaseInserts the normalized row into audit_responses. Auto-mapping picks up exactly the fields prepared in the previous node.
- 05
Accusé de réception
Webhook responseConfirms the record to the caller — the bot or form knows the data is safe before moving on.
- 06
Erreur 400
Webhook responseValidation failure branch: an explicit error response the caller can fix and replay unassisted.
What you need to run it
- n8n ≥ 1.60
- A Supabase project with the audit_responses table (SQL provided in the pack guide)
- The Supabase API credential in n8n (URL + service_role key)
- No LLM key: this workflow is fully deterministic
Customization ideas
- Add business fields (auditor, framework version, criticality) to the Set node and the table
- Mirror the insert to a second store (Google Sheets, S3) for archiving
- Protect the webhook with an authentication header before any external exposure
FAQ
Frequently asked questions
How do I import this template into n8n?
Import enregistrement-audit-supabase.json via 'Import from File', attach your Supabase credential, create the table with the guide's SQL, activate, then test with a curl -X POST carrying dossier_id, question and reponse.
Why not let the bot write directly to Supabase?
The pack's bot does, through its tool — but this webhook adds a validation and timestamping layer reusable by all your other sources (forms, scripts, imports). Both approaches coexist happily.
Does this audit trail have evidential value?
It provides the essentials: server timestamps, append-only inserts and a queryable history. To go further (cryptographic integrity), add a chained hash of the rows — the table structure lends itself to it.