FlowKit

n8n template · Compliance & Audit Pack

Record every audit answer in Supabase with n8n

The pack's reliability layer: a write endpoint that validates required fields, timestamps server-side and inserts every answer into the audit_responses table. Use it from the pack's bot, your forms, or anything that can send a POST.

Pipelineenregistrement-audit-supabase.json · 6 nodes
  1. Réponse reçue (Webhook)triggerWebhook
  2. Champs requis ?IF (condition)
  3. Horodater et normaliserSet (fields)
  4. Insérer la réponseSupabase
  5. Accusé de réceptionWebhook response
  6. Erreur 400Webhook response

The problem it solves

An audit trail is only worth having if writes are systematic and normalized: required fields present, tamper-proof timestamps, constant format. Letting every source write directly to the database multiplies variants and gaps.

Centralizing writes behind a single webhook fixes it: one entry door, one validation, one format. And the day you change databases, only this workflow moves.

How the workflow works, node by node

Node names are in French, exactly as they appear in the imported workflow — the logic is language-agnostic.

  1. 01

    Réponse reçue (Webhook)

    Webhook

    POST to flowkit-audit-record with a JSON body carrying dossier_id, question and reponse. All your audit sources converge here.

  2. 02

    Champs requis ?

    IF (condition)

    Checks that dossier_id and question are non-empty (AND-combined conditions): no silent partial writes into the audit trail.

  3. 03

    Horodater et normaliser

    Set (fields)

    Freezes the definitive fields and adds recorded_at using the n8n server clock ($now.toISO()): the timestamp never depends on the client.

  4. 04

    Insérer la réponse

    Supabase

    Inserts the normalized row into audit_responses. Auto-mapping picks up exactly the fields prepared in the previous node.

  5. 05

    Accusé de réception

    Webhook response

    Confirms the record to the caller — the bot or form knows the data is safe before moving on.

  6. 06

    Erreur 400

    Webhook response

    Validation failure branch: an explicit error response the caller can fix and replay unassisted.

What you need to run it

  • n8n ≥ 1.60
  • A Supabase project with the audit_responses table (SQL provided in the pack guide)
  • The Supabase API credential in n8n (URL + service_role key)
  • No LLM key: this workflow is fully deterministic

Customization ideas

  • Add business fields (auditor, framework version, criticality) to the Set node and the table
  • Mirror the insert to a second store (Google Sheets, S3) for archiving
  • Protect the webhook with an authentication header before any external exposure

FAQ

Frequently asked questions

How do I import this template into n8n?

Import enregistrement-audit-supabase.json via 'Import from File', attach your Supabase credential, create the table with the guide's SQL, activate, then test with a curl -X POST carrying dossier_id, question and reponse.

Why not let the bot write directly to Supabase?

The pack's bot does, through its tool — but this webhook adds a validation and timestamping layer reusable by all your other sources (forms, scripts, imports). Both approaches coexist happily.

Does this audit trail have evidential value?

It provides the essentials: server timestamps, append-only inserts and a queryable history. To go further (cryptographic integrity), add a chained hash of the rows — the table structure lends itself to it.