by Oneclick AI Squad
This AI-powered workflow transcribes Zoom/Google Meet recordings, extracts decisions and tasks using AI, then creates tickets in Jira/ClickUp/Linear and assigns them to team members automatically. How it works Trigger - Receives meeting recording URL via webhook or schedule Download Recording - Fetches audio/video file from Zoom/Google Meet Audio Extraction - Converts video to audio if needed using FFmpeg Transcription - Uses Whisper API to transcribe meeting audio Wait & Process - Allows transcription to complete Parse Transcript - Cleans and formats the transcription text AI Analysis - Claude extracts action items, decisions, owners Team Member Matching - Maps names to user IDs in project tools Create Tasks - Generates tickets in Jira/ClickUp/Linear Assign & Notify - Assigns tasks to team members and sends notifications Meeting Summary - Saves full summary to Google Drive/Notion Response - Returns processed action items and task links Setup Steps Import this workflow into your n8n instance Configure credentials: Zoom OAuth - For downloading Zoom recordings Google OAuth - For Google Meet recordings and Drive storage OpenAI API - For Whisper transcription service Anthropic API - For Claude AI analysis Jira/ClickUp/Linear API - For task creation Slack/Teams - For notifications (optional) Set up team member mapping in the config node Configure your project management tool preferences Activate the workflow Sample Trigger Payload { "meetingSource": "zoom", "recordingUrl": "https://zoom.us/rec/share/...", "meetingTitle": "Q1 Planning Meeting", "meetingDate": "2024-01-15", "attendees": ["alice@company.com", "bob@company.com", "charlie@company.com"], "projectKey": "PROJ-123", "taskTool": "jira", "defaultPriority": "medium", "autoAssign": true, "sendNotifications": true, "saveToNotion": false, "saveToDrive": true, "extractDecisions": true, "extractRisks": true, "dueDate": "2024-01-22" } Features Multi-platform support** (Zoom, Google Meet, MS Teams recordings) Accurate transcription** using OpenAI Whisper API AI-powered extraction** of action items, decisions, risks, and next steps Automatic task creation** in Jira, ClickUp, or Linear Smart assignment** - maps attendee names to task assignees Meeting summaries** - saves comprehensive notes to Drive/Notion Slack/Teams notifications** - alerts team members of new tasks Duplicate detection** - prevents creating duplicate tickets Priority detection** - AI assigns urgency levels to tasks
by Masaki Go
About This Template This workflow creates high-quality, text-rich advertising banners from simple LINE messages. It combines Google Gemini (for marketing-focused prompt engineering) and Nano Banana Pro (accessed via Kie.ai API) to generate images with superior text rendering capabilities. It also handles the asynchronous API polling required for high-quality image generation. How It Works Input: Users send a banner concept via LINE (e.g., "Coffee brand, morning vibe"). Prompt Engineering: Gemini optimizes the request into a detailed prompt, specifying lighting, composition, and Japanese catch-copy placement. Async Generation: The workflow submits a job to Nano Banana Pro (Kie API) and intelligently waits/polls until the image is ready. Hosting: The final image is downloaded and uploaded to a public AWS S3 bucket. Delivery: The image is pushed back to the user on LINE. Who It’s For Marketing teams creating A/B test assets. Japanese market advertisers needing accurate text rendering. Developers looking for an example of Async API Polling patterns in n8n. Requirements n8n** (Cloud or Self-hosted). Kie.ai API Key** (for Nano Banana Pro model). Google Gemini API Key**. AWS S3 Bucket** (Public access enabled). LINE Official Account** (Messaging API). Setup Steps Credentials: Configure the "Header Auth" credential for the Kie.ai nodes (Header: Authorization, Value: Bearer YOUR_API_KEY). AWS: Ensure your S3 bucket allows public read access so LINE can display the image. Webhook: Add the production webhook URL to your LINE Developers console.
by plemeo
Who’s it for Growth hackers, community builders, and marketers who want to keep their Twitter (X) accounts active by liking posts from selected profiles automatically. How it works / What it does Schedule Trigger fires hourly. Profile Post Extractor fetches up to 20 tweets for each profile in your CSV. Select Cookie rotates Twitter session-cookies. Get Random Post checks against twitter_posts_already_liked.csv. Builds twitter_posts_to_like.csv, uploads to SharePoint. Phantombuster Autolike Agent likes the tweet. Logs the liked URL to avoid duplicates. How to set up Add Phantombuster + SharePoint credentials. In SharePoint “Phantombuster” folder: • twitter_session_cookies.txt • twitter_posts_already_liked.csv (header postUrl) • profiles_twitter.csv (list of profiles). Profile CSV format Your profiles_twitter.csv must contain a header profileUrl and direct links to the Twitter profiles. Example: profileUrl https://twitter.com/elonmusk https://twitter.com/openai
by Eugen
👥 Who the Automation is for This automation is perfect for bloggers, solopreneurs, business owners, and marketing teams who want to scale SEO content creation. Instead of spending hours on research and drafting, you can go from a single keyword idea to a ready-to-edit WordPress draft in minutes. ⚙️ How the Automation Works Collect keywords in a Google Sheet and mark the ones you want as “prioritized.” Click “Prepare Content” → your keyword(s) are sent to n8n. n8n pulls the top 10 Google SERP results. AI analyzes competitors (tone, content type, gaps) and creates a content brief. Another AI generates a blog draft based on the brief. The draft is automatically uploaded to WordPress and your sheet updates. 👉 In short: Keyword → SERP → Brief → Draft → WordPress. 🛠 How to Set Up Full Setup Guide Copy the Google Sheets Template. Import the workflow into n8n. Add your API keys: Google Custom Search, Claude AI, and WordPress credentials. Test the webhook connection from Google Sheets. 🎉 Done — you now have a one-click pipeline from keyword idea to WordPress draft.
by Kumar Shivam
The AI-Powered Shopify SEO Content Automation is an enterprise-grade workflow that transforms product content creation for e-commerce stores. This sophisticated multi-agent system integrates GPT-4o, Claude Sonnet 4, Claude 3.5, Perplexity AI, and Haloscan keyword research to generate SEO-optimized product descriptions, metafields, and meta descriptions with zero manual intervention and built-in cannibalization prevention. To see the demo connect via my profile profile 💡 Key Advantages 🎯 Multi-Agent AI Orchestration Central Orchestrator manages complex workflows with specialized agents for descriptions, metafields, and SEO, each optimized for specific content types. 🔍 Advanced Keyword Research & Cannibalization Prevention Integrates Haloscan API for premium keyword discovery and SERP overlap analysis to prevent keyword cannibalization across your product catalog. 📊 Enterprise SEO Optimization Specialized for e-commerce with semantic alignment, TF-IDF optimization, and compliance with industry regulations and best practices. 🧠 Intelligent Content Strategy Perplexity AI provides market intelligence, search intent analysis, and trending keyword discovery for data-driven content decisions. 🏗️ Comprehensive Content Generation Creates product descriptions, 6 specialized metafields, SEO meta descriptions, and rich text formatting for complete Shopify integration. 📋 Automated Workflow Management Airtable integration tracks content creation status, manages keyword databases, and provides centralized workflow control. ⚙️ How It Works Content Type Selection Form-based trigger allows selection of content types: create_product_description, create_product_meta, or create_product_seo. Product Data Collection Retrieves comprehensive product information from Shopify and Airtable, including titles, descriptions, handles, and vendor details. Premium Keyword Discovery Haloscan API analyzes product titles for keyword opportunities Extracts search metrics, competitor keywords, and SERP data Perplexity provides market intelligence and search intent analysis SEO Compliance Checking Performs SERP overlap analysis to identify existing rankings Filters keywords to prevent cannibalization Updates Airtable with curated keyword lists Generates actionable SEO content strategies Multi-Agent Content Generation Product Description Agent (Claude Sonnet 4): Generates SEO-optimized product descriptions with verified facts Implements strict HTML structure with proper heading hierarchy Ensures compliance with e-commerce regulations and best practices Meta Fields Agent (Claude Sonnet 4): Creates 6 specialized metafields: ingredients, recommendations, nutritional values, warnings, short descriptions, and client arguments Enforces strict formatting rules and regulatory compliance Generates clean HTML compatible with Shopify themes SEO Fields Agent (Claude Sonnet 4): Produces optimized meta descriptions for search engines Integrates keyword research data for maximum organic visibility Applies current year SEO best practices and anti-keyword stuffing techniques Shopify Integration & Updates Updates product descriptions via Shopify API Uploads metafields using GraphQL mutations Converts HTML to Shopify Rich Text format Tracks completion status in Airtable 🛠️ Setup Steps Core Integrations Shopify Access Token – For product data retrieval and content updates OpenRouter API – For GPT-4o and Claude model access Haloscan API – For keyword research and SERP analysis Perplexity API – For market intelligence and content strategy Airtable OAuth – For workflow management and keyword tracking Agent Configuration Orchestrator Agent – Central workflow management with routing logic Product Description Agent – SEO content generation with fact verification Meta Fields Agent – Structured metafield creation with compliance rules SEO Fields Agent – Meta description optimization with keyword integration Premium Keyword Discovery – Automated keyword research and analysis -SEO Compliance Checker – Cannibalization prevention and strategy generation Workflow Tools MCP Server Integration – Airtable data management HTTP Request Tools – Haloscan API communication Structured Output Parsers – Data validation and formatting Memory Buffer Windows – Conversation context management Rich Text Converters – Shopify-compatible content formatting 🎯 Workflow Capabilities Product Description Generation Length Control: 150-300 words with hard limits SEO Structure: Optimized heading hierarchy and keyword placement Fact Verification: Zero-invention policy with source validation Brand Compliance: Controlled brand mentions and positioning Metafield Creation 6 Specialized Fields: Arguments, ingredients, recommendations, nutrition, warnings, descriptions HTML Formatting: Clean structure with allowed tags only Regulatory Compliance: Industry-specific warnings and disclaimers Dynamic Content: Adapts to different product categories automatically Advanced SEO Features Keyword Research: Automated discovery with search volume analysis Cannibalization Prevention: SERP overlap detection and filtering Meta Optimization: Character-limited descriptions with CTR focus Content Strategy: AI-generated SEO roadmaps based on market data 🔐 Credentials Required Shopify Access Token – Product management and content publishing OpenRouter API Key – Multi-model AI access (GPT-4o, Claude variants) Haloscan API Key – Keyword research and SERP analysis Perplexity API Key – Market intelligence and content strategy Airtable OAuth – Database management and workflow tracking 👤 Ideal For E-commerce Teams scaling content creation across hundreds of products SEO Specialists implementing advanced cannibalization prevention strategies Shopify Store Owners seeking enterprise-level content automation Marketing Agencies building scalable, multi-client SEO workflows Product Managers requiring compliance-focused content generation 💬 Advanced Features Multi-Language Ready Workflow architecture supports easy extension to multiple markets and languages with minimal configuration changes. Compliance Framework Built-in regulatory compliance checking ensures content meets industry standards and legal requirements. Scalable Architecture Modular design allows adding new content types, AI models, or integration points without workflow restructuring. Error Handling & Retries Comprehensive error management with automatic retries and fallback mechanisms ensures reliable content generation. 💡 Pro Tip: This workflow represents a complete SEO content factory that can process hundreds of products daily while maintaining quality, compliance, and search engine optimization standards.
by Yuvraj Singh
Purpose This solution enables you to manage all your Notion and Todoist tasks from different workspaces as well as your calendar events in a single place. This is 2 way sync with partial support for recurring How it works The realtime sync consists of two workflows, both triggered by a registered webhook from either Notion or Todoist. To avoid overwrites by lately arriving webhook calls, every time the current task is retrieved from both sides. Redis is used to prevent from endless loops, since an update in one system triggers another webhook call again. Using the ID of the task, the trigger is being locked down for 80 seconds. Depending on the detected changes, the other side is updated accordingly .Generally Notion is treaded as the main source. Using an "Obsolete" Status, it is guaranteed, that tasks never get deleted entirely by accident. The Todoist ID is stored in the Notion task, so they stay linked together An additional full sync workflow daily fixes inconsistencies, if any of them occurred, since webhooks cannot be trusted entirely. Since Todoist requires a more complex setup, a tiny workflow helps with activating the webhook. Another tiny workflow helps generating a global config, which is used by all workflows for mapping purposes. Mapping (Notion >> Todoist) Name: Task Name Priority: Priority (1: do first, 2: urgent, 3: important, 4: unset) Due: Date Status: Section (Done: completed, Obsolete: deleted) <page_link>: Description (read-only) Todoist ID: <task_id> Current limitations Changes on the same task cannot be made simultaneously in both systems within a 15-20 second time frame. Subtasks are not linked automatically to their parent yet. Tasks names do not support URL’s yet. Credentials Follow the video: Setup credentials for Notion (access token), Todoist (access token) and Redis. Todoist Follow this video to get Todoist to obtain API Token. Todoist Credentials.mp4 Notion Follow this video to get Notion Integration Secret. Redis Follow this video to get Redis Setup The setup involves quite a lot of steps, yet many of them can be automated for business internal purposes. Just follow the video or do the following steps: Setup credentials for Notion (access token), Todoist (access token) and Redis - you can also create empty credentials and populate these later during further setup Clone this workflow by clicking the "Use workflow" button and then choosing your n8n instance - otherwise you need to map the credentials of many nodes. Follow the instructions described within the bundle of sticky notes on the top left of the workflow How to use You can apply changes (create, update, delete) to tasks both in Notion and Todoist which then get synced over within a couple of seconds (this is handled by the differential realtime sync) The daily running full sync, resolves possible discrepancies in Todoist. This workflow incorporates ideas and techniques inspired by Mario (https://n8n.io/creators/octionic/) whose expertise with specific nodes helped shape parts of this automation. Significant enhancements and customizations have been made to deliver a unique and improved solution.
by moosa
This workflow monitors product prices from BooksToScrape and sends alerts to a Discord channel via webhook when competitor's prices are lower than our prices. 🧩 Nodes Used Schedule (for daily or required schedule) If nodes (to check if checked or unchecked data exists) HTTP Request (for fetching product page ) Extract HTML (for extracting poduct price) Code(to clean and extract just the price number) Discord Webhook (send discord allerts) Sheets (extract and update) 🚀 How to Use Replace the Discord webhook URL with your own. Customize the scraping URL if you're monitoring a different site.(Sheet i used) Run the workflow manually or on a schedule. ⚠️ Important Do not use this for commercial scraping without permission. Ensure the site allows scraping (this example is for learning only).
by noda
🧩 What this template does This workflow builds a 120-minute local date course around your starting point by querying Google Places for nearby spots, selecting the top candidates, fetching real-time weather data, letting an AI generate a matching emoji, and drafting a friendly itinerary summary with an LLM in both English and Japanese. It then posts the full bilingual plan with a walking route link and weather emoji to Slack. 👥 Who it’s for Makers and teams who want a plug-and-play bilingual local itinerary generator with weather awareness — no custom code required. ⚙️ How it works Trigger – Manual (or schedule/webhook). Discovery – Google Places nearby search within a configurable radius. Selection – Rank by rating and pick the top 3. Weather – Fetch current weather (via OpenWeatherMap). Emoji – Use an AI model to match the weather with an emoji 🌤️. Planning – An LLM writes the itinerary in Markdown (JP + EN). Route – Compose a Google Maps walking route URL. Share – Post the bilingual itinerary, route link, and weather emoji to Slack. 🧰 Requirements n8n (Cloud or self-hosted) Google Maps Platform (Places API) OpenWeatherMap API key Slack Bot (chat:write) LLM provider (e.g., OpenRouter or DeepL for translation) 🚀 Setup (quick) Open Set → Fields: Config and fill in coords/radius/time limit. Connect Credentials for Google, OpenWeatherMap, Slack, and your LLM. Test the workflow and confirm the bilingual plan + weather emoji appear in Slack. 🛠 Customize Adjust ranking filters (type, min rating). Modify translation settings (target language or tone). Change output layout (side-by-side vs separated). Tune emoji logic or travel mode. Add error handling, retries, or logging for production use.
by Blumpo
Find Customer Insights from Website and Reddit with Claude Who is this for? This workflow is designed for marketers, founders, agencies, and product teams who want to understand how real customers talk about a product category, market, or problem space. It works especially well if you already have: a website a product that needs better positioning weak or limited voice-of-customer data a need for better ad angles, hooks, landing page messaging, or research What problem is this workflow solving? / Use case A lot of AI outputs are only as good as the context behind them. The problem is that many websites do not provide enough useful input on their own: some barely explain the product clearly some have weak positioning some have very little voice-of-customer language available some need insight from the broader market, not just the brand itself This workflow solves that by combining website extraction with Reddit research. Instead of only asking, “What does this company say about itself?”, it also asks: what are people frustrated with in this market? what are they trying to solve? what triggers them to look for a solution? how do they describe the problem in their own words? That gives you much better raw material for ads, copy, positioning, landing pages, and content strategy. What this workflow does Collects a website URL through a form Fetches the homepage and selected internal pages from the website Extracts and cleans website text into one usable source Builds structured website insights such as: brand name product summary customer group industry problems solution key features key benefits brand voice business type marketing brief Generates targeted Reddit search phrases based on the product category and market Searches Reddit for relevant posts Filters low-quality or irrelevant posts Checks which posts are actually relevant to the product/problem space Pulls comments from selected Reddit threads Combines website context with Reddit posts and comments Extracts structured customer insight such as: pain points trigger events aspirations interesting quotes content ideas Setup Connect your accounts: Anthropic API for website analysis, keyword generation, relevance checking, and final insight creation Reddit API for searching posts and pulling comments Set your credentials in the respective nodes. Form input required: Website — required How to customize this workflow to your needs Website analysis: Adjust the website analysis prompt if you want different output fields, such as competitors, pricing objections, maturity level, or use cases. Reddit search breadth: Change the prompt that generates search terms if you want broader market research or narrower product-category research. Post filtering: Adjust the Reddit filtering logic if you want to allow lower-engagement posts, fewer comments, or more exploratory inputs. Insight extraction: Update the final insight prompt if you want different outputs such as objection handling, JTBD phrasing, angle buckets, landing page copy, or ad hooks. Research focus: You can use this workflow for: ad research landing page messaging competitor/category research product marketing ICP understanding How it works The workflow starts with a form submission containing a website URL. It fetches the homepage, extracts navigation links, and uses Claude to select a few useful internal pages likely to contain stronger product and positioning context. Those pages are fetched and converted into text, then merged into one cleaned website source. Claude then analyzes that website text to build a structured understanding of the product, audience, problems, solution, features, benefits, tone, and market context. Based on that, it generates a couple of targeted Reddit search phrases that are specific to the product category rather than just the exact brand name. The workflow searches Reddit using those phrases, removes weak or empty results, and aggregates the posts. It then checks which posts are actually relevant to the product’s customer group and pain points. After that, it pulls comments from selected posts and combines the post and comment data into one research input. Finally, Claude turns that combined input into structured customer insight that can be used for messaging and creative work. The final output includes things like pain points, trigger events, aspirations, quotes, and content ideas. Result With this workflow, you go from website URL → website understanding → Reddit research → structured customer insight in one flow. The result is much better context for: ad angles hooks landing pages positioning voice-of-customer research creative strategy
by Yuvraj Singh
Purpose This solution enables you to manage all your Notion and Todoist tasks from different workspaces as well as your calendar events in a single place. This is 2 way sync with partial support for recurring How it works The realtime sync consists of two workflows, both triggered by a registered webhook from either Notion or Todoist. To avoid overwrites by lately arriving webhook calls, every time the current task is retrieved from both sides. Redis is used to prevent from endless loops, since an update in one system triggers another webhook call again. Using the ID of the task, the trigger is being locked down for 80 seconds. Depending on the detected changes, the other side is updated accordingly .Generally Notion is treaded as the main source. Using an "Obsolete" Status, it is guaranteed, that tasks never get deleted entirely by accident. The Todoist ID is stored in the Notion task, so they stay linked together An additional full sync workflow daily fixes inconsistencies, if any of them occurred, since webhooks cannot be trusted entirely. Since Todoist requires a more complex setup, a tiny workflow helps with activating the webhook. Another tiny workflow helps generating a global config, which is used by all workflows for mapping purposes. Mapping (Notion >> Todoist) Name: Task Name Priority: Priority (1: do first, 2: urgent, 3: important, 4: unset) Due: Date Status: Section (Done: completed, Obsolete: deleted) <page_link>: Description (read-only) Todoist ID: <task_id> Current limitations Changes on the same task cannot be made simultaneously in both systems within a 15-20 second time frame. Subtasks are not linked automatically to their parent yet. Tasks names do not support URL’s yet. Credentials Follow the video: Setup credentials for Notion (access token), Todoist (access token) and Redis. Todoist Follow this video to get Todoist to obtain API Token. Todoist Credentials.mp4 Notion Follow this video to get Notion Integration Secret. Redis Follow this video to get Redis Setup The setup involves quite a lot of steps, yet many of them can be automated for business internal purposes. Just follow the video or do the following steps: Setup credentials for Notion (access token), Todoist (access token) and Redis - you can also create empty credentials and populate these later during further setup Clone this workflow by clicking the "Use workflow" button and then choosing your n8n instance - otherwise you need to map the credentials of many nodes. Follow the instructions described within the bundle of sticky notes on the top left of the workflow How to use You can apply changes (create, update, delete) to tasks both in Notion and Todoist which then get synced over within a couple of seconds (this is handled by the differential realtime sync) The daily running full sync, resolves possible discrepancies in Todoist. This workflow incorporates ideas and techniques inspired by Mario (https://n8n.io/creators/octionic/) whose expertise with specific nodes helped shape parts of this automation. Significant enhancements and customizations have been made to deliver a unique and improved solution.
by Viraj
Quick Overview This workflow ingests incident and playbook content from GitHub into Supabase (including pgvector embeddings with Google Gemini) and, on a webhook trigger, enriches a test incident with historical matches, a routed response playbook, and live web threat intel (via Tavily + OpenRouter) to generate a validated incident response report. How it works Receives a POST webhook containing the incident payload (including an encrypted OpenRouter API key) and decrypts the key for downstream LLM calls. Creates a tracking row in a Supabase table and loads configuration values used by the retrieval and report-generation steps. Retrieves similar resolved incidents from a Supabase pgvector store using Google Gemini embeddings and returns structured historical patterns. Retrieves the best-matching reference playbook from a Supabase pgvector store and fetches the full playbook text from Supabase, falling back to a built-in generic playbook when no match is found. Uses Tavily Search plus an OpenRouter-backed agent to gather external threat intelligence, IOCs, and phased mitigation guidance when the incident is classified as security-relevant. Merges the three intelligence branches and uses an OpenRouter LLM to synthesize a structured JSON output and an 11-section Markdown incident response report. Validates that required report fields exist and, if valid, writes the structured output and Markdown report back to the Supabase test incident record; otherwise it skips the write. Setup Create Supabase tables for test incidents and vector stores (for resolved incidents and reference playbooks) and configure the matching SQL functions used for retrieval (for example, match_resolved_incidents_v1 and match_reference_playbooks_v1). Add Supabase credentials in n8n and set the correct table names and query function names in the workflow’s configuration nodes. Add Google Gemini (PaLM) API credentials and ensure the embedding model name used in the config (for example, models/gemini-embedding-001) is available to your account. Add an OpenRouter API credential for the chat models used by the agents and synthesizer, and ensure your webhook caller sends an encrypted_openrouter_key value that matches the workflow’s decryption format. Add a Tavily API credential for web search, then copy the webhook URL and configure your incident source to POST the incident JSON to it.
by WeblineIndia
AI Fraud Detection Workflow > n8n + PostgreSQL + OpenAI + Slack This AI Fraud Detection Workflow is an automated n8n pipeline that analyzes user activity in real time using a combination of rule-based fraud detection, AI interpretation and historical behavioral context. It processes events like login attempts, password changes or transactions, evaluates risk, stores results in PostgreSQL and triggers alerts for high-risk activity. Quick Implementation Steps Import workflow into n8n Configure webhook endpoint /user-activity Set up PostgreSQL connection and user_activity_logs table Add OpenAI API credentials Configure alerting node (Slack or alternative) Activate workflow and test with sample payload What It Does This workflow continuously monitors user activity events and evaluates them for suspicious behavior. When a user event is received, the system: Validates the incoming request Fetches last 10 user activity logs from PostgreSQL Builds behavioral context Applies rule-based fraud scoring Sends structured data to AI for interpretation Combines AI + rule-based decisions Stores results in the database Sends alerts for HIGH-risk cases It helps detect anomalies like: New device usage Impossible travel (rapid location change) Foreign access attempts Sensitive actions like password changes Who It's For Fintech applications Banking & payment platforms SaaS applications with authentication systems E-commerce platforms Security and fraud prevention teams DevOps and backend engineers Requirements to Use This Workflow n8n account (cloud or self-hosted) PostgreSQL database OpenAI API key Alerting system (Slack / Email / Teams / etc.) Webhook support for incoming user activity events Database Schema CREATE TABLE user_activity_logs ( id BIGSERIAL PRIMARY KEY, user_id TEXT, event TEXT, ip TEXT, location TEXT, device TEXT, risk_score INT, ai_flag TEXT, created_at TIMESTAMP DEFAULT NOW() ); How It Works & Setup Guide 1. Webhook Trigger Receives user activity via POST request: Endpoint: /user-activity Payload: { "user_id": "user_002", "event": "password_change", "ip": "192.165.1.45", "location": "United States", "device": "Chrome Browser - Windows" } 2. Request Validation Ensures required fields exist: user_id event ip location device 3. Fetch User History (PostgreSQL) Retrieves last 10 activity logs for the user to build behavioral context. 4. Context Builder Merges: Current event Historical activity logs This helps detect behavioral anomalies. 5. Rule-Based Fraud Engine Applies deterministic fraud logic: New device detection Impossible travel detection Foreign location access Sensitive operations (password change, withdrawal) Outputs: rule_score rule_risk (LOW / MEDIUM / HIGH) risk_reasons 6. AI Fraud Interpreter (OpenAI) The AI does not calculate risk. It only interprets rule-based output and returns: { "risk_level": "LOW | MEDIUM | HIGH", "reason": "short explanation" } 7. AI Response Cleaner Parses AI output safely Extracts: ai_risk ai_reason 8. Decision Fusion Layer Final risk logic: If rule OR AI = HIGH → FINAL = HIGH Else if either = MEDIUM → FINAL = MEDIUM Else → LOW 9. Database Logger Stores final result in PostgreSQL: user_id event ip location device risk_score (rule-based) ai_flag (AI risk level) 10. High Risk Filter Triggers only when: final_risk === "HIGH" 11. Alert Dispatcher Sends fraud alert via Slack (or can be replaced with email, SMS, Teams, etc.) How to Customize Nodes Fraud Rules Engine:** Adjust scoring weights and conditions AI Prompt:** Add domain-specific fraud rules or compliance logic Database Node:** Add extra fields like session_id, user_agent Alert System:** Replace Slack with email, SMS or webhook Threshold Logic:** Modify HIGH/MEDIUM/LOW conditions Add-ons (Enhancements) GeoIP enrichment using IP tracking Device fingerprinting integration Real-time fraud dashboard Machine learning anomaly scoring Multi-channel alerting (Slack + Email + SMS) Fraud case management system Rate limiting and bot detection Use Case Examples Detect unauthorized login attempts Prevent account takeover (ATO) attacks Monitor suspicious password changes Detect fraudulent financial transactions Identify VPN or proxy-based access This workflow can be extended to many more fraud detection and security monitoring use cases. Troubleshooting Guide | Issue | Possible Cause | Solution | |------|---------------|----------| | Webhook not receiving data | Incorrect endpoint or inactive workflow | Ensure workflow is active and webhook URL is correct | | AI parsing error | Unexpected response format from OpenAI | Verify JSON structure from AI output | | No historical data found | Empty user logs table | Ensure user_activity_logs has existing records | | Slack alert not triggered | Risk not classified as HIGH | Check fusion logic in decision node | | PostgreSQL error | Wrong credentials or schema mismatch | Verify DB connection and table structure | | Incorrect risk score | Rule logic misconfiguration | Review fraud scoring conditions | Need Help If you need help with: Setting up this workflow in n8n Customizing fraud detection rules Integrating advanced alerting systems Scaling workflows for production You can reach out to our n8n workflow developers at WeblineIndia for professional assistance in building and optimizing automation workflows like this.