Hardcoded email in n8n
Why email addresses directly in workflows hurt portability and create privacy risks
What is this issue?
Hardcoded email addresses ([email protected], [email protected]) in workflow parameters tie the workflow to specific environments and expose personal or internal emails when sharing or exporting workflows.
Common hardcoded patterns:
•Send Email node with literal 'to' address•Notification emails to specific team members•Error alert recipients hardcoded in workflow•Test emails still in production workflows
Why is this dangerous?
Non-portable workflows
Moving workflows between environments requires manual email updates.
Privacy exposure
Personal emails in exported workflows leak to anyone with access.
Test data in production
Forgotten test emails may cause notifications to go to the wrong people.
Team changes
When team members leave, hardcoded emails create broken notification chains.
How to fix it
- 1
Use variables
Store email addresses in n8n Variables (Settings → Variables) and reference with $env.
- 2
Use distribution lists
Instead of individual emails, use team distribution lists or aliases.
- 3
Configure per-environment
Use different variables for dev/staging/production environments.
- 4
Document email requirements
In workflow notes, document which emails need to be configured.
Scan your workflow now
Upload your n8n workflow JSON and detect hardcoded email addresses that should be parameterized.