Why Your n8n Data Should Live on One Instance You Own
If you have spent any time in the n8n community, you have probably seen the debate: self-host it yourself, use n8n Cloud, or find a third-party host. One phrase keeps coming up in that discussion — single-tenant — and a surprising number of automation builders are not quite sure what it means in practice or why it should change what they pay for.
This post explains it plainly, with concrete examples from the kind of workflows automation builders actually run.
What "multi-tenant" really means at the infrastructure layer
Most SaaS tools are multi-tenant by design. That is not inherently bad — it is how Gmail, Notion, and Linear work. In a multi-tenant setup, many customers share the same application process, the same database cluster, and often the same execution environment. Logical separation (your account vs. my account) is enforced in software: a WHERE user_id = ? clause, a permission check, a row-level security policy.
When that software is an automation platform, the stakes are higher than with a note-taking app.
In n8n specifically, the things that live in the database include:
- Credential records — encrypted, but stored in a shared DB alongside every other tenant's encrypted credentials.
- Execution logs — the full input/output of every node in every workflow run. That is where customer emails, form payloads, API responses, and webhook bodies land.
- Workflow definitions — your business logic, prompt templates, and data-transformation rules.
- Variables and secrets — anything you have stored for reuse across workflows.
On a shared-database host, a misconfigured row-level-security policy, a noisy-neighbor query, or a software bug in the application layer is the only thing standing between your execution logs and someone else's account. Not a separate database. Not a separate process. A query filter.
Single-tenant: one instance, one database, one login
Single-tenant means you get your own n8n instance. Own process. Own database. Own filesystem. No shared tables, no shared execution queue.
The practical consequences:
Your credentials are never co-located with another customer's. Encryption at rest still applies, but the encrypted blobs live in your database, not in a giant shared table partitioned by workspace_id.
Your execution logs are yours alone. When a webhook fires and n8n logs the full HTTP body — including a customer's name, email, or payment event — that record lives inside your instance's database, not in a pool that the hosting platform's support team can query across tenants.
Noisy neighbours cannot affect your execution queue. On a shared worker pool, a tenant with thousands of concurrent workflow runs can delay yours. On a dedicated instance, your workers serve only your workflows.
You can export everything. Because it is your n8n instance, you can export your workflows as JSON, back up the database, and migrate it anywhere n8n runs. There is no vendor-specific data format holding you in.
Where this matters most: client work and sensitive pipelines
The isolation argument becomes very concrete when you think about what automation builders actually build.
Client-facing workflows
If you are an agency running automation workflows on behalf of clients — pulling their CRM records, processing their invoices, reading their inbox — those records will appear in your n8n execution logs. On a shared host, the platform's database contains logs from every other agency customer too. A single-tenant instance means client A's execution logs are not even in the same database as client B's.
Credential sprawl
A typical n8n instance might hold credentials for Airtable, Gmail, Slack, a payment processor, a CRM, and two or three internal APIs. On a shared host, all of those credential records (encrypted) share a database with every other user's credential records. A bug in the credential isolation logic affects everyone simultaneously.
On a dedicated instance, the blast radius of any credential-isolation bug is exactly one: you.
Regulated or sensitive data categories
GDPR, HIPAA, and similar frameworks care about where personal data is stored, not just how it is displayed. If your workflows process health records, financial data, or personally identifiable information, the "it's encrypted at rest in a shared DB" argument is a harder sell to a compliance auditor than "it's in a separate database that only my application process can reach."
The self-hosted alternative — and why most people don't actually do it
The obvious answer to "I want a single-tenant instance" is to self-host n8n on a VPS. And it works — n8n is open source, the Docker image is well-maintained, and you can have a basic instance running in an hour.
But "running" is not the same as "running well and maintained":
- Upgrades — n8n releases frequently. Every upgrade requires pulling the new image, running the migration, verifying nothing broke. This is a recurring time cost.
- Reverse proxy + SSL — you need Traefik, Caddy, or nginx in front of n8n to get a real HTTPS URL. Webhook endpoints only work reliably over HTTPS.
- AI/LLM nodes — the n8n AI nodes (the LLM node, the AI Agent node, the vector store nodes) all require API keys and usually a non-trivial credit balance to test. You set them up yourself, you pay separately, and you track costs separately.
- Backups — n8n stores its data in Postgres or SQLite depending on your setup. You have to schedule your own backups and verify they actually restore.
- Reliability — if the VPS crashes at 2 AM, your workflows stop. Getting to reliable uptime on a single VPS requires work you probably did not budget for.
The economics are real: a VPS plus your own OpenAI/Anthropic API key spend plus the time cost of maintenance often adds up to more than a flat monthly subscription — especially once you price in the hours you spend on the above.
How to run your own single-tenant n8n instance on AgentRoost
AgentRoost gives every customer a completely isolated n8n instance — their own process, their own database, their own subdomain — without any of the DevOps overhead.
The actual steps:
- Sign up with email, Google, Microsoft, or Discord.
- From your dashboard, pick the n8n framework and give your instance a name.
- Your private n8n editor opens at
https://<your-id>.agentroost.app— your login, your data, no other tenant in the same database. - Open the AI Agent node or the LLM node. It already has credits loaded — no API key to paste, no OpenAI account to set up.
- Add a Webhook trigger node. The HTTPS endpoint is live immediately.
There is no step 6. No Docker, no nginx config, no SSL cert renewal, no upgrade script.
The AI/LLM credits are included in the subscription — this is the point where AgentRoost diverges from every comparable service (n8n Cloud, Elestio, Sliplane). All of them are bring-your-own-API-key. On AgentRoost, the AI nodes work out of the box, already paid for. You pick from 350+ models and switch anytime; the credit spend comes out of your plan's included allocation.
Plans start at $19.99/mo all-in — that price bundles the compute, the included AI credits, the SSL, the public webhook URL, and the upgrades. Monthly billing, cancel anytime, 14-day money-back guarantee.
Compare plans or go straight to the n8n instance page.
A quick reference
| Shared-tenant host | Self-hosted VPS | AgentRoost | |
|---|---|---|---|
| Data isolation | Logical (software) | Physical (your server) | Physical (your instance) |
| AI nodes | BYOK | BYOK | Included credits |
| Upgrades | Automatic | Manual | Automatic |
| Webhook HTTPS | Yes | You set it up | Automatic |
| Export your workflows | Usually | Yes | Yes |
| Noisy-neighbour risk | Yes | No | No |
| Setup time | Minutes | 1–2 hours | ~2 minutes |
Tips when evaluating any n8n host
Before you sign up for any n8n hosting, ask these questions:
- Is my execution database shared with other customers? If the answer is "we use row-level isolation" rather than "each customer has a separate database," you are on a multi-tenant stack.
- Who can query my execution logs? Support teams on shared-database platforms can often query execution records for debugging purposes. On a single-tenant instance, that data is not accessible from a shared admin plane.
- What happens to my data if I cancel? A platform running your n8n on a shared database may not give you a clean data export. Your own instance means you can dump the database before you go.
- Are the AI nodes wired to included credits, or do I paste my own keys? The answer changes your actual monthly cost.
Single-tenant isolation is not a premium feature — it is the baseline you should expect from any automation host that stores credentials and execution logs on your behalf.
Frequently asked questions
Is my data actually isolated on shared n8n hosting platforms?
It depends on the platform's architecture. Most shared n8n hosts use logical isolation — your data sits in the same database as other customers' data, separated by a workspace_id or similar column. A single-tenant instance (like the one AgentRoost provisions per customer) uses physical isolation: a separate database process that only your instance can reach.
Can I export my workflows and data if I want to leave?
Yes. Because AgentRoost gives you your own n8n instance, you can export all workflows as JSON directly from the n8n UI (Settings → Export) at any time. There is no proprietary format lock-in.
Do I need to bring my own OpenAI or Anthropic API key?
No. AI/LLM credits are included in every AgentRoost plan. The n8n AI Agent node and LLM node are pre-wired to your plan's included credit allocation. You choose from 350+ models and switch anytime — no external API account required.
What happens to my n8n instance if I cancel?
You have a 14-day money-back guarantee, and you can cancel at any time. Before your instance is decommissioned, export your workflows (JSON) from the n8n UI. It is good practice to do this regularly regardless of your hosting situation.
How is AgentRoost different from self-hosting n8n on a VPS?
Both give you a single-tenant instance with physical data isolation. The difference is operational: on a VPS you manage upgrades, the reverse proxy, SSL renewal, backups, and uptime monitoring yourself. AgentRoost handles all of that, and also bundles AI/LLM credits so the AI nodes work immediately without setting up a separate API account.