Code Execution Node
Run custom JavaScript code in your workflows.
Overview
The Code node allows you to write custom JavaScript to transform data, perform calculations, or implement custom logic that isn't available in other nodes.
Configuration
| Field | Description | Required |
|---|---|---|
Name |
A descriptive name for this code block | No |
Code |
JavaScript code to execute | Yes |
Output Variable |
Variable name to store the result | Yes |
Writing Code
The code editor supports full JavaScript with syntax highlighting. Your code should return a value that will be stored in the output variable.
Accessing Variables
Use template syntax to access variables from previous nodes:
// Access a simple variable
const data = {{api_response}};
// Access nested properties
const userName = {{user.profile.name}};
// Use in calculations
const total = {{order.items}}.reduce((sum, item) => sum + item.price, 0);
Example: Transform Data
// Access input variables
const users = {{user_list}};
// Transform data
const activeUsers = users.filter(u => u.active);
const summary = {
total: users.length,
active: activeUsers.length,
emails: activeUsers.map(u => u.email)
};
// Return the result
return summary;
Example: Data Validation
const input = {{form_data}};
// Validate required fields
if (!input.email || !input.name) {
return { valid: false, error: 'Missing required fields' };
}
// Validate email format
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(input.email)) {
return { valid: false, error: 'Invalid email format' };
}
return { valid: true, data: input };
Insert Variables
Click the Insert Variable button to insert available variables from previous nodes directly into your code.
Limitations
- Execution timeout: 30 seconds
- No external HTTP requests (use HTTP node instead)
- No file system access
- No access to browser APIs
Best Practices
- Keep code focused and simple
- Use descriptive variable names
- Add comments for complex logic
- Handle edge cases and errors
- Return structured data for easy access in subsequent nodes
Available Functions & Environment
The JavaScript environment is sandboxed but comes pre-loaded with powerful utility functions for cryptography, data transformation, and unique ID generation.
Cryptography & Signatures
| Function | Description | Example |
|---|---|---|
signMessage(msg, [privKey]) |
Signs a message using Ed25519. Returns signature & keys. | const res = signMessage("hello"); |
verifyMessage(msg, sig, pubKey) |
Verifies an Ed25519 signature. Returns true/false. |
verifyMessage(msg, sig, pubKey) |
encryptMessage(msg, [pubKey]) |
Encrypts a message using X25519 + AES-GCM. | const res = encryptMessage("secret"); |
JWT (JSON Web Tokens)
| Function | Description | Example |
|---|---|---|
jwtSign(payload, secret) |
Creates a signed HS256 JWT string. | const token = jwtSign({ sub: "123" }, "secret"); |
jwtVerify(token, secret) |
Verifies a token and returns the payload. Throws on error. | const claims = jwtVerify(token, "secret"); |
jwtDecode(token) |
Decodes a token without verification. | const claims = jwtDecode(token); |
Utilities
| Function | Description | Example |
|---|---|---|
uuid() |
Generates a random UUID v4. | const id = uuid(); |
md5(string) |
Returns MD5 hash (hex). | md5("hello") |
sha1(string) |
Returns SHA1 hash (hex). | sha1("hello") |
sha256(string) |
Returns SHA256 hash (hex). | sha256("hello") |
sha512(string) |
Returns SHA512 hash (hex). | sha512("hello") |
HMAC (Hash-based Message Authentication)
| Function | Description | Example |
|---|---|---|
hmacSHA1(data, secret) |
Computes HMAC-SHA1. Returns hex string. | hmacSHA1("message", "secret") |
hmacSHA256(data, secret) |
Computes HMAC-SHA256. Returns hex string. | hmacSHA256("message", "secret") |
hmacSHA512(data, secret) |
Computes HMAC-SHA512. Returns hex string. | hmacSHA512("message", "secret") |
Use HMAC functions to verify webhook signatures from third-party services like Twilio, Stripe, or GitHub.
// Example: Verify a Twilio webhook signature
var dataString = url + sortedParams;
var computed = hmacSHA256(dataString, authToken);
// Compare with the signature header from the request
Encoding
| Function | Description | Example |
|---|---|---|
base64Encode(str) |
Encodes string to Base64. | base64Encode("user:pass") |
base64Decode(str) |
Decodes Base64 string. | base64Decode("dXNlcjpwYXNz") |
hexEncode(str) |
Encodes string to Hex. | hexEncode("hello") |
hexDecode(str) |
Decodes Hex string. | hexDecode("68656c6c6f") |
urlEncode(str) |
URL-encodes a string. | urlEncode("search & find") |
urlDecode(str) |
Decodes a URL-encoded string. | urlDecode("search+%26+find") |
Password Hashing (Bcrypt)
| Function | Description | Example |
|---|---|---|
bcryptHash(password) |
Hashes a password using Bcrypt (cost 10). | const hash = bcryptHash("mypassword"); |
bcryptVerify(password, hash) |
Verifies a password against a hash. Returns true/false. |
bcryptVerify("mypassword", hash) |
Input & Variables
inputs: Access node-specific inputs defined in the node configuration.variables: Access global flow variables.variables._trigger: Contains metadata about the workflow trigger (method, IP, headers).variables._rawBody: The raw string body of the trigger request (crucial for signature verification).