This article provides a complete, practical walkthrough of the Splitout Schedule Create Webhook n8n agent. It connects HTTP Request, Webhook across approximately 1 node(s). Expect a Intermediate setup in 15-45 minutes. One‑time purchase: €29.

What This Agent Does

This agent orchestrates a reliable automation between HTTP Request, Webhook, handling triggers, data enrichment, and delivery with guardrails for errors and rate limits.

It streamlines multi‑step processes that would otherwise require manual exports, spreadsheet cleanup, and repeated API requests. By centralizing logic in n8n, it reduces context switching, lowers error rates, and ensures consistent results across teams.

Typical outcomes include faster lead handoffs, automated notifications, accurate data synchronization, and better visibility via execution logs and optional Slack/Email alerts.

How It Works

The workflow uses standard n8n building blocks like Webhook or Schedule triggers, HTTP Request for API calls, and control nodes (IF, Merge, Set) to validate inputs, branch on conditions, and format outputs. Retries and timeouts improve resilience, while credentials keep secrets safe.

Third‑Party Integrations

• HTTP Request
• Webhook

Import and Use in n8n

1. Open n8n and create a new workflow or collection.
2. Choose Import from File or Paste JSON.
3. Paste the JSON below, then click Import.
4. Show n8n JSON

   Title:  
   Automated Breach Detection: Monitor New Data Breaches with n8n and Have I Been Pwned
   
   Meta Description:  
   Learn how to automate breach detection using an n8n workflow that monitors Have I Been Pwned for new breaches, caches results, and sends alerts when new incidents are published.
   
   Keywords:  
   n8n workflow, Have I Been Pwned, data breach alert, latest breach API, automated security monitoring, breach detection, workflow automation, n8n tutorial, JSON file cache, API monitoring, cybersecurity automation
   
   Third-Party APIs Used:
   - Have I Been Pwned API (https://haveibeenpwned.com/api/v3/latestbreach)
   
   —
   
   Article:
   
   Automated Breach Detection with n8n: How to Monitor New Data Breaches Using Have I Been Pwned API
   
   In a world where data breaches are unsettlingly common, staying informed about newly disclosed breaches is a vital part of personal security and IT hygiene. Fortunately, automation tools like n8n make it easier than ever to build powerful, no-code workflows that keep you informed in real-time.
   
   In this article, we’ll explore an n8n workflow that monitors the Have I Been Pwned (HIBP) API for new breach announcements and automatically triggers alerts when it detects something new. This is a perfect introduction to real-world automation involving REST APIs, local file caching, and conditional logic—all without writing a single line of code.
   
   🛠️ What the Workflow Does
   
   This n8n workflow runs every 15 minutes and queries the HIBP API’s /latestbreach endpoint—an API that returns information on the most recently added data breach. It compares this result with a locally cached value stored in a JSON file. If a new breach is detected (i.e., it’s different from the one previously recorded), the workflow logs the new breach and triggers a placeholder node where you can integrate further actions, such as sending a message to Slack or Discord.
   
   Let’s explore how each part of this workflow operates:
   
   ⏱ Step 1: Periodic Trigger
   
   A Schedule Trigger node kicks off the entire process every 15 minutes. It ensures the workflow runs frequently enough to catch new breaches as soon as they’re added to the HIBP database.
   
   🌐 Step 2: Query the Have I Been Pwned API
   
   The HTTP Request node calls https://haveibeenpwned.com/api/v3/latestbreach. This endpoint returns detailed information about the newest data breach indexed by HIBP.
   
   🧠 Step 3: Load and Parse Cached Data
   
   The next few nodes read a local file named cache.json, which stores the name of the most recent breach the workflow has already detected or alerted on. If the file is empty (which can occur on the first run), the workflow sets a default value of “none.”
   
   🟨 Step 4: Compare the Old and the New
   
   A comparison is made between the current breach returned by the API and the cached breach name. If there’s a mismatch, it means a new breach has occurred. The workflow then continues down the “true” path to handle the new alert.
   
   If the names match, the workflow concludes on the “false” path, noting that the breach has already been seen and logged.
   
   🔔 Step 5: Trigger Alerts
   
   When a new breach is detected, the workflow continues through a “New breach” node, giving you the opportunity to plug in an alerting mechanism—send a notification to Slack, ping a Discord channel, or log the event to a dashboard.
   
   📝 Step 6: Update the Cache
   
   The workflow updates cache.json with the name of the most recent breach to prevent redundant alerts in future runs. This caching mechanism allows stateless APIs to be used in a stateful way through clever, simple file handling.
   
   🧹 Optional: Reset the Cache
   
   There’s also a manual trigger node that you can use to test the workflow or reset the cache. By doing so, you can simulate conditions as though a new breach has just occurred—handy for debugging or demos.
   
   📄 Sticky Notes for Guidance
   
   The workflow includes a handful of helpful sticky notes within the n8n canvas to guide anyone reviewing or customizing it. They explain key logical branches like:
   
   - Determining whether a file was empty
   - Recognizing when an old breach reoccurs
   - Taking action on newly discovered breaches
   - The purpose and function of the cache file
   
   🎯 Extending the Workflow
   
   This proof-of-concept is a great foundation to build upon. Possible extensions include:
   
   - Sending messages to Slack, Microsoft Teams, or Discord
   - Logging breach details into a Google Sheet
   - Emailing IT security teams
   - Recording breach metadata in a database
   
   All these integrations are easily supported through n8n’s vast collection of built-in nodes and third-party connectors.
   
   ❤️ Created by the Community
   
   This workflow was designed by Audun (aka xqus), a valued member of the n8n community who offers a wide variety of automation resources through his Gumroad shop and personal website. You can explore and support his work at:
   
   - Personal Site: [xqus.com](https://xqus.com)  
   - n8n Resources & Shop: [xqus.gumroad.com](https://xqus.gumroad.com)
   
   🚀 Final Thoughts
   
   Whether you're an individual looking to stay ahead of security threats or an IT professional looking to automate breach monitoring across your organization, this workflow offers a simple yet powerful way to stay alert. By leveraging the HIBP API and a bit of n8n magic, you can create an automated breach detection system in under an hour—with little more than drag-and-drop logic.
   
   If you're new to n8n, this workflow is an ideal starting point that introduces you to many integral features: scheduled triggers, file-based persistence, conditional branching, and real-world API integration.
   
   Give it a spin—and never miss a breach again.
   
   — By your AI automation assistant.

5. Set credentials for each API node (keys, OAuth) in Credentials.
6. Run a test via Execute Workflow. Inspect Run Data, then adjust parameters.
7. Enable the workflow to run on schedule, webhook, or triggers as configured.

Tips: keep secrets in credentials, add retries and timeouts on HTTP nodes, implement error notifications, and paginate large API fetches.

Validation: use IF/Code nodes to sanitize inputs and guard against empty payloads.

Why Automate This with AI Agents

AI‑assisted automations offload repetitive, error‑prone tasks to a predictable workflow. Instead of manual copy‑paste and ad‑hoc scripts, your team gets a governed pipeline with versioned state, auditability, and observable runs.

n8n’s node graph makes data flow transparent while AI‑powered enrichment (classification, extraction, summarization) boosts throughput and consistency. Teams reclaim time, reduce operational costs, and standardize best practices without sacrificing flexibility.

Compared to one‑off integrations, an AI agent is easier to extend: swap APIs, add filters, or bolt on notifications without rewriting everything. You get reliability, control, and a faster path from idea to production.

Best Practices

• Credentials: restrict scopes and rotate tokens regularly.
• Resilience: configure retries, timeouts, and backoff for API nodes.
• Data Quality: validate inputs; normalize fields early to reduce downstream branching.
• Performance: batch records and paginate for large datasets.
• Observability: add failure alerts (Email/Slack) and persistent logs for auditing.
• Security: avoid sensitive data in logs; use environment variables and n8n credentials.

FAQs

Can I swap integrations later? Yes. Replace or add nodes and re‑map fields without rebuilding the whole flow.

How do I monitor failures? Use Execution logs and add notifications on the Error Trigger path.

Does it scale? Use queues, batching, and sub‑workflows to split responsibilities and control load.

Is my data safe? Keep secrets in Credentials, restrict token scopes, and review access logs.