Hello colleagues - I was trying to implement SSO for my Node-RED instances. I was able to enable SSO for the editor, but not for the dashboard. Is there a way to set up SSO for the dashboard as well?
Welcome to the forum.
My own recommendation is to always do SSO outside of Node-RED where you can use tried-and-trusted, battle-proven tools. The most common approach is to use a proxy in front of Node-RED (a common architectural approach for all micro-services) and to use an IdM tool integration.
You should also note that, unless you take explicit precautions, your Node-RED instances settings.js file is generally always writable from within Node-RED. This can, of course, be a serious security weakness. All of this can be avoided by moving IdM outside which will likely give you other benefits as well.
D2 (and UIBUILDER) supports some standard HTTP headers from common IdM tools. Again though, remember that D2 is a single-page app (SPA) so if you are trying to protect "page" content, make sure that it isn't lurking in memory somewhere. D2 "pages" are NOT separate HTML pages.
