Email login/password setup

configuring userid and password via environmental variables works fine....for a while, when they just disappear from email node. Only applying then manually (using environment format) would restart the authentication process.

tried then 'node-red-node-email-variable' that allegedly allows sensing userid and password, but has not worked for me



What do you mean by disappear ? The flow won’t change unless you edit it.

That is the thing, those two fields, 'Userid' and 'Password' all of the sudden show up empty.

the uniqueness of my case is that they don't contain strings (hidden behind dots in 'Password') but referencing environmental variables, sort of ${EMAIL_USERID} or ${EMAIL_PASSWORD}

Did you copy and paste the node, or something like that. Move it to a different tab for example?

If not that then possibly you accidentally changed the credential secret.

Well, this is server we run on a daily basis and is under constant development.

That happens every single time I launch the container. It not like accidentally, happens always.

btw, I have the development instance plus another testing platform for email only.

In the latter I I am trying 'node-red-node-email-variable (node) - Node-RED' that allegedly allows passing userid + password. But is not working. That is my second failing scenario


Check the node red log on initial startup after container launch and see if there is anything there about the credentials.

How have you specified the credential secret?

Also, I should have asked earlier, do you lose credentials in all nodes that have credentials (if there are any) or is the email node the only one?

1 Like

been monitoring for a while in two instances

at some moment credentials are gone

they are passes during building the docker container as ENV variables, sort of
EMAIL_PASSWORD=abababababa56r! \

then inserted in the node as

still they vanished are email node stops rightly authenticating

curiously in the flows.json the email node looks as

    "id": "2f451839a5dcbe7f",
    "type": "e-mail",
    "z": "fce1fe3f02b694d8",
    "server": "${EMAIL_SERVER}",
    "port": "${EMAIL_PORT}",
    "secure": true,
    "tls": true,
    "name": "${TO_EMAIL}",
    "dname": "Email sender",
    "output": false,
    "outputs": 0,
    "x": 770,
    "y": 2960,
    "wires": []

'user_id' and 'password' are not part of node description...

"they are passes" =>"they are passed while building docker container"
"still they vanished are email node stops rightly authenticating" = > "still they vanish AND email node stops ..."

Well I guess you are not only restarting the container but recreating the container. Probably that destroys the environment variable. How do you define it?

Not exactly. Container is created then deployed.

Once deployed and functional, at some point, randomly, the email node loses the authentication information (email account and password) and from that point, mail delivery fails

I need to reenter again user+password...using the original values or the environment reference ${EMAIL_USERID} and ${EMAIL_PASSWORD}

It is about the email node losing that piece of the configuration only

Are you absolutely certain that it does not get recreated in the meantime?
What do you see in the node-red log between when it works and when it doesn't?
You could add some nodes monitoring the env vars to find out exactly when they disappear so that you can home in on the right time in the log.

I assume to make anything meaningful out of it you should get some logs or investigate to get more details.

I am using the node with IMAP and gmail and the credentials are in there for way over a year now.

Are you using Oauth? Maybe the token expires?
What is the timespan between the node loosing credentials?
Did you check if the credentials vanish if you put them in there directly? (If you are allowed to test this.)
Once the credentials vanish, did you open a shell to the container and check if the env is still there?

Are You using a docker nodered container?

about the env presistence.

yes, they are there. I have this node to print out current env variables.

Curiously, when i reenter the env references (${EMAIL_USERID} and ${EMAIL_PASSWORD}), the email node start working again. That happens by restarting the changed node (email) inside nodered. Even if I restarted the whole nodered flows, it does not restart the docker container

Now, this is very telling
"id": "2f451839a5dcbe7f",
"type": "e-mail",
"z": "fce1fe3f02b694d8",
"server": "${EMAIL_SERVER}",
"port": "${EMAIL_PORT}",
"secure": true,
"tls": true,
"name": "${TO_EMAIL}",
"dname": "Email sender",
"output": false,
"outputs": 0,
"x": 770,
"y": 2960,

this is node description just after adding again ${EMAIL_USERID} and ${EMAIL_PASSWORD}

how do You inject user_id and password?

:+1: I run node-red in docker only. Its so easy to test things... Few clicks and a fresh node-red instance is created from a template.

Just gave it a whirl and for me this seems to work.

version: '3'

    image: nodered/node-red
      - TZ=Europe/Berlin
      - EMAIL_USER=${env_EMAIL_USER}
      - 1880
    restart: always #unless-stopped
      com.centurylinklabs.watchtower.enable: "true"

Inside the container both environment variables are defined.

The node criteria only defines some criteria because I do not want to retrieve hundreds of messages for every click. :slight_smile:

This survived redeployment in node-red and even stopping and starting of the container.

And yes it is true, that both user and password are not exported. Guess that is even a good thing.

        "id": "21edb18484a2380e",
        "type": "e-mail in",
        "z": "f6f2187d.f17ca8",
        "name": "",
        "protocol": "IMAP",
        "server": "",
        "useSSL": true,
        "autotls": "required",
        "port": "993",
        "authtype": "BASIC",
        "saslformat": true,
        "token": "oauth2Response.access_token",
        "box": "wss_export",
        "disposition": "None",
        "criteria": "_msg_",
        "repeat": "300",
        "fetch": "trigger",
        "inputs": 1,
        "x": 870,
        "y": 260,
        "wires": [

Thanks!!, very interesting.

See You are using Docker Composer. Since I did not find a path from docker container, to docker composer .yaml to kubernetes, I skipped the Composer step.

Maybe Composer adds some minor architectural changes, but now I believe the problem is somewhere else.

First, I cannot find a reason that having ${EMAIL_PASSWORD} in the flow.json file would open a security hole.

Here is my development cycle. I use git for version control. After any changes, I download flow.json into my desktop, and using Visual Studio push it to git repository. On whatever linux instance will use, pull the code from the git repository (various Dockefile versions, flow.json, package.json, server.js and setting.js)

Then build the container file using the right Dockerfile and lunch it in docker. If ${EMAIL_USERID} and ${EMAIL_PASSWORD} are missed in flow.json, no way it can be applied to new container.

Then, there is this package

that allegedly configure the email node by feeding configuration parameter into the input. It never worked for me :frowning:

I will look carefully into the whole code flow, to validate if it fails upon uploading a new version.

Will try IMAP as well.

Again, Thank You!!, your experience is very important to me

Provided you include the credentials file in the repo (and set the encryption password by some appropriate means) then it will work. The same would apply, for example, to MQTT security details and so on.

I pass credentials in 2 other cases: MQTT and Postgresql

In Both cases are passed as environment variables into 'configuration nodes'. But Email is not a configuration node.

I use the Dockerfile to pass environment variable like
ENV DB_NAME=db_username

For instance, right from 'flows.json':

"id": "5925e1f25d39f49d",
"type": "postgreSQLConfig",
"name": "RDS-Development R/O",
"host": "${DB_RO_HOST}",
"hostFieldType": "str",
"port": "5432",
"portFieldType": "num",
"database": "${DB_NAME}",
"databaseFieldType": "str",
"ssl": "false",
"sslFieldType": "bool",
"max": "10",
"maxFieldType": "num",
"min": "",
"minFieldType": "",
"idle": "1000",
"idleFieldType": "num",
"connectionTimeout": "10000",
"connectionTimeoutFieldType": "num",
"user": "${DB_USER}",
"userFieldType": "str",
"password": "${DB_PASSWORD}",
"passwordFieldType": "str"

I don't use local volumes in docker host as a persistent media, just where that data would remain stored upon restarting or launching a new node-red container. The reason is to facilitate deploying the migration to kubernetes. I did not find a way to migrate persistent volumes from docker to kubernetes.

I am sorry, I know I am missing something here, but trying to figure out what the missing link is. Thank You!!!