Export/Import Security Credentials


#1

Problem Statement:
Current export functionality removes all security/setup values for certain nodes (ie Azure Blob Storage) making it difficult to maintain and share across multiple deployed applications.

Feature Request:
Provide an option that would allow export/import functionality of nodes that contain credentials.


#2

We have no plans to provide an api that allows secure credentials to be exported from the editor. If we did that, then anyone with access to the editor would be able to see all of the credentials. That would be a massive security issue.

The only way we'd consider this would be if we can find a way of approaching it that minimises the risk.


#3

Anyone with editor access already can see the credentials by double clicking on the node? I must be missing your point. I am not asking for an API that would unencrypt the _cred file, I just want a way that I can share a common set of flows to multiple applications. For example, I am building an application that I want to deploy to 100's or distinct PI's. How am I supposed to do this without having to edit everyone of them and type back in all of the settings and credentials?


#4

No they can't - the ******* that you see in the browser is not a disguised version of the password (or whatever) it's just a visual representation that you have filled something in... so cutting and pasting it won't help. The credentials only go from front to backend once on entry (or they do on nodes that are coded correctly).


#5

Hmm...not based upon the nodes that I am using. See attached.


#6

Looking at the blob storage node you are using, they have defined the inputs as text inputs rather than password inputs - so they are showing the value rather than hiding it. That's a bug with the node.

If you save the changes, deploy then reload the editor and re-open the edit dialog, you should see the values have all been replaced with __PWRD__ - which is the placeholder Dave mentioned in his reply.


#7

I purposely took a screen shot after deploy and reload. Every field in here gets removed when I try and export. Is this determined by the Node developer? Regardless, do you understand my request. If I want to deploy this to 100 different areas, I need to touch everyone to manually to add the information back in?


#8

I'm not sure, but doesn't it work if you copy the credentials file as well ?


#9

As Nick said - if they chose not to set at least the key as a password type field then I would call that a bug - but it's their choice.