Hello,
I'm setting up a user authenticator for Node-RED that uses the authAdmin and a user-authentication.js module. When authenticating, I'm passing username and password to an external identity provider to verify the credentials. In addition to username and password, I would need to ask the user to enter a MFA code when needed. How can I have a prompt/dialog to have an input field for the user to enter the code?
Thanks
How are you asking the user for their id/pw?
Through the regular NodeRED login screen, but I'm checking for authentication/authorization with a custom function passed to adminAuth similar to the instructions here:
https://nodered.org/docs/user-guide/runtime/securing-node-red#custom-user-authentication
@mahmoudp is it a public service you're trying to connect to? Can you share more details?
There's no way to prompt the user for an MFA code via the credentials auth scheme. It might be possible using the passport-strategy option - depending on the specific details of the service you are using.
@knolleary absolutely, I'm trying to authenticate multiple servers through our user pool in AWS Cognito.
As for a passport-strategy, I have tried OAuth2 with passport and everything works great. However, since I'll be having many of these NodeRED servers (with different host/dns configurations), I would need to automate registering OAuth2 callback urls in Cognito when spinning up the servers and Cognito supports only a limited number of apps and callback-urls.
If there's no simple option to add MFA to the default (credentials) authentication scheme, do you know of any other passport-strategy that could solve this?
A quick search shows a number of possibilities that I'm afraid you will need to wade through. If your MFA uses TOTP, it may be relatively straight forward. However, I'm not familiar with AWS MFA I'm afraid.
Sounds good, I'll see if there's any possible solution in Passport for this purpose.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy