Is it a standard feature that when a flow is exported the credentials within them are not available in the exported JSON file?

I have a subflow which encapsulates a MySQL node. I have added the credentials to them via subflow environment variables i.e., user enters them by clicking on the subflow node and this information is resolved using $(<env_var_in_ui).

An interesting observation was the fact that upon exporting the flow, I observed that the necessary key credentials is not available.

I conducted a test for a simple flow with mysql (without subflows) and this also seems to be case there.

The only explanation I can come up with is maybe for security reasons where the plain-text password SHOULD NOT be made available.

Is this really the case?


Node-RED 2.2.2 using Docker

I think I have found the solution.

Node-RED will store the relevant credentials in the flows_cred.json and depending on the credentialSecret setting set in the settings.js the file will contain the ID and the password either in:

  • credentialSecret -> true encrypted manner
  • credentialSecret -> false in plain-text JSON

So maybe when exporting, the information is somehow packed into a respective ID.

NOTE: assuming you have not changed the flows_cred.json file this information should be available when importing the exported flows.

The editor doesn't have access to the credentials once they have been set. You cannot export them from the editor.

There have been various discussions about how best to allow the editor to export a flow that includes credentials - in a way that doesn't expose the credentials for anyone to access. There isn't a specific plan for it yet however.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.