In NR v.3.1.0 is it possible to limit a specific user to use (view/execute) only a single flow?
Not a single flow, permissions are currently global.
I think foundations are being laid bit by bit for that level of control.
1 Like
You can do it if you set up a node-red instance for each user. 
1 Like
Yes, I know but it's not very convenient... 
1 Like
If you really need this, then having a docker container per user proxied by traefik for authentication is an option.
It may look like a sledgehammer to kill a fly, but, that's doable.
Time to brush up on your automation skills? 
Can probably automate it though 
Actually, it's not for me but for a friend of mine. And I'm very lazy! 
In the end I solved it like this.
What he needed was to have just one flow run by another person, so I set up an http-in call for him, with a secret code in the url, to be detected by NR in msg.req.params.loc. He was happy, and I was happier.
1 Like
Ah, that was the missing info. Yes, a much simpler approach.
If you need to extend in the future, I'd recommend using a reverse proxy such as NGINX and then you can easily password protect individual URL's and even add network restrictions, allow GitHub logins and much more. Or, if doing it over the Internet, use ZeroTier or Cloudflare Zero Trust.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
