In NR v.3.1.0 is it possible to limit a specific user to use (view/execute) only a single flow?
Not a single flow, permissions are currently global.
I think foundations are being laid bit by bit for that level of control.
You can do it if you set up a node-red instance for each user.
Yes, I know but it's not very convenient...
If you really need this, then having a docker container per user proxied by traefik for authentication is an option.
It may look like a sledgehammer to kill a fly, but, that's doable.
Time to brush up on your automation skills?
Can probably automate it though
Actually, it's not for me but for a friend of mine. And I'm very lazy!
In the end I solved it like this.
What he needed was to have just one flow run by another person, so I set up an
http-in call for him, with a secret code in the url, to be detected by NR in
msg.req.params.loc. He was happy, and I was happier.
Ah, that was the missing info. Yes, a much simpler approach.
If you need to extend in the future, I'd recommend using a reverse proxy such as NGINX and then you can easily password protect individual URL's and even add network restrictions, allow GitHub logins and much more. Or, if doing it over the Internet, use ZeroTier or Cloudflare Zero Trust.