Node not saving dynamic credentials to cred file


I've been having issues with a Node that I've forked to try and improve and fix. The problem I'm getting is that it uses OAuth to login to a service, and while that mostly works fine, if I restart Node-Red I have to reauthenticate manually, which is a PITA.

I have decrypted my cred file to monitor this issue, and I've discovered that the latest refresh token isn't being saved to the file, it's just being kept in memory and this is the cause of thie issue.

The thing is though, I don't understand how to persist it. This is the code in question:

                Monzo.OAuth.refreshToken(clientid, secret, refreshtoken).then(({
                }) => {
                    if (access_token) {
                        console.log("[monzo] - refresh complete \nRefresh Token: " + refresh_token + "\nAccess Token: " + access_token + "\nSecret:" + secret + "\nClient id: " + clientid );
                        var credentials = {
                            client_id: clientid,
                            secret: secret,
                            token: access_token,
                            refreshtoken: refresh_token
                        RED.nodes.addCredentials(, credentials);
                    } else {
                        console.log("[monzo] - refresh failed");
                }).catch(error => {
                    console.log("[monzo] - refresh failed, needs reauthenticating - " + error + "\n\n" + JSON.stringify(error));

Is there a flag or something I need to pass in to make the credentials object, and the refresh token persistent?


I'm afraid this is a long standing gap in the credentials handling - there is an issue on the backlog for precisely this.

The addCredentials API adds it to the memory store, but requires the user to hit deploy in order to update the files. It's always been a principle that only the user can trigger an update to the flow files. For example, if they are version controlled or read-only, there's no guarantee a flow is able to write to them.
I know others have tried to come up with alternative approaches - maybe they can share what they've done.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.