What is credentialSecret and how to set with multiuser enviroment?

Hi there,

I'm testing around with NR on docker.
From the docs (Running under Docker and User Guide: Securing Node Red) I'm confused about the settings property credentialSecret.

What is that? In my understanding it isn't a user password, is a default value used by NR

I come across with the credentialSecret property by reading about user credentials and how to set these. and the docs says:

Of course you never want to hard-code credentials anywhere, so if you need to use credentials with your Node-RED project, the above Dockerfile will let you have this in your settings.js …

module.exports = { credentialSecret: process.env.NODE_RED_CREDENTIAL_SECRET // add exactly this }

…and then when you run in Docker, you add an environment variable to your run command
docker run -e "NODE_RED_CREDENTIAL_SECRET=your_secret_goes_here"

But it not show an example of a credentialSecret. I'm guessing it is a password hash as described by the docs. In that case, setting multiples users is impossible.

So my other question is:
Is possible to set multiples user throw environment variables? How so?


possible related discussions:
credentialsecret-flows-stopped-as-the-credentials-could-not-be-decrypted
how-to-set-credentialsecret-asynchronously

Node-RED is not multiuser so this isn’t really a problem :-). @hardillb did post a series recently on how to create a basic multi-user setup using Docker where each user gets their own instance.

credentialSecret is nothing to do with user authentication.

It is the key used to encrypt the flow credentials file.

Node-RED uses the adminAuth setting to configure user credentials. You would have to set it up in your settings file to get the user/password from environment variables.

https://nodered.org/docs/user-guide/runtime/securing-node-red

But as Dave says, Node-RED is not multi tenent - the runtime runs one set of flows. If you have multiple users configured, they all see the same flows.

Link to the Multi Tenant instructions:

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.