What is credentialSecret and how to set with multiuser enviroment?

janainascal · 31 October 2020 12:32

Hi there,

I'm testing around with NR on docker.
From the docs (Running under Docker and User Guide: Securing Node Red) I'm confused about the settings property credentialSecret.

What is that? In my understanding it isn't a user password, is a default value used by NR

I come across with the credentialSecret property by reading about user credentials and how to set these. and the docs says:

Of course you never want to hard-code credentials anywhere, so if you need to use credentials with your Node-RED project, the above Dockerfile will let you have this in your settings.js …

module.exports = { credentialSecret: process.env.NODE_RED_CREDENTIAL_SECRET // add exactly this }

…and then when you run in Docker, you add an environment variable to your run command
docker run -e "NODE_RED_CREDENTIAL_SECRET=your_secret_goes_here"

But it not show an example of a credentialSecret. I'm guessing it is a password hash as described by the docs. In that case, setting multiples users is impossible.

So my other question is:
Is possible to set multiples user throw environment variables? How so?

possible related discussions:
credentialsecret-flows-stopped-as-the-credentials-could-not-be-decrypted
how-to-set-credentialsecret-asynchronously

dceejay · 31 October 2020 13:11

Node-RED is not multiuser so this isn’t really a problem :-). @hardillb did post a series recently on how to create a basic multi-user setup using Docker where each user gets their own instance.

knolleary · 31 October 2020 13:22

credentialSecret is nothing to do with user authentication.

It is the key used to encrypt the flow credentials file.

Node-RED uses the adminAuth setting to configure user credentials. You would have to set it up in your settings file to get the user/password from environment variables.

https://nodered.org/docs/user-guide/runtime/securing-node-red

But as Dave says, Node-RED is not multi tenent - the runtime runs one set of flows. If you have multiple users configured, they all see the same flows.

hardillb · 31 October 2020 14:04

Link to the Multi Tenant instructions:

system · 30 December 2020 14:04

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is a flows_cred.json created on one node-RED instance valid for a different node-RED instance too? General docker	2	174	19 January 2023
[Solved] credentialSecret, flows stopped as the credentials could not be decrypted General	11	11988	1 April 2020
Where to store plain-text credentials in a container volume when `credentialSecret` is set for multiple node-RED instances? General	1	116	26 May 2023
Can we pass username, password and permissions as an enviornment variable at run time of docker node-red instance? General security , docker	5	168	4 April 2023
Support for .env files? or other ways to store and load secrets? General security	15	111	21 November 2024

What is credentialSecret and how to set with multiuser enviroment?

Related topics