What is credentialSecret and how to set with multiuser enviroment?

janainascal · 31 October 2020 12:32

Hi there,

I'm testing around with NR on docker.
From the docs (Running under Docker and User Guide: Securing Node Red) I'm confused about the settings property credentialSecret.

What is that? In my understanding it isn't a user password, is a default value used by NR

I come across with the credentialSecret property by reading about user credentials and how to set these. and the docs says:

Of course you never want to hard-code credentials anywhere, so if you need to use credentials with your Node-RED project, the above Dockerfile will let you have this in your settings.js …

module.exports = { credentialSecret: process.env.NODE_RED_CREDENTIAL_SECRET // add exactly this }

…and then when you run in Docker, you add an environment variable to your run command
docker run -e "NODE_RED_CREDENTIAL_SECRET=your_secret_goes_here"

But it not show an example of a credentialSecret. I'm guessing it is a password hash as described by the docs. In that case, setting multiples users is impossible.

So my other question is:
Is possible to set multiples user throw environment variables? How so?

possible related discussions:
credentialsecret-flows-stopped-as-the-credentials-could-not-be-decrypted
how-to-set-credentialsecret-asynchronously

dceejay · 31 October 2020 13:11

Node-RED is not multiuser so this isn’t really a problem :-). @hardillb did post a series recently on how to create a basic multi-user setup using Docker where each user gets their own instance.

knolleary · 31 October 2020 13:22

credentialSecret is nothing to do with user authentication.

It is the key used to encrypt the flow credentials file.

Node-RED uses the adminAuth setting to configure user credentials. You would have to set it up in your settings file to get the user/password from environment variables.

https://nodered.org/docs/user-guide/runtime/securing-node-red

But as Dave says, Node-RED is not multi tenent - the runtime runs one set of flows. If you have multiple users configured, they all see the same flows.

hardillb · 31 October 2020 14:04

Link to the Multi Tenant instructions:

system · 30 December 2020 14:04

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is a flows_cred.json created on one node-RED instance valid for a different node-RED instance too? General docker	2	152	19 January 2023
[Solved] credentialSecret, flows stopped as the credentials could not be decrypted General	11	10122	1 April 2020
Where to store plain-text credentials in a container volume when `credentialSecret` is set for multiple node-RED instances? General	1	94	26 May 2023
Can we pass username, password and permissions as an enviornment variable at run time of docker node-red instance? General security , docker	5	139	4 April 2023
Moving cred files from one env to other General	12	389	16 September 2022

What is credentialSecret and how to set with multiuser enviroment?

Related Topics