node-red - Node Credentials

thechane picture thechane · Jan 15, 2018 · Viewed 8.1k times · Source

Within a node-red flow I have a CassandraDatabase node with a user and pass. When I export the flow these credentials are not contained in the json, instead a flows_cred.json file appears with an encrypted string:

{"$": "df28.......

... however if I copy this file out and try to bring up my node-red instance elsewhere I get the following at startup:

[warn] Error loading credentials: SyntaxError: Unexpected token � in JSON at position 0

... followed by a repeating "AuthenticationError: Authentication provider not set", message. Indeed the credentials have not been picked up by the node-red flow and so I must input manually again.

Anyone know the trick to allowing me to export the credentials successfully?

Answer

knolleary picture knolleary · Jan 15, 2018

The credentials file (flows_cred.json) is encrypted by default to ensure its contents cannot be easily read.

Node-RED generates a random key for the encryption if you do not provide one in your settings file. If the second instance of Node-RED doesn't have the same encryption key, it won't be able to decrypt the file.

Here are the steps you need to resolve this.

  1. edit your settings.js file and add a credentialSecret property with a whatever string value you want. If you want to disable encryption, set its value to false.

    credentialSecret: "my-random-string"
    
  2. Restart Node-RED and deploy a change - this will trigger Node-RED to re-encrypt your credentials with your chosen key (or disabling encryption if set to false).

  3. You can then copy your flow/credential file to a second instance, just make sure you give it the same credentialSecret value in its settings file.

Note that once you set credentialSecret you cannot change its value.