Authentication Context Within Flows

I’m running into an issue w/ basic Node-Red so I’m wondering if Flow Forge actually can help with this instead. Context:

  • I have JSON data coming from a data source with tags filtered by roles. I.e., role A can only see tags X, Y, Z and role B can see tags A, B, C.
  • I want to write a function to let the user in the logged in role to only see tags they want to see.

I tried testing this out with just the OOB user login (not roles) but then quickly realized that the authentication in mechanism in Node Red does not have access to the flows context so the flows don’t know whose logged in. Is there a way, within a flow, to view the logged in user via Flow Forge?

Also, is there a better approach? Is there a way to do this on a global level?

No, while you can apply FlowForge Authentication to HTTP endpoints implemented in Node-RED all this does is apply oAuth based authentication requiring the client to login using their FlowForge credentials, it does not expose that information to the flow.

Flows have no concept of who is interacting with them.

1 Like