FR: a way to have variables available to flows\nodes without the value being visible as text

[SynoUser-NL]

Description

Use case:
we have different people working on flows, for some of which they need access to resource credentials. For some credentials it is not desirable to have these generally available.
For this, a system like in Powershell where you can store credentials in an object and save and recall that object for later or other use and the password is protected, would be helpful.

Difficulty here is that the people working on flows are (and need to be) FF Admins as well. So there would need to be a kind of system where an admin could define credentials or a string, (for API keys or bearer tokens, or just a password) which can then be used by all admins in a team in flows. This "protected" string would then not ever reveal its content in a user interface (debug messages, on screen dashboards, etc,).

Also see:
https://discourse.nodered.org/t/managing-secrets-in-flowfuse/87786/10

Which customers would this be available to

Enterprise Tier Only (EE)

Have you provided an initial effort estimate for this issue?

I am not a FlowFuse team member

[knolleary]

This is quite a hard problem to solve; it would require a whole new mechanism inside Node-RED itself and I'm not sure what that would look like.

The problem comes down to how these values would get used inside Node-RED.

Ultimately, these values need to be accessed by the Nodes so they can be used. So there will need to be an API available for Nodes to retrieve the values. With that API, anyone could write a node that grabs the value and attaches it to a msg - at which point we no longer have any control over what happens with that value.

Whilst this issue is pitched as a possible solution to a problem, I think we may want to think about the problem some more to see if there are alternative approaches to address it.