Content: Enhancing Node-RED Application Security with Bearer Token Authentication

MarianRaphael commented 8 months ago

Original Issue

https://github.com/FlowFuse/flowfuse/issues/2964

Description

The primary goal of this content is to demonstrate the practical application of Bearer token authentication within a Node-RED environment, specifically utilizing the FlowFuse authentication mechanism (FF-Auth). This demonstration will highlight the enhanced security benefits and provide users with a guide to implementing this feature in their setups.

Key Points to Cover

Introduction to Bearer Token Authentication
Demo a Node-RED Instance with FF-Auth enabled and request API access with a Bearer token
Highlighting Security Improvements
Best Practices

Demo

https://flowforgeworkspace.slack.com/archives/C04GW82DJFK/p1709303691835359

Expected Live date

March 14th

Content timeline

Week of March 18th

gdziuba commented 8 months ago

Machine to machine communication. Instead of creating a user to authenticate you can create a unique token to communicate between a machine and Node-RED/FF.

"Improve machine to NR authentication" "Securely display information with bearer authentication"

gdziuba commented 8 months ago

@Hasmin-AC @MarianRaphael

https://github.com/FlowFuse/website/assets/8887166/5ed8ad66-a887-469a-bda8-0e9b231829c0

Hasmin-AC commented 8 months ago

can we get a written version of this as well as a blog?

gdziuba commented 8 months ago

@Hasmin-AC Yes. I will work on that.

FlowFuse / website