Flowise
Flowise copied to clipboard
Published
2 weeks ago
•
FlowiseAI
FlowiseAI
⚒️[FEATURE] Enable RBAC Controlled Secrets and Variables
Describe the feature you'd like
Enable Role-Based Access Control (RBAC) for secrets and variables in Flowise. Enable Card to Variable routing.
- A Secret card can pull a stored API Token and then be linked to an API key slot for embedding and LLM.
- A Variable card can take a common entry like vector collection/index name.
✅Tasks
- [ ] Add a new page for storing and managing these secret and variable elements
- [ ] RBAC for Global, Tenant, Organization, Team, User
- [ ] Develop components for utilizing secret and variable elements to fill in strings, prompts, and options
- [ ] Enable these components to work similarly to the card-to-card feature, but in this case, it should be card-to-variable
🎯Acceptance Criteria
- [ ] Flowise should be able to handle and manage secrets and variables securely and efficiently, reducing the need for users to manually track tokens and input them for every prompt
- [ ] The secret and variable components should function seamlessly with the existing Flowise architecture, such as integrating with the card-to-card feature.
- [ ] The new page for managing secrets and variables should be user-friendly and intuitive, allowing users to easily handle their secret and variable elements and in the future, tie into secrets managers like Vault or AWS Secrets Manager
👨💻How to contribute
Follow this guide for step by step on how to fork, commit, and submit PR.
Love the well-thought out idea!
For RBAC that can only be implemented when multi-tenant architecture is out.
However there have been requests about saving credentials so that users can save themself from entering multiple times.
Here's what I think.
1.) A Credentials/Secrets page where users can store API keys:
2.) When using in node, user can select the stored key:
3.) In future, these credentials/secrets can be enhanced with RBAC
