Thanks to someone answering my question on StackOverflow, this access issue is easily resolved.
Prohibit Anonymous Access to NodeRed Flow Editor
– In your Bluemix Dashboard, click on your NodeRed Application Icon to be taken to the Application Dashboard Page.
– In the left menu, click on “Environment Variables“.
– In the Body Window towards the top, click on the “USER-DEFINED” tab.
– Create a variable with the name “NODE_RED_USERNAME” and a value of “e.g. admin”.
– Create a variable with the name “NODE_RED_PASSWORD” and a value of “e.g. password”.
– Click on “Save“.
Your NodeRed Application should restart automatically on “Save“. but in case it didn’t work, manually restart your application. Once restarted you will be prompted for a username and password before being able to access the Flow Editor. What’s great is your services created in NodeRed are still publicly available.
Cheers for now