github-starred/ollama
2
0
Fork 0
mirror of https://github.com/ollama/ollama.git synced 2026-05-07 08:30:05 -05:00
Code Issues 14.5k Packages Projects Releases 120 Wiki Activity

[GH-ISSUE #8536] Support for API_KEY based authentication #31266

New Issue
Closed
opened 2026-04-22 11:34:18 -05:00 by GiteaMirror · 14 comments
GiteaMirror commented 2026-04-22 11:34:18 -05:00
Owner
Copy Link

Originally created by @matthiasgeihs on GitHub (Jan 22, 2025).
Original GitHub issue: https://github.com/ollama/ollama/issues/8536

Would be great if Ollama server would support some basic level API_KEY-based authentication.

Use case: Chrome browser extensions cannot use ollama out of the box because of CORS restrictions. Ollama will reject requests from these origins (see also https://github.com/ollama/ollama/issues/3571). Would be great if ollama had API_KEY based authentication to solve this issue without requiring the user to manually start ollama with OLLAMA_ORIGINS.

Originally created by @matthiasgeihs on GitHub (Jan 22, 2025). Original GitHub issue: https://github.com/ollama/ollama/issues/8536 Would be great if Ollama server would support some basic level API_KEY-based authentication. Use case: Chrome browser extensions cannot use ollama out of the box because of CORS restrictions. Ollama will reject requests from these origins (see also https://github.com/ollama/ollama/issues/3571). Would be great if ollama had API_KEY based authentication to solve this issue without requiring the user to manually start ollama with `OLLAMA_ORIGINS`.
GiteaMirror added the feature request label 2026-04-22 11:34:18 -05:00
GiteaMirror commented 2026-04-22 11:34:21 -05:00
Author
Owner
Copy Link

@rick-github commented on GitHub (Jan 22, 2025):

The usual suggestion is to use a proxy that implements access controls, eg ollama_proxy_server or nginx.

services:
  ollama-backend:
    image: ollama/ollama:${OLLAMA_DOCKER_TAG-latest}
    volumes:
      - ${OLLAMA_MODELS-./ollama}:/root/.ollama
    environment:
      - OLLAMA_KEEP_ALIVE=${OLLAMA_KEEP_ALIVE--1}
      - OLLAMA_DEBUG=${OLLAMA_DEBUG-1}

  ollama-frontend:
    image: nginx-acl
    build:
      dockerfile_inline: |
        FROM nginx:latest
        RUN cat > /etc/nginx/conf.d/default.conf <<"EOF"
        map $$http_x_api_key $$valid_key {
          default 0;
          "key1" 1;
          "key2" 1;
        }
        server {
          listen 11434;
          server_name localhost;
          location / {
            if ($$valid_key = 0) {
              return 401; # unauthorized
            }
            proxy_pass http://ollama-backend:11434;
            proxy_set_header Host $$host;
            proxy_set_header X-Real-IP $$remote_addr;
          }
        }
        EOF
    ports:
      - 11434:11434

$ curl localhost:11434/api/version
<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.27.0</center>
</body>
</html>
$ curl -H 'X-API-Key: key2' localhost:11434/api/version
{"version":"0.5.4-0-g2ddc32d-dirty"}
<!-- gh-comment-id:2607430038 --> @rick-github commented on GitHub (Jan 22, 2025): The usual suggestion is to use a proxy that implements access controls, eg [ollama_proxy_server](https://github.com/ParisNeo/ollama_proxy_server) or [nginx](https://nginx.org/en/docs/http/ngx_http_auth_jwt_module.html). ```yaml services: ollama-backend: image: ollama/ollama:${OLLAMA_DOCKER_TAG-latest} volumes: - ${OLLAMA_MODELS-./ollama}:/root/.ollama environment: - OLLAMA_KEEP_ALIVE=${OLLAMA_KEEP_ALIVE--1} - OLLAMA_DEBUG=${OLLAMA_DEBUG-1} ollama-frontend: image: nginx-acl build: dockerfile_inline: | FROM nginx:latest RUN cat > /etc/nginx/conf.d/default.conf <<"EOF" map $$http_x_api_key $$valid_key { default 0; "key1" 1; "key2" 1; } server { listen 11434; server_name localhost; location / { if ($$valid_key = 0) { return 401; # unauthorized } proxy_pass http://ollama-backend:11434; proxy_set_header Host $$host; proxy_set_header X-Real-IP $$remote_addr; } } EOF ports: - 11434:11434 ``` ```console $ curl localhost:11434/api/version <html> <head><title>401 Authorization Required</title></head> <body> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.27.0</center> </body> </html> $ curl -H 'X-API-Key: key2' localhost:11434/api/version {"version":"0.5.4-0-g2ddc32d-dirty"} ```
GiteaMirror commented 2026-04-22 11:34:21 -05:00
Author
Owner
Copy Link

@matthiasgeihs commented on GitHub (Jan 22, 2025):

yeah, heard about that. the issue is that it doesn't "just work" / needs more stuff to be done on the host system.
(e.g., consider the case of installing a Chrome extension. It's an additional burden to ask from the user to also run a proxy, or start ollama manually with some custom environment variables. It'd be way easier to just supply an API_KEY in the extension settings.)

what's the reason that ollama doesn't want to support API_KEY functionality at the base layer?

would be simple to implement:

  • ollama api-key --> returns API_KEY
  • allow requests from unauthorized origin if they have correct API_KEY set
<!-- gh-comment-id:2607778787 --> @matthiasgeihs commented on GitHub (Jan 22, 2025): yeah, heard about that. the issue is that it doesn't "just work" / needs more stuff to be done on the host system. (e.g., consider the case of installing a Chrome extension. It's an additional burden to ask from the user to also run a proxy, or start ollama manually with some custom environment variables. It'd be way easier to just supply an API_KEY in the extension settings.) what's the reason that ollama doesn't want to support API_KEY functionality at the base layer? would be simple to implement: - `ollama api-key` --> returns API_KEY - allow requests from unauthorized origin if they have correct API_KEY set
GiteaMirror commented 2026-04-22 11:34:22 -05:00
Author
Owner
Copy Link

@rick-github commented on GitHub (Jan 22, 2025):

ollama is an LLM inference engine. Other functionality is added by external projects. See integrations.

<!-- gh-comment-id:2607819769 --> @rick-github commented on GitHub (Jan 22, 2025): ollama is an LLM inference engine. Other functionality is added by external projects. See [integrations](https://github.com/ollama/ollama?tab=readme-ov-file#community-integrations).
GiteaMirror commented 2026-04-22 11:34:22 -05:00
Author
Owner
Copy Link

@matthiasgeihs commented on GitHub (Jan 22, 2025):

(closed by accident)

-_-

you are just artificially excluding certain use cases through this restriction.
i don't get it.

<!-- gh-comment-id:2607837511 --> @matthiasgeihs commented on GitHub (Jan 22, 2025): (closed by accident) -_- you are just artificially excluding certain use cases through this restriction. i don't get it.
GiteaMirror commented 2026-04-22 11:34:23 -05:00
Author
Owner
Copy Link

@rick-github commented on GitHub (Jan 22, 2025):

It's not a restriction, it's just the way it is at the moment - the only way to add API key based auth is with an external project. If you want to submit a PR to add this ability, please do. Until then, an external project has to be used to provide this functionality.

<!-- gh-comment-id:2607841961 --> @rick-github commented on GitHub (Jan 22, 2025): It's not a restriction, it's just the way it is at the moment - the only way to add API key based auth is with an external project. If you want to submit a PR to add this ability, please do. Until then, an external project has to be used to provide this functionality.
GiteaMirror commented 2026-04-22 11:34:24 -05:00
Author
Owner
Copy Link

@matthiasgeihs commented on GitHub (Jan 22, 2025):

oh, i didn't know you are open to this being added. it sounded like you don't want this functionality in the core.

if i find some time, i might try to contribute a PR / make a suggestion how this could be integrated. 👍

<!-- gh-comment-id:2608014383 --> @matthiasgeihs commented on GitHub (Jan 22, 2025): oh, i didn't know you are open to this being added. it sounded like you don't want this functionality in the core. if i find some time, i might try to contribute a PR / make a suggestion how this could be integrated. 👍
GiteaMirror commented 2026-04-22 11:34:25 -05:00
Author
Owner
Copy Link

@LeisureLinux commented on GitHub (Feb 12, 2025):

certain authentication capability will certainly add the popularity of ollama. I hope the basic authentication can be added.

https://github.com/ollama/ollama/issues/1053#issuecomment-2653885309

<!-- gh-comment-id:2653898711 --> @LeisureLinux commented on GitHub (Feb 12, 2025): certain authentication capability will certainly add the popularity of ollama. I hope the basic authentication can be added. https://github.com/ollama/ollama/issues/1053#issuecomment-2653885309
GiteaMirror commented 2026-04-22 11:34:25 -05:00
Author
Owner
Copy Link

@Evidlo commented on GitHub (Feb 18, 2025):

I'm potentially interested in adding this. I think this could be achieved by adding an OLLAMA_API_KEY environment variable to the server. If set, the OpenAI middleware will check the incoming request for a corresponding api key header and fail if it does not match. If unset, fall back to the current behavior where the request api key is simply ignored.

Browsing through the source, I think this change should go here

@rick-github Does that seem reasonable to you? The reason I think this specific case matters is because a proxy server is sort of overkill for single-user instances.

<!-- gh-comment-id:2666966284 --> @Evidlo commented on GitHub (Feb 18, 2025): I'm potentially interested in adding this. I think this could be achieved by adding an `OLLAMA_API_KEY` environment variable to the server. If set, the OpenAI middleware will check the incoming request for a corresponding api key header and fail if it does not match. If unset, fall back to the current behavior where the request api key is simply ignored. Browsing through the source, I think this change should go [here](https://github.com/ollama/ollama/blob/7b5d916a9a85f37c199bf765ef85625945469165/openai/openai.go#L534) @rick-github Does that seem reasonable to you? The reason I think this specific case matters is because a proxy server is sort of overkill for single-user instances.
GiteaMirror commented 2026-04-22 11:34:27 -05:00
Author
Owner
Copy Link

@rick-github commented on GitHub (Feb 18, 2025):

The core team currently recommends using a proxy: previous attempts (https://github.com/ollama/ollama/pull/5415, https://github.com/ollama/ollama/pull/8321, https://github.com/ollama/ollama/pull/9131) at adding an API key have fallen by the wayside or stalled. You are welcome to create a PR but in the current environment (reworking runners, adding vision backends, etc) the chance of it being merged is slim.

<!-- gh-comment-id:2667153335 --> @rick-github commented on GitHub (Feb 18, 2025): The core team currently recommends using a proxy: previous attempts (https://github.com/ollama/ollama/pull/5415, https://github.com/ollama/ollama/pull/8321, https://github.com/ollama/ollama/pull/9131) at adding an API key have fallen by the wayside or stalled. You are welcome to create a PR but in the current environment (reworking runners, adding vision backends, etc) the chance of it being merged is slim.
GiteaMirror commented 2026-04-22 11:34:28 -05:00
Author
Owner
Copy Link

@perfectecologietool commented on GitHub (Feb 19, 2025):

You can ask the LLM to create a proxy for you, in go lang. What joy?! HTTP is specifically made for humans to read and enjoy using. We all have to deal with the unfair CORS issue of browsers. The answer is simply, either build your own http browser client or build an ollamaCGI (a proxy) application (easy because of LLM!). CGI can just serve one HTML file to your browser and have the CGI ferry the request and response between your browser and your server. Creating your own client is the obvious way to employ "tools".
You'd want your internet privacy to not depend on an API key anyway. It would be misleading to say an API key is related to security, given that the server is listening 24/7 upon startup, on 127.0.0.1/0:13343 . That means make your own local CGI . (Easy with go lang on windows. Easy on Linux. Qwen2.5 coder32B makes it easy too :) Peace.

<!-- gh-comment-id:2667306298 --> @perfectecologietool commented on GitHub (Feb 19, 2025): You can ask the LLM to create a proxy for you, in go lang. What joy?! HTTP is specifically made for humans to read and enjoy using. We all have to deal with the unfair CORS issue of browsers. The answer is simply, either build your own http browser client or build an ollamaCGI (a proxy) application (easy because of LLM!). CGI can just serve one HTML file to your browser and have the CGI ferry the request and response between your browser and your server. Creating your own client is the obvious way to employ "tools". You'd want your internet privacy to not depend on an API key anyway. It would be misleading to say an API key is related to security, given that the server is listening 24/7 upon startup, on 127.0.0.1/0:13343 . That means make your own local CGI . (Easy with go lang on windows. Easy on Linux. Qwen2.5 coder32B makes it easy too :) Peace.
GiteaMirror commented 2026-04-22 11:34:30 -05:00
Author
Owner
Copy Link

@maurerle commented on GitHub (Jun 11, 2025):

To make the comment from https://github.com/ollama/ollama/issues/8536#issuecomment-2607430038 compatible with open-webui, the following is required - as open-webui requires usage of Bearer Token:

  ollama-frontend:
    container_name: ollama-frontend
    image: nginx-acl
    build: .
      dockerfile_inline: |
        FROM nginx:latest
        RUN cat > /etc/nginx/conf.d/default.conf <<"EOF"
        map $$http_authorization $$valid_key {
          default 0;
          "Bearer key1" 1;
          "Bearer key2" 1;
        }
        server {
          listen 11434;
          server_name localhost;
          location / {
            if ($$valid_key = 0) {
              return 401; # unauthorized
            }
            proxy_pass http://ollama-backend:11434;
            proxy_set_header Host $$host;
            proxy_set_header X-Real-IP $$remote_addr;
          }
        }
        EOF
    ports:
      - "11434:11434/tcp"
<!-- gh-comment-id:2963501548 --> @maurerle commented on GitHub (Jun 11, 2025): To make the comment from https://github.com/ollama/ollama/issues/8536#issuecomment-2607430038 compatible with open-webui, the following is required - as open-webui requires usage of Bearer Token: ```yml ollama-frontend: container_name: ollama-frontend image: nginx-acl build: . dockerfile_inline: | FROM nginx:latest RUN cat > /etc/nginx/conf.d/default.conf <<"EOF" map $$http_authorization $$valid_key { default 0; "Bearer key1" 1; "Bearer key2" 1; } server { listen 11434; server_name localhost; location / { if ($$valid_key = 0) { return 401; # unauthorized } proxy_pass http://ollama-backend:11434; proxy_set_header Host $$host; proxy_set_header X-Real-IP $$remote_addr; } } EOF ports: - "11434:11434/tcp" ```
GiteaMirror commented 2026-04-22 11:34:30 -05:00
Author
Owner
Copy Link

@rick-github commented on GitHub (Jun 11, 2025):

If nginx is too much overhead, a version using caddy can be seen here.

<!-- gh-comment-id:2963568454 --> @rick-github commented on GitHub (Jun 11, 2025): If `nginx` is too much overhead, a version using `caddy` can be seen [here](https://github.com/ollama/ollama/issues/9488#issuecomment-2701659171).
GiteaMirror commented 2026-04-22 11:34:31 -05:00
Author
Owner
Copy Link

@azazar commented on GitHub (Oct 8, 2025):

If nginx is too much overhead, a version using caddy can be seen here.

What if everything but builtin authentication is too much overhead?

<!-- gh-comment-id:3381092568 --> @azazar commented on GitHub (Oct 8, 2025): > If `nginx` is too much overhead, a version using `caddy` can be seen [here](https://github.com/ollama/ollama/issues/9488#issuecomment-2701659171). What if everything but builtin authentication is too much overhead?
GiteaMirror commented 2026-04-22 11:34:33 -05:00
Author
Owner
Copy Link

@micaelmz commented on GitHub (Apr 9, 2026):


services:
  ollama:
    image: ollama/ollama:latest
    expose:
      - "11434"
    volumes:
      - ollama_data:/root/.ollama
    networks:
      - dokploy-network
    restart: unless-stopped

  proxy:
    image: caddy:alpine
    environment:
      - OLLAMA_API_KEY=${OLLAMA_API_KEY}
    command: >
      sh -c "echo ':8080 {
        @no-auth {
          not header Authorization \"Bearer {env.OLLAMA_API_KEY}\"
        }
        respond @no-auth \"Unauthorized\" 401
        reverse_proxy ollama:11434
      }' > Caddyfile && caddy run --config Caddyfile"
    networks:
      - dokploy-network
    restart: unless-stopped

volumes:
  ollama_data:
    driver: local

networks:
  dokploy-network:
    external: true
<!-- gh-comment-id:4211447057 --> @micaelmz commented on GitHub (Apr 9, 2026): ```yml services: ollama: image: ollama/ollama:latest expose: - "11434" volumes: - ollama_data:/root/.ollama networks: - dokploy-network restart: unless-stopped proxy: image: caddy:alpine environment: - OLLAMA_API_KEY=${OLLAMA_API_KEY} command: > sh -c "echo ':8080 { @no-auth { not header Authorization \"Bearer {env.OLLAMA_API_KEY}\" } respond @no-auth \"Unauthorized\" 401 reverse_proxy ollama:11434 }' > Caddyfile && caddy run --config Caddyfile" networks: - dokploy-network restart: unless-stopped volumes: ollama_data: driver: local networks: dokploy-network: external: true ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
amd
api
app
bug
build
cli
cloud
compatibility
context-length
create
docker
documentation
embeddings
feature request
feedback wanted
good first issue
gpt-oss
gpu
harmony
help wanted
image
install
intel
js
launch
linux
macos
memory
mlx
model
needs more info
networking
nvidia
ollama.com
performance
pull-request
Mirrored from GitHub Pull Request
 python
question
registry
rendering
thinking
tools
top
vulkan
windows
wsl
No Label feature request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/ollama#31266
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?