github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 10:58:17 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #8571] Microsoft Entra Oauth integration: Users keep being reset to "pending" #15175

New Issue
Closed
opened 2026-04-19 21:27:35 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-19 21:27:35 -05:00
Owner
Copy Link

Originally created by @maxupp on GitHub (Jan 15, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/8571

Installation Method

Installed via Helmchart with slight alterations to the UI (Icons etc.).
Integrated with Microsoft Entra via Oauth.

Environment

  • Open WebUI Version: 0.5.4

  • Operating System: Ubuntu in Docker

  • Browser (if applicable): all

Confirmation:

Expected Behavior:

New users should be forwarded to our SSO, and then receive the "user" role by default, without the need for the account to be confirmed.

Actual Behavior:

Users are confronted with an "Account activation pending" screen on first login, and then regularly lose access to the service after they have been manually confirmed and given the user role via the admin console.

Description

Bug Summary:
See above, the main issue is that every day users are reset to the "pending" state, and therefore cannot access the OpenWebUI service.

Reproduction Details

Steps to Reproduce:
[Outline the steps to reproduce the bug. Be as detailed as possible.]

Logs and Screenshots

Configuration Variables:
`extraEnvVars:

  • name: ENABLE_OAUTH_SIGNUP
    value: "True"
  • name: ENABLE_OAUTH_ROLE_MANAGEMENT
    value: "True"
  • name: MICROSOFT_CLIENT_ID
    value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • name: MICROSOFT_CLIENT_TENANT_ID
    value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • name: ENABLE_SIGNUP
    value: "True"
  • name: ENABLE_LOGIN_FORM
    value: "False"
  • name: DEFAULT_USER_ROLE
    value: user
  • name: OAUTH_ROLES_CLAIM
    value: roles
  • name: OAUTH_ADMIN_ROLES
    value: admin
  • name: ENABLE_ADMIN_CHAT_ACCESS
    value: "False"
  • name: MICROSOFT_CLIENT_SECRET
    valueFrom:
    secretKeyRef:
    name: entra-client-secret
    key: MICROSOFT_CLIENT_SECRET`
Originally created by @maxupp on GitHub (Jan 15, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/8571 ## Installation Method Installed via Helmchart with slight alterations to the UI (Icons etc.). Integrated with Microsoft Entra via Oauth. ## Environment - **Open WebUI Version: 0.5.4** - **Operating System:** Ubuntu in Docker - **Browser (if applicable):** all **Confirmation:** ## Expected Behavior: New users should be forwarded to our SSO, and then receive the "user" role by default, without the need for the account to be confirmed. ## Actual Behavior: Users are confronted with an "Account activation pending" screen on first login, and then regularly lose access to the service after they have been manually confirmed and given the user role via the admin console. ## Description **Bug Summary:** See above, the main issue is that every day users are reset to the "pending" state, and therefore cannot access the OpenWebUI service. ## Reproduction Details **Steps to Reproduce:** [Outline the steps to reproduce the bug. Be as detailed as possible.] ## Logs and Screenshots Configuration Variables: `extraEnvVars: - name: ENABLE_OAUTH_SIGNUP value: "True" - name: ENABLE_OAUTH_ROLE_MANAGEMENT value: "True" - name: MICROSOFT_CLIENT_ID value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - name: MICROSOFT_CLIENT_TENANT_ID value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - name: ENABLE_SIGNUP value: "True" - name: ENABLE_LOGIN_FORM value: "False" - name: DEFAULT_USER_ROLE value: user - name: OAUTH_ROLES_CLAIM value: roles - name: OAUTH_ADMIN_ROLES value: admin - name: ENABLE_ADMIN_CHAT_ACCESS value: "False" - name: MICROSOFT_CLIENT_SECRET valueFrom: secretKeyRef: name: entra-client-secret key: MICROSOFT_CLIENT_SECRET`
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#15175
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?