github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-03-12 01:54:38 -05:00
Code Issues 308 Packages Projects Releases 100 Wiki Activity

Disable authenticaton #161

New Issue
Closed
opened 2025-11-11 14:08:52 -06:00 by GiteaMirror · 13 comments
GiteaMirror commented 2025-11-11 14:08:52 -06:00
Owner
Copy Link

Originally created by @dezoito on GitHub (Jan 8, 2024).

Is there a way to disable the authentication requirement, so that users don't have to login to use the UI?
Maybe having the admin user authenticating once and then disabling it?

If this entailed chats not being saved that would be alright too.

Originally created by @dezoito on GitHub (Jan 8, 2024). Is there a way to disable the authentication requirement, so that users don't have to login to use the UI? Maybe having the admin user authenticating once and then disabling it? If this entailed chats not being saved that would be alright too.
GiteaMirror commented 2025-11-11 14:08:54 -06:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Jan 9, 2024):

Hi, Thanks for the suggestion! For security reasons, we do not plan on adding an option to remove the login feature in the near future, so I'll close this issue as not planned for now. However, https://github.com/ollama-webui/ollama-webui-lite provides with the option to use the webui without any of the additional backend functionalities (including auth)!

@tjbck commented on GitHub (Jan 9, 2024): Hi, Thanks for the suggestion! For security reasons, we do not plan on adding an option to remove the login feature in the near future, so I'll close this issue as not planned for now. However, https://github.com/ollama-webui/ollama-webui-lite provides with the option to use the webui without any of the additional backend functionalities (including auth)!
GiteaMirror commented 2025-11-11 14:08:54 -06:00
Author
Owner
Copy Link

@sammcj commented on GitHub (Feb 20, 2024):

@tjbck I think this is still needed as an option.

A good example of where Ollama Web UI authentication needs to be disabled is when you're already running the application runs behind another internal authentication service such as Authentik / Okta etc...

This is what I (and a few others I know) do with all our apps for a secure and unified approach but with Ollama Web UI this means logging in twice with two sets of credentials - one of which is no centrally managed.

@sammcj commented on GitHub (Feb 20, 2024): @tjbck I think this is still needed as an option. A good example of where Ollama Web UI authentication needs to be disabled is when you're already running the application runs behind another internal authentication service such as [Authentik](https://github.com/goauthentik/authentik) / Okta etc... This is what I (and a few others I know) do with all our apps for a secure and unified approach but with Ollama Web UI this means logging in twice with two sets of credentials - one of which is no centrally managed.
GiteaMirror commented 2025-11-11 14:08:54 -06:00
Author
Owner
Copy Link

@justinh-rahb commented on GitHub (Feb 20, 2024):

How will you have chat histories and settings then? This method would need a way to pass some sort of authentication header so that WebUI knows which user to log into.

@justinh-rahb commented on GitHub (Feb 20, 2024): How will you have chat histories and settings then? This method would need a way to pass some sort of authentication header so that WebUI knows which user to log into.
GiteaMirror commented 2025-11-11 14:08:55 -06:00
Author
Owner
Copy Link

@sammcj commented on GitHub (Feb 20, 2024):

In my case like I suspect a lot of self-hosters, I just have a single user.

However the standard approach with OAuth2/OpenID (which includes things like Google Workspaces, AzureAD, Authentik, Okta, Auth0 etc...) is to pass an identity token / URL / header or basic auth to applications after successful authentication. You can also have it redirect to a specific URL path (e.g. <url>/users/<cool@lol.com>) etc...

@sammcj commented on GitHub (Feb 20, 2024): In my case like I suspect a lot of self-hosters, I just have a single user. However the standard approach with OAuth2/OpenID (which includes things like Google Workspaces, AzureAD, Authentik, Okta, Auth0 etc...) is to pass an identity token / URL / header or basic auth to applications after successful authentication. You can also have it redirect to a specific URL path (e.g. `<url>/users/<cool@lol.com>`) etc...
GiteaMirror commented 2025-11-11 14:08:55 -06:00
Author
Owner
Copy Link

@sammcj commented on GitHub (Feb 20, 2024):

Those are some examples of how people might choose to use Authentik, but I think simply allowing users to disable in-app auth and default to a single user would suffice.

@sammcj commented on GitHub (Feb 20, 2024): - https://goauthentik.io/docs/providers/proxy/header_authentication - https://goauthentik.io/docs/providers/proxy/custom_headers Those are some examples of how people might choose to use Authentik, but I think simply allowing users to disable in-app auth and default to a single user would suffice.
GiteaMirror commented 2025-11-11 14:08:55 -06:00
Author
Owner
Copy Link

@Chukarslan commented on GitHub (Mar 20, 2024):

Hi, can you detail the steps to disable auth please?

@Chukarslan commented on GitHub (Mar 20, 2024): Hi, can you detail the steps to disable auth please?
GiteaMirror commented 2025-11-11 14:08:56 -06:00
Author
Owner
Copy Link

@sammcj commented on GitHub (Mar 20, 2024):

Yeah this is really needed, unfortunately this issue remains closed :(

@sammcj commented on GitHub (Mar 20, 2024): Yeah this is really needed, unfortunately this issue remains closed :(
GiteaMirror commented 2025-11-11 14:08:56 -06:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Mar 20, 2024):

The exact same issue is open here: #929

Again, we want to emphasise that this is a community project, we encourage you to make a PR!

@tjbck commented on GitHub (Mar 20, 2024): The exact same issue is open here: #929 Again, we want to emphasise that this is a community project, we encourage you to make a PR!
GiteaMirror commented 2025-11-11 14:08:56 -06:00
Author
Owner
Copy Link

@sammcj commented on GitHub (Mar 20, 2024):

maybe something like https://github.com/open-webui/open-webui/compare/main...sammcj:open-webui:main

@sammcj commented on GitHub (Mar 20, 2024): maybe something like https://github.com/open-webui/open-webui/compare/main...sammcj:open-webui:main
GiteaMirror commented 2025-11-11 14:08:57 -06:00
Author
Owner
Copy Link

@Chukarslan commented on GitHub (Mar 21, 2024):

This is really cool, I'll check it out thanks @sammcj!

@Chukarslan commented on GitHub (Mar 21, 2024): This is really cool, I'll check it out thanks @sammcj!
GiteaMirror commented 2025-11-11 14:08:57 -06:00
Author
Owner
Copy Link

@Chukarslan commented on GitHub (Mar 21, 2024):

Update @sammcj : Still showing the /auth page :(
I tired removing the route in layout.svelte but it keeps bouncing back to auth...

@Chukarslan commented on GitHub (Mar 21, 2024): Update @sammcj : Still showing the /auth page :( I tired removing the route in layout.svelte but it keeps bouncing back to auth...
GiteaMirror commented 2025-11-11 14:08:57 -06:00
Author
Owner
Copy Link

@markg85 commented on GitHub (May 8, 2024):

Ohh security... for f**** sake...

Yes, i get why a login is good for security measures.

But it makes zero sense when running it as a self-hosted service with the intent to just freaking play with ollama.
Somehow so many projects just force down the authentication option where it's clearly intended to be run local for just 1 user (like portainer and grafana, to name a few). And somehow giving the option to disable it is more difficult then to implement an authentication system...

Yeah, that's fucked up.
The intent of this whole project is to run locally so authentication has no place in that.

Sorry for the rant. I'm just annoyed by local projects adding authentication because some people whine about that being "secure and a must-have feature" just to be a pain in the ass for everyone else running it locally as single user, like 99% of your users will!

@markg85 commented on GitHub (May 8, 2024): Ohh security... for f**** sake... Yes, i get why a login is good for security measures. But it makes zero sense when running it as a self-hosted service with the intent to just freaking play with ollama. Somehow so many projects just force down the authentication option where it's clearly intended to be run local for just 1 user (like portainer and grafana, to name a few). And somehow giving the option to disable it is more difficult then to implement an authentication system... Yeah, that's fucked up. The intent of this whole project is to **run locally** so authentication has no place in that. Sorry for the rant. I'm just annoyed by local projects adding authentication because some people whine about that being "secure and a must-have feature" just to be a pain in the ass for everyone else running it locally as single user, like 99% of your users will!
GiteaMirror commented 2025-11-11 14:08:58 -06:00
Author
Owner
Copy Link

@justinh-rahb commented on GitHub (May 8, 2024):

Blah blah blah yadda yadda yadda

@markg85: https://github.com/ollama-webui/ollama-webui-lite

@justinh-rahb commented on GitHub (May 8, 2024): > Blah blah blah yadda yadda yadda @markg85: https://github.com/ollama-webui/ollama-webui-lite
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#161
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?