github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 10:58:17 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #12391] issue: Call to tool server does not pass API token #16579

New Issue
Closed
opened 2026-04-19 22:28:22 -05:00 by GiteaMirror · 2 comments
GiteaMirror commented 2026-04-19 22:28:22 -05:00
Owner
Copy Link

Originally created by @tremlin on GitHub (Apr 3, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/12391

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Git Clone

Open WebUI Version

v0.6.0

Ollama Version (if applicable)

No response

Operating System

Ubuntu 20.04

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have listed steps to reproduce the bug in detail.

Expected Behavior

When executing a tool on an OpenAPI tool server via POST request, the configured authorization token should be passed in the HTTP header.

Actual Behavior

The authorization HTTP header is missing when making the POST request.

The authorization header is included when saving the tool server configuration and initially fetching the openapi.json spec, but it is missing from all other calls.

Steps to Reproduce

  1. Configure a tool server that requires an API token for all requests.
  2. Create a chat and send a message that makes the AI model use this tool server.
  3. Observe in the browser console that the POST request fails.

Logs & Screenshots

Image

Additional Information

The cause seems to be that key is missing from the information in ba77a72925/src/lib/apis/index.ts (L318)

Adding key: server?.key, solves the issue for me:

Image

Originally created by @tremlin on GitHub (Apr 3, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/12391 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Git Clone ### Open WebUI Version v0.6.0 ### Ollama Version (if applicable) _No response_ ### Operating System Ubuntu 20.04 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have listed steps to reproduce the bug in detail. ### Expected Behavior When executing a tool on an OpenAPI tool server via POST request, the configured authorization token should be passed in the HTTP header. ### Actual Behavior The authorization HTTP header is missing when making the POST request. The authorization header is included when saving the tool server configuration and initially fetching the `openapi.json` spec, but it is missing from all other calls. ### Steps to Reproduce 1. Configure a tool server that requires an API token for all requests. 2. Create a chat and send a message that makes the AI model use this tool server. 3. Observe in the browser console that the POST request fails. ### Logs & Screenshots ![Image](https://github.com/user-attachments/assets/6e7af7d9-d52e-4340-a755-948d0f1536ee) ### Additional Information The cause seems to be that `key` is missing from the information in https://github.com/open-webui/open-webui/blob/ba77a729256b9df1d582bfc421afde44f465fca2/src/lib/apis/index.ts#L318 Adding `key: server?.key,` solves the issue for me: ![Image](https://github.com/user-attachments/assets/dbec37d4-8933-4525-83bb-7c6754b065b4)
GiteaMirror added the bug label 2026-04-19 22:28:22 -05:00
GiteaMirror commented 2026-04-19 22:28:24 -05:00
Author
Owner
Copy Link

@rgaricano commented on GitHub (Apr 3, 2025):

It would be usefull to have it also noted in https://github.com/open-webui/mcpo/issues

<!-- gh-comment-id:2775976903 --> @rgaricano commented on GitHub (Apr 3, 2025): It would be usefull to have it also noted in https://github.com/open-webui/mcpo/issues
GiteaMirror commented 2026-04-19 22:28:25 -05:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Apr 3, 2025):

Addressed in dev.

<!-- gh-comment-id:2776406938 --> @tjbck commented on GitHub (Apr 3, 2025): Addressed in dev.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#16579
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?