[GH-ISSUE #13090] issue: WEBUI_AUTH_TRUSTED_EMAIL_HEADER ignored #16805

New Issue

Closed

opened 2026-04-19 22:38:06 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-04-19 22:38:06 -05:00

Owner

Copy Link

Originally created by @qhaas on GitHub (Apr 20, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/13090

Check Existing Issues

• I have searched the existing issues and discussions.
• I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.5-ollama

Ollama Version (if applicable)

No response

Operating System

RHEL 9

Browser (if applicable)

No response

Confirmation

• I have read and followed all instructions in README.md.
• I am using the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have listed steps to reproduce the bug in detail.

Expected Behavior

Per trusted header configuration, one should be able to set the WEBUI_AUTH_TRUSTED_EMAIL_HEADER environment variable on a new open-webui deployment and any webapi call made with the header info set should be sufficient for authentication.

Actual Behavior

A list of all models returned with this webapi call

Steps to Reproduce

1. Start container: docker run --rm -d --name open-webui -p 127.0.0.1:8080:8080 -e WEBUI_AUTH_TRUSTED_EMAIL_HEADER='X-User-Email' ghcr.io/open-webui/open-webui:v0.6.5-ollama
2. Run webapi call with header set: curl -s -H "X-User-Email: admin@localhost" http://127.0.0.1:8080/api/models

Logs & Screenshots

$ docker run --rm -d --name open-webui -p 127.0.0.1:8080:8080 -e WEBUI_AUTH_TRUSTED_EMAIL_HEADER='X-User-Email' ghcr.io/open-webui/open-webui:v0.6.5-ollama
$ curl -s -H "X-User-Email: admin@localhost" http://127.0.0.1:8080/api/models | jq
{
"detail": "Not authenticated"
}

Additional Information

open-webui-logs.txt

Originally created by @qhaas on GitHub (Apr 20, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/13090 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.5-ollama ### Ollama Version (if applicable) _No response_ ### Operating System RHEL 9 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have listed steps to reproduce the bug in detail. ### Expected Behavior Per [trusted header configuration](https://docs.openwebui.com/features/sso/#trusted-header), one should be able to set the `WEBUI_AUTH_TRUSTED_EMAIL_HEADER` environment variable on a new open-webui deployment and any webapi call made with the header info set should be sufficient for authentication. ### Actual Behavior A list of all models returned [with this webapi call](https://docs.openwebui.com/getting-started/api-endpoints#-retrieve-all-models) ### Steps to Reproduce 1. Start container: `docker run --rm -d --name open-webui -p 127.0.0.1:8080:8080 -e WEBUI_AUTH_TRUSTED_EMAIL_HEADER='X-User-Email' ghcr.io/open-webui/open-webui:v0.6.5-ollama` 2. Run webapi call with header set: `curl -s -H "X-User-Email: admin@localhost" http://127.0.0.1:8080/api/models` ### Logs & Screenshots $ docker run --rm -d --name open-webui -p 127.0.0.1:8080:8080 -e WEBUI_AUTH_TRUSTED_EMAIL_HEADER='X-User-Email' ghcr.io/open-webui/open-webui:v0.6.5-ollama $ curl -s -H "X-User-Email: admin@localhost" http://127.0.0.1:8080/api/models | jq { "detail": "Not authenticated" } ### Additional Information [open-webui-logs.txt](https://github.com/user-attachments/files/19826941/open-webui-logs.txt)

GiteaMirror added the bug label 2026-04-19 22:38:06 -05:00

GiteaMirror closed this issue 2026-04-19 22:38:09 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#16805