github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 19:08:59 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #19182] feat: SSO custom logout URI #18798

New Issue
Closed
opened 2026-04-20 01:01:14 -05:00 by GiteaMirror · 10 comments
GiteaMirror commented 2026-04-20 01:01:14 -05:00
Owner
Copy Link

Originally created by @BikersDelight on GitHub (Nov 14, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/19182

Check Existing Issues

  • I have searched for all existing open AND closed issues and discussions for similar requests. I have found none that is comparable to my request.

Verify Feature Scope

  • I have read through and understood the scope definition for feature requests in the Issues section. I believe my feature request meets the definition and belongs in the Issues section instead of the Discussions.

Problem Description

I'm using AWS Cognito as our IdP. Cognito doesn't support logout with id_token_hint and post_logout_redirect_uri. It requires different request parameters.

Desired Solution you'd like

In order to solve this issue, it would be handy to set a full custom logout URI in environment variables. For Cognito, the values to build the URI are all known up front. This solution won't work when dynamic parameters need to be added.

Alternatives Considered

No response

Additional Context

Thanks for maintaining!

Originally created by @BikersDelight on GitHub (Nov 14, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/19182 ### Check Existing Issues - [x] I have searched for all existing **open AND closed** issues and discussions for similar requests. I have found none that is comparable to my request. ### Verify Feature Scope - [x] I have read through and understood the scope definition for feature requests in the Issues section. I believe my feature request meets the definition and belongs in the Issues section instead of the Discussions. ### Problem Description I'm using AWS Cognito as our IdP. Cognito doesn't support logout with id_token_hint and post_logout_redirect_uri. It requires different request parameters. ### Desired Solution you'd like In order to solve this issue, it would be handy to set a full custom logout URI in environment variables. For Cognito, the values to build the URI are all known up front. This solution won't work when dynamic parameters need to be added. ### Alternatives Considered _No response_ ### Additional Context Thanks for maintaining!
GiteaMirror added the good first issue label 2026-04-20 01:01:14 -05:00
GiteaMirror commented 2026-04-20 01:01:18 -05:00
Author
Owner
Copy Link

@Classic298 commented on GitHub (Nov 14, 2025):

is WEBUI_AUTH_SIGNOUT_REDIRECT_URL not sufficient here? works for me.

<!-- gh-comment-id:3532609242 --> @Classic298 commented on GitHub (Nov 14, 2025): is WEBUI_AUTH_SIGNOUT_REDIRECT_URL not sufficient here? works for me.
GiteaMirror commented 2026-04-20 01:01:19 -05:00
Author
Owner
Copy Link

@BikersDelight commented on GitHub (Nov 14, 2025):

@Classic298 unfortunately no. This adds the post_logout_redirect_uri to the actual logout endpoint, but Cognito requires a completely different set of request parameters: https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html

<!-- gh-comment-id:3532615563 --> @BikersDelight commented on GitHub (Nov 14, 2025): @Classic298 unfortunately no. This adds the post_logout_redirect_uri to the actual logout endpoint, but Cognito requires a completely different set of request parameters: https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html
GiteaMirror commented 2026-04-20 01:01:19 -05:00
Author
Owner
Copy Link

@Classic298 commented on GitHub (Nov 14, 2025):

I understand. thanks.

<!-- gh-comment-id:3532619202 --> @Classic298 commented on GitHub (Nov 14, 2025): I understand. thanks.
GiteaMirror commented 2026-04-20 01:01:20 -05:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Nov 19, 2025):

PR Welcome!

<!-- gh-comment-id:3551192199 --> @tjbck commented on GitHub (Nov 19, 2025): PR Welcome!
GiteaMirror commented 2026-04-20 01:01:21 -05:00
Author
Owner
Copy Link

@James-4u commented on GitHub (Nov 20, 2025):

@tjbck Could you please assign this issue to me?

<!-- gh-comment-id:3559043401 --> @James-4u commented on GitHub (Nov 20, 2025): @tjbck Could you please assign this issue to me?
GiteaMirror commented 2026-04-20 01:01:22 -05:00
Author
Owner
Copy Link

@James-4u commented on GitHub (Nov 20, 2025):

@tjbck what's wrong?

<!-- gh-comment-id:3560619456 --> @James-4u commented on GitHub (Nov 20, 2025): @tjbck what's wrong?
GiteaMirror commented 2026-04-20 01:01:23 -05:00
Author
Owner
Copy Link

@zizzii commented on GitHub (Nov 22, 2025):

Hi there! I would like to pick this up.

My plan: I'll look into backend/apps/web/routers/auths.py to modify the logout flow. I plan to check for a specific environment variable (e.g., LOGOUT_REDIRECT_URL) and redirect the user there upon successful logout if it exists.

Please assign this to me!

<!-- gh-comment-id:3567125239 --> @zizzii commented on GitHub (Nov 22, 2025): Hi there! I would like to pick this up. My plan: I'll look into backend/apps/web/routers/auths.py to modify the logout flow. I plan to check for a specific environment variable (e.g., LOGOUT_REDIRECT_URL) and redirect the user there upon successful logout if it exists. Please assign this to me!
GiteaMirror commented 2026-04-20 01:01:24 -05:00
Author
Owner
Copy Link

@Classic298 commented on GitHub (Nov 23, 2025):

Sorry we don't do assignments. If you want, just create the PR.

PR welcome

<!-- gh-comment-id:3567603849 --> @Classic298 commented on GitHub (Nov 23, 2025): Sorry we don't do assignments. If you want, just create the PR. PR welcome
GiteaMirror commented 2026-04-20 01:01:25 -05:00
Author
Owner
Copy Link

@tysoncung commented on GitHub (Dec 12, 2025):

I'm interested in working on this issue. Could you provide more context about what you're looking for? Any additional details about requirements or constraints would be helpful.

<!-- gh-comment-id:3644880020 --> @tysoncung commented on GitHub (Dec 12, 2025): I'm interested in working on this issue. Could you provide more context about what you're looking for? Any additional details about requirements or constraints would be helpful.
GiteaMirror commented 2026-04-20 01:01:26 -05:00
Author
Owner
Copy Link

@Br1an67 commented on GitHub (Mar 1, 2026):

Hi @zizzii @tysoncung — are you still working on this? I noticed it's been a while since the last update. If not, I'd be happy to pick it up.

Add a new OAUTH_LOGOUT_URI env var that lets users specify a full custom logout URI, bypassing OIDC discovery for providers like AWS Cognito.

PR: #22071

<!-- gh-comment-id:3979309911 --> @Br1an67 commented on GitHub (Mar 1, 2026): Hi @zizzii @tysoncung — are you still working on this? I noticed it's been a while since the last update. If not, I'd be happy to pick it up. Add a new `OAUTH_LOGOUT_URI` env var that lets users specify a full custom logout URI, bypassing OIDC discovery for providers like AWS Cognito. PR: #22071
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label good first issue
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#18798
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?