llm whitelist via api not working #1890

New Issue

Closed

opened 2025-11-11 14:55:46 -06:00 by GiteaMirror · 1 comment

GiteaMirror commented 2025-11-11 14:55:46 -06:00

Owner

Copy Link

Originally created by @kivi280 on GitHub (Aug 26, 2024).

Bug Report

Installation Method

docker run -d -p 3000:8080 --gpus=all -v ollama:/root/.ollama -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:ollama

Environment

• Open WebUI Version: v0.3.11

• Ollama (if applicable): v0.3.4

• Operating System: Ubuntu 22.04.4 LTS

Confirmation:

• I have read and followed all the instructions provided in the README.md.
• I am on the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below.

Expected Behavior:

Users with the “user"-authorization can only access the LLMs via the API that have been added to the whitelist.

Actual Behavior:

All users can access all pulled LLMs, even those that are not in the whitelist

Description

Bug Summary:
All users can use all LLMs, even those that are not in the whitelist.

Reproduction Details

Steps to Reproduce:

as Admin:

• add User with user role
• pull two llms but only whitelist one of them

as User:

• create API key
• create API request with own API Key. (tested with thunder client in vs code)
  • Use as model the LLM which is not in the whitelist
• check the response

Logs and Screenshots

Screenshots/Screen Recordings (if applicable):
whitelisted llm:

all pulled models:

user api request body:

api response:

available llms via frontend:

Originally created by @kivi280 on GitHub (Aug 26, 2024). # Bug Report ## Installation Method docker run -d -p 3000:8080 --gpus=all -v ollama:/root/.ollama -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:ollama ## Environment - **Open WebUI Version:** v0.3.11 - **Ollama (if applicable):** v0.3.4 - **Operating System:** Ubuntu 22.04.4 LTS **Confirmation:** - [x] I have read and followed all the instructions provided in the README.md. - [ ] I am on the latest version of both Open WebUI and Ollama. - [ ] I have included the browser console logs. - [ ] I have included the Docker container logs. - [x] I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below. ## Expected Behavior: Users with the “user"-authorization can only access the LLMs via the API that have been added to the whitelist. ## Actual Behavior: All users can access all pulled LLMs, even those that are not in the whitelist ## Description **Bug Summary:** All users can use all LLMs, even those that are not in the whitelist. ## Reproduction Details **Steps to Reproduce:** as Admin: - add User with **user** role - pull two llms but only whitelist one of them as User: - create API key - create API request with own API Key. (tested with thunder client in vs code) - Use as model the LLM which is not in the whitelist - check the response ## Logs and Screenshots **Screenshots/Screen Recordings (if applicable):** whitelisted llm:  all pulled models:  user api request body:  api response:  available llms via frontend: 

GiteaMirror closed this issue 2025-11-11 14:55:46 -06:00

GiteaMirror commented 2025-11-11 14:55:47 -06:00

Author

Owner

Copy Link

@tjbck commented on GitHub (Aug 26, 2024):

Fixed on dev, testing wanted here!

@tjbck commented on GitHub (Aug 26, 2024): Fixed on dev, testing wanted here!

GiteaMirror referenced this issue 2026-04-19 19:35:17 -05:00

[GH-ISSUE #1890] Feat add loading to some Settings that take a long time to exectue #12673

GiteaMirror referenced this issue 2026-04-25 02:55:17 -05:00

[GH-ISSUE #1890] Feat add loading to some Settings that take a long time to exectue #28201

GiteaMirror referenced this issue 2026-05-05 12:20:03 -05:00

[GH-ISSUE #1890] Feat add loading to some Settings that take a long time to exectue #51339

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#1890