github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-06 10:58:17 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

OIDC login issues #2007

New Issue
Closed
opened 2025-11-11 14:58:35 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-11 14:58:35 -06:00
Owner
Copy Link

Originally created by @skerit on GitHub (Sep 6, 2024).

Bug Report

Installation Method

I used Docker

Environment

  • Open WebUI Version: v0.3.19
  • Operating System: Endeavour Linux
  • Browser (if applicable): Firefox 130

Confirmation:

  • I have read and followed all the instructions provided in the README.md.
  • I am on the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below.

Expected Behavior:

I expect to login with my OIDC provider

Actual Behavior:

I do not get logged in.

Description

Bug Summary:

My user does correctly receive an OAUTH id when I look in the admin panel.

The final redirect to Open-webui's /auth page also sets a null cookie:

set-cookie oui-session=null; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; httponly; samesite=lax

Sometimes it does set a non-null cookie that doesn't expire in the past, but even then I still don't actually get logged in.

Reproduction Details

Steps to Reproduce:

Configure Open-webui with OIDC:

docker run -d -p 8508:8080 \
        -v open-webui:/app/backend/data \
        -e OPENAI_API_BASE_URLS="https://my-provider-domain/v1" \
        -e OPENAI_API_KEYS="openai_keys" \
        -e OPENID_PROVIDER_URL="https://my-provider-domain/oidc/.well-known/openid-configuration" \
        -e OAUTH_CLIENT_ID="open-web-ui" \
        -e OAUTH_CLIENT_SECRET="1...abc" \
        -e OAUTH_MERGE_ACCOUNTS_BY_EMAIL="True" \
        -e OAUTH_SCOPES="openid email profile offline_access" \
        --name open-webui \
        --restart always \
        ghcr.io/open-webui/open-webui:main

I'm using the node-oidc-provider NPM package as the OIDC provider.
It works fine for other OAuth applications (like Netbird)

I've tried several configurations (and combinations of these all):

  • grant types: authorization_code, implicit, refresh_token
  • response_types: code, id_token, none
  • auth method: client secret (basic) and client secret (post). client secret with JWT just makes Open-webui throw a "email/password is wrong" error
  • oidc scope: openid email profile and openid email profile offline_access (I added offline_access because that's what's working with Netbird)

I do not have the "Trusted headers" setup configured. If I understand the docs correctly, it's not required either?

Logs and Screenshots

Browser Console Logs:

Socket undefined disconnected due to transport close 0.CZ4Me7eC.js:1:80603
Additional details: 
Object { description: "websocket connection closed", context: close }
0.CZ4Me7eC.js:1:80662
Removing unpermitted intrinsics lockdown-install.js:1:52832
[VDContentController] initializing VDPlugin contentInit.ea4e8b91.js:1:19438
[BackgroundConnector] Sending message GET_LISTING [callback 0f23f4a7-81e4-45b1-83ba-9b685842b960] to background contentInit.ea4e8b91.js:1:19438
[VDContentController] Updating Login State... contentInit.ea4e8b91.js:1:19438
[BackgroundConnector] Sending message GET_ME [callback 6562ec69-4011-4fc7-989f-165d7374dcfd] to background contentInit.ea4e8b91.js:1:19438
[BackgroundConnector] Incoming message GET_ME [callback 6562ec69-4011-4fc7-989f-165d7374dcfd] contentInit.ea4e8b91.js:1:19438
Initializing content script cs.js:145:10
[BackgroundConnector] Incoming message GET_LISTING [callback 0f23f4a7-81e4-45b1-83ba-9b685842b960] contentInit.ea4e8b91.js:1:19438
[VDContentController] Updated Listing: null contentInit.ea4e8b91.js:1:19438
[BackgroundConnector] Sending message SET_PLUGIN_ICON [callback null] to background contentInit.ea4e8b91.js:1:19438
Background Script => Content Script: No Rules cs.js:117:11
Object { response: "No Rules" }
cs.js:117:83
[BackgroundConnector] Incoming message SET_PLUGIN_ICON [callback null] contentInit.ea4e8b91.js:1:19438
[BackgroundConnector] Ignored incoming message SET_PLUGIN_ICON [callback null] contentInit.ea4e8b91.js:1:19438

Backend config: 
Object { status: true, name: "Open WebUI", version: "0.3.15", default_locale: "en-US", oauth: {…}, features: {…} }
​	default_locale: "en-US"
​	features: Object { auth: true, auth_trusted_header: false, enable_signup: true, … }
	​​	auth: true
​​		auth_trusted_header: false
	​​	enable_login_form: true
	​​	enable_signup: true
​​	​name: "Open WebUI"
​	oauth: Object { providers: {…} }
		providers: Object { oidc: "SSO" }
​	status: true
​	version: "0.3.15"
​
+layout.svelte:88:11
connected +layout.svelte:123:13
Wake Lock released +layout.svelte:69:13

Docker Container Logs:

INFO:     connection closed
Unknown session ID MTDz1XtMJhUYwiewAABr disconnected
INFO:     ::ffff:192.168.50.145:0 - "GET /oauth/oidc/login HTTP/1.1" 302 Found
INFO:     ::ffff:192.168.50.145:0 - "GET /oauth/oidc/callback?code=P...zC-r&state=P...o&iss=https%3A%2F%2Fmy-oidc-domain%2Foidc HTTP/1.1" 307 Temporary Redirect
INFO:     ::ffff:192.168.50.145:0 - "GET /auth HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/entry/start.Dj2W450B.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/entry.BYvGXoi3.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/scheduler.xB4Uqu29.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DICEf8yr.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DGik1r6k.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/entry/app.CfVsqRMV.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/preload-helper.D6kgxu3v.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /favicon.png HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/globals.D0QH3NT1.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DQgT1ohU.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/each.cMwLPhlt.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/stores.C2k7M8nz.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/0.CZ4Me7eC.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /static/splash.png HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/spread.CgU5AtxT.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/assets/Toaster.CqNDpgoD.css HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/Toaster.svelte_svelte_type_style_lang.DdmUSQVw.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DlUqw9s3.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.CQp4Ct24.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.OG9L9V7v.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.BM9AyBiR.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/sha256.CRlV3BEV.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/___vite-browser-external_commonjs-proxy.CACKpa8-.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/assets/0.DG44fyd2.css HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/_commonjsHelpers.BosuxZz1.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/1.CZaVXi0C.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/Spinner.BRQF0mwM.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/25.CHTfyu0y.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /api/config HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /manifest.json HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /favicon.png HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fp8 HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/0.CZ4Me7eC.js.map HTTP/1.1" 304 Not Modified
INFO:     ::ffff:192.168.50.145:0 - "GET /static/favicon.png HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/translation.Drp9AymD.js HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /assets/fonts/Archivo-Variable.ttf HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "POST /ws/socket.io/?EIO=4&transport=polling&t=P77_fqY&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fqZ&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK
INFO:     ('::ffff:192.168.50.145', 0) - "WebSocket /ws/socket.io/?EIO=4&transport=websocket&sid=Bcj23gOj3B2n0XbFAABs" [accepted]
INFO:     connection open
INFO:     ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fsW&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /static/favicon.png HTTP/1.1" 200 OK
INFO:     ::ffff:192.168.50.145:0 - "GET /assets/fonts/Inter-Variable.ttf HTTP/1.1" 200 OK
Originally created by @skerit on GitHub (Sep 6, 2024). # Bug Report ## Installation Method I used Docker ## Environment - **Open WebUI Version:** v0.3.19 - **Operating System:** Endeavour Linux - **Browser (if applicable):** Firefox 130 **Confirmation:** - [x] I have read and followed all the instructions provided in the README.md. - [x] I am on the latest version of both Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below. ## Expected Behavior: I expect to login with my OIDC provider ## Actual Behavior: I do not get logged in. ## Description **Bug Summary:** My user does correctly receive an OAUTH id when I look in the admin panel. The final redirect to Open-webui's `/auth` page also sets a null cookie: ``` set-cookie oui-session=null; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; httponly; samesite=lax ``` Sometimes it does set a non-null cookie that doesn't expire in the past, but even then I still don't actually get logged in. ## Reproduction Details **Steps to Reproduce:** Configure Open-webui with OIDC: ``` docker run -d -p 8508:8080 \ -v open-webui:/app/backend/data \ -e OPENAI_API_BASE_URLS="https://my-provider-domain/v1" \ -e OPENAI_API_KEYS="openai_keys" \ -e OPENID_PROVIDER_URL="https://my-provider-domain/oidc/.well-known/openid-configuration" \ -e OAUTH_CLIENT_ID="open-web-ui" \ -e OAUTH_CLIENT_SECRET="1...abc" \ -e OAUTH_MERGE_ACCOUNTS_BY_EMAIL="True" \ -e OAUTH_SCOPES="openid email profile offline_access" \ --name open-webui \ --restart always \ ghcr.io/open-webui/open-webui:main ``` I'm using the `node-oidc-provider` NPM package as the OIDC provider. It works fine for other OAuth applications (like Netbird) I've tried several configurations (and combinations of these all): - grant types: authorization_code, implicit, refresh_token - response_types: code, id_token, none - auth method: client secret (basic) and client secret (post). client secret with JWT just makes Open-webui throw a "email/password is wrong" error - oidc scope: `openid email profile` and `openid email profile offline_access` (I added offline_access because that's what's working with Netbird) I do not have the "Trusted headers" setup configured. If I understand the docs correctly, it's not required either? ## Logs and Screenshots **Browser Console Logs:** ``` Socket undefined disconnected due to transport close 0.CZ4Me7eC.js:1:80603 Additional details: Object { description: "websocket connection closed", context: close } 0.CZ4Me7eC.js:1:80662 Removing unpermitted intrinsics lockdown-install.js:1:52832 [VDContentController] initializing VDPlugin contentInit.ea4e8b91.js:1:19438 [BackgroundConnector] Sending message GET_LISTING [callback 0f23f4a7-81e4-45b1-83ba-9b685842b960] to background contentInit.ea4e8b91.js:1:19438 [VDContentController] Updating Login State... contentInit.ea4e8b91.js:1:19438 [BackgroundConnector] Sending message GET_ME [callback 6562ec69-4011-4fc7-989f-165d7374dcfd] to background contentInit.ea4e8b91.js:1:19438 [BackgroundConnector] Incoming message GET_ME [callback 6562ec69-4011-4fc7-989f-165d7374dcfd] contentInit.ea4e8b91.js:1:19438 Initializing content script cs.js:145:10 [BackgroundConnector] Incoming message GET_LISTING [callback 0f23f4a7-81e4-45b1-83ba-9b685842b960] contentInit.ea4e8b91.js:1:19438 [VDContentController] Updated Listing: null contentInit.ea4e8b91.js:1:19438 [BackgroundConnector] Sending message SET_PLUGIN_ICON [callback null] to background contentInit.ea4e8b91.js:1:19438 Background Script => Content Script: No Rules cs.js:117:11 Object { response: "No Rules" } cs.js:117:83 [BackgroundConnector] Incoming message SET_PLUGIN_ICON [callback null] contentInit.ea4e8b91.js:1:19438 [BackgroundConnector] Ignored incoming message SET_PLUGIN_ICON [callback null] contentInit.ea4e8b91.js:1:19438 Backend config: Object { status: true, name: "Open WebUI", version: "0.3.15", default_locale: "en-US", oauth: {…}, features: {…} } ​ default_locale: "en-US" ​ features: Object { auth: true, auth_trusted_header: false, enable_signup: true, … } ​​ auth: true ​​ auth_trusted_header: false ​​ enable_login_form: true ​​ enable_signup: true ​​ ​name: "Open WebUI" ​ oauth: Object { providers: {…} } providers: Object { oidc: "SSO" } ​ status: true ​ version: "0.3.15" ​ +layout.svelte:88:11 connected +layout.svelte:123:13 Wake Lock released +layout.svelte:69:13 ``` **Docker Container Logs:** ``` INFO: connection closed Unknown session ID MTDz1XtMJhUYwiewAABr disconnected INFO: ::ffff:192.168.50.145:0 - "GET /oauth/oidc/login HTTP/1.1" 302 Found INFO: ::ffff:192.168.50.145:0 - "GET /oauth/oidc/callback?code=P...zC-r&state=P...o&iss=https%3A%2F%2Fmy-oidc-domain%2Foidc HTTP/1.1" 307 Temporary Redirect INFO: ::ffff:192.168.50.145:0 - "GET /auth HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/entry/start.Dj2W450B.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/entry.BYvGXoi3.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/scheduler.xB4Uqu29.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DICEf8yr.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DGik1r6k.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/entry/app.CfVsqRMV.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/preload-helper.D6kgxu3v.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /favicon.png HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/globals.D0QH3NT1.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DQgT1ohU.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/each.cMwLPhlt.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/stores.C2k7M8nz.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/0.CZ4Me7eC.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /static/splash.png HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/spread.CgU5AtxT.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/assets/Toaster.CqNDpgoD.css HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/Toaster.svelte_svelte_type_style_lang.DdmUSQVw.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.DlUqw9s3.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.CQp4Ct24.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.OG9L9V7v.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/index.BM9AyBiR.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/sha256.CRlV3BEV.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/___vite-browser-external_commonjs-proxy.CACKpa8-.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/assets/0.DG44fyd2.css HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/_commonjsHelpers.BosuxZz1.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/1.CZaVXi0C.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/Spinner.BRQF0mwM.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/25.CHTfyu0y.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /api/config HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /manifest.json HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /favicon.png HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fp8 HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/nodes/0.CZ4Me7eC.js.map HTTP/1.1" 304 Not Modified INFO: ::ffff:192.168.50.145:0 - "GET /static/favicon.png HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /_app/immutable/chunks/translation.Drp9AymD.js HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /assets/fonts/Archivo-Variable.ttf HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "POST /ws/socket.io/?EIO=4&transport=polling&t=P77_fqY&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fqZ&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK INFO: ('::ffff:192.168.50.145', 0) - "WebSocket /ws/socket.io/?EIO=4&transport=websocket&sid=Bcj23gOj3B2n0XbFAABs" [accepted] INFO: connection open INFO: ::ffff:192.168.50.145:0 - "GET /ws/socket.io/?EIO=4&transport=polling&t=P77_fsW&sid=Bcj23gOj3B2n0XbFAABs HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /static/favicon.png HTTP/1.1" 200 OK INFO: ::ffff:192.168.50.145:0 - "GET /assets/fonts/Inter-Variable.ttf HTTP/1.1" 200 OK ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#2007
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?