github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-08 04:16:03 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #14415] issue: SSO with 0.6.11 fails #32773

New Issue
Closed
opened 2026-04-25 06:38:07 -05:00 by GiteaMirror · 9 comments
GiteaMirror commented 2026-04-25 06:38:07 -05:00
Owner
Copy Link

Originally created by @pierrelouisbescond on GitHub (May 27, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/14415

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Git Clone

Open WebUI Version

0.6.11

Ollama Version (if applicable)

N/A

Operating System

Ubuntu 22.04

Browser (if applicable)

Edge/Chrome

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Connection through SSO (Microsoft) should work as for the previous versions (0.6.9, 0.6.10).

Actual Behavior

During the authentication process, we end up with a "Hmmm… can't reach this page / localhost refused to connect."

Image

Steps to Reproduce

I just clicked on the "Continue with Microsoft" button:
Image

The issue was reproduced with different PCs / Network.
Connection through login/pwd works perfectly.

Logs & Screenshots

2025-05-27T16:11:21.548202050Z 2025-05-27 16:11:21.548 | INFO | httpx._client:_send_single_request:1740 - HTTP Request: POST https://login.microsoftonline.com/XXXXXXXXXXXXXXXXXXXXXXXX/oauth2/v2.0/token "HTTP/1.1 200 OK" - {}
2025-05-27T16:11:21.555230374Z 2025-05-27 16:11:21.555 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 91.161.14.176:0 - "GET /oauth/microsoft/callback?code=1.AXkA0voiWEnLu[...]8uKzlrcw&state=VLBVTEB[...]vM61&session_state=005071d[...]ce83b3bf026a HTTP/1.1" 307 - {}

Additional Information

Available to conduct further tests.
I've read that some improvements were made regarding the token expiration and UI silently failing. It might be linked to it.

Originally created by @pierrelouisbescond on GitHub (May 27, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/14415 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Git Clone ### Open WebUI Version 0.6.11 ### Ollama Version (if applicable) N/A ### Operating System Ubuntu 22.04 ### Browser (if applicable) Edge/Chrome ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Connection through SSO (Microsoft) should work as for the previous versions (0.6.9, 0.6.10). ### Actual Behavior During the authentication process, we end up with a "Hmmm… can't reach this page / localhost refused to connect." ![Image](https://github.com/user-attachments/assets/92d0dddc-ae6c-45cd-b551-2163f0c25f86) ### Steps to Reproduce I just clicked on the "Continue with Microsoft" button: ![Image](https://github.com/user-attachments/assets/6a229abd-288d-4b86-a33c-4d1d033c5c48) The issue was reproduced with different PCs / Network. Connection through login/pwd works perfectly. ### Logs & Screenshots 2025-05-27T16:11:21.548202050Z 2025-05-27 16:11:21.548 | INFO | httpx._client:_send_single_request:1740 - HTTP Request: POST https://login.microsoftonline.com/XXXXXXXXXXXXXXXXXXXXXXXX/oauth2/v2.0/token "HTTP/1.1 200 OK" - {} 2025-05-27T16:11:21.555230374Z 2025-05-27 16:11:21.555 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 91.161.14.176:0 - "GET /oauth/microsoft/callback?code=1.AXkA0voiWEnLu[...]8uKzlrcw&state=VLBVTEB[...]vM61&session_state=005071d[...]ce83b3bf026a HTTP/1.1" 307 - {} ### Additional Information Available to conduct further tests. I've read that some improvements were made regarding [the token expiration and UI silently failing](https://github.com/open-webui/open-webui/issues/5866#issuecomment-2825136540). It might be linked to it.
GiteaMirror added the bug label 2026-04-25 06:38:08 -05:00
GiteaMirror commented 2026-04-25 06:38:10 -05:00
Author
Owner
Copy Link

@rgaricano commented on GitHub (May 27, 2025):

did you try cleaning cookie?

<!-- gh-comment-id:2913285020 --> @rgaricano commented on GitHub (May 27, 2025): did you try cleaning cookie?
GiteaMirror commented 2026-04-25 06:38:10 -05:00
Author
Owner
Copy Link

@tylermiranda commented on GitHub (May 27, 2025):

same issue using Cloudflare SSO

<!-- gh-comment-id:2913328008 --> @tylermiranda commented on GitHub (May 27, 2025): same issue using Cloudflare SSO
GiteaMirror commented 2026-04-25 06:38:11 -05:00
Author
Owner
Copy Link

@pierrelouisbescond commented on GitHub (May 27, 2025):

did you try cleaning cookie?

Yes, tested with cookies cleaned or private mode, same issue.

<!-- gh-comment-id:2913339918 --> @pierrelouisbescond commented on GitHub (May 27, 2025): > did you try cleaning cookie? Yes, tested with cookies cleaned or private mode, same issue.
GiteaMirror commented 2026-04-25 06:38:11 -05:00
Author
Owner
Copy Link

@Ithanil commented on GitHub (May 27, 2025):

AFAIK now WEBUI_URL needs to be set correctly (either initially via ENV or via UI, because it's a PersistentConfig).

<!-- gh-comment-id:2913443968 --> @Ithanil commented on GitHub (May 27, 2025): AFAIK now WEBUI_URL needs to be set correctly (either initially via ENV or via UI, because it's a PersistentConfig).
GiteaMirror commented 2026-04-25 06:38:12 -05:00
Author
Owner
Copy Link

@beastech commented on GitHub (May 27, 2025):

Roll back to 0.6.10, go under admin\settings and scroll down to WebUI URL and manually enter it. Save it, then update to 0.6.11 and see if that resolves it for you.

<!-- gh-comment-id:2913654249 --> @beastech commented on GitHub (May 27, 2025): Roll back to 0.6.10, go under admin\settings and scroll down to WebUI URL and manually enter it. Save it, then update to 0.6.11 and see if that resolves it for you.
GiteaMirror commented 2026-04-25 06:38:12 -05:00
Author
Owner
Copy Link

@pierrelouisbescond commented on GitHub (May 27, 2025):

Roll back to 0.6.10, go under admin\settings and scroll down to WebUI URL and manually enter it. Save it, then update to 0.6.11 and see if that resolves it for you.

@Ithanil @beastech Setting the WEBUI_URL through env variable up did not solve the issue, but setting it up through the UI did.

PS: I do not need to roll-back to 6.10 as I also have a user/pwd access

<!-- gh-comment-id:2913683285 --> @pierrelouisbescond commented on GitHub (May 27, 2025): > Roll back to 0.6.10, go under admin\settings and scroll down to WebUI URL and manually enter it. Save it, then update to 0.6.11 and see if that resolves it for you. @Ithanil @beastech Setting the WEBUI_URL through env variable up did not solve the issue, but setting it up through the UI did. PS: I do not need to roll-back to 6.10 as I also have a user/pwd access
GiteaMirror commented 2026-04-25 06:38:13 -05:00
Author
Owner
Copy Link

@tylermiranda commented on GitHub (May 27, 2025):

yeah my web_url has been set correctly from the get go and I have this issue

<!-- gh-comment-id:2913718150 --> @tylermiranda commented on GitHub (May 27, 2025): yeah my web_url has been set correctly from the get go and I have this issue
GiteaMirror commented 2026-04-25 06:38:14 -05:00
Author
Owner
Copy Link

@Ithanil commented on GitHub (May 27, 2025):

Hmm that's strange. Then all I can say it apparently doesn't affect all OIDC setups. :-(

Still would suspect d4c3cfbaba (which was added instead of https://github.com/open-webui/open-webui/pull/14053)

<!-- gh-comment-id:2913734802 --> @Ithanil commented on GitHub (May 27, 2025): Hmm that's strange. Then all I can say it apparently doesn't affect all OIDC setups. :-( Still would suspect https://github.com/open-webui/open-webui/commit/d4c3cfbabaa74ff535a6bbb047fbafd6cf3db53f (which was added instead of https://github.com/open-webui/open-webui/pull/14053)
GiteaMirror commented 2026-04-25 06:38:15 -05:00
Author
Owner
Copy Link

@Zyfax commented on GitHub (May 27, 2025):

I have testet in latest main and dev with Google OAuth and self-hosted KeyCloak and both of them are working fine.

But.. WebUI URL has to be correct as @Ithanil mention.
Double check under Admin Panel > Settings > General > WebUI URL is the same url used to access OI.
If it does not match, the redirect will fail.

Image
Image

<!-- gh-comment-id:2913844273 --> @Zyfax commented on GitHub (May 27, 2025): I have testet in latest main and dev with Google OAuth and self-hosted KeyCloak and both of them are working fine. But.. WebUI URL has to be correct as @Ithanil mention. Double check under Admin Panel > Settings > General > WebUI URL is the same url used to access OI. If it does not match, the redirect will fail. ![Image](https://github.com/user-attachments/assets/16a8ca28-9d42-4d15-bd3c-6eb54d1d6678) ![Image](https://github.com/user-attachments/assets/881848ac-70cb-431f-bb84-26fce082d860)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#32773
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?