github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-08 12:58:11 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #15499] issue: No sign out redirect with OAuth #33110

New Issue
Closed
opened 2026-04-25 06:59:08 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-25 06:59:08 -05:00
Owner
Copy Link

Originally created by @zomnium on GitHub (Jul 3, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/15499

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Git Clone

Open WebUI Version

v0.6.15

Ollama Version (if applicable)

No response

Operating System

macOS 15.5

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

I expect that WEBUI_AUTH_SIGNOUT_REDIRECT_URL will be used to redirect the user after signing out, also when having ENABLE_OAUTH_SIGNUP set to true for using OAuth/OIDC.

Actual Behavior

  • When ENABLE_OAUTH_SIGNUP is true it will get priority over WEBUI_AUTH_SIGNOUT_REDIRECT_URL.
  • The end_session_endpoint call will get a id_token_hint parameter, but lacks the post_logout_redirect_uri parameter.
  • So when using OAuth/OIDC you won't have a sign out redirect anymore.

Steps to Reproduce

  1. Have an instance with OAuth enabled, set ENABLE_OAUTH_SIGNUP to true and WEBUI_AUTH_SIGNOUT_REDIRECT_URL to a path you want to open after signing out.
  2. Sign in to your account.
  3. Now sign out and you will now get stuck on your OAuth provider's log out page instead of the configured URL.

Logs & Screenshots

Relevant .env config:

ENABLE_PERSISTENT_CONFIG="False"

OAUTH_PROVIDER_NAME="GreenPT"
OAUTH_CLIENT_ID="..."
OAUTH_CLIENT_SECRET="..."

OPENID_PROVIDER_URL="https://.../.well-known/openid-configuration"
OPENID_REDIRECT_URI="http://localhost:8080/oauth/oidc/callback"

ENABLE_OAUTH_SIGNUP="true"
ENABLE_LOGIN_FORM="false"

WEBUI_URL="http://localhost:5173/"
WEBUI_AUTH_SIGNOUT_REDIRECT_URL="http://localhost:5173/"

Additional Information

I'm working on a PR to fix this. Having a condition in the ENABLE_OAUTH_SIGNUP statement checking for WEBUI_AUTH_SIGNOUT_REDIRECT_URL.

When available it will add this URL in the post_logout_redirect_uri parameter in the end_session_endpoint call.

Originally created by @zomnium on GitHub (Jul 3, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/15499 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Git Clone ### Open WebUI Version v0.6.15 ### Ollama Version (if applicable) _No response_ ### Operating System macOS 15.5 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior I expect that `WEBUI_AUTH_SIGNOUT_REDIRECT_URL` will be used to redirect the user after signing out, also when having `ENABLE_OAUTH_SIGNUP` set to `true` for using OAuth/OIDC. ### Actual Behavior - When `ENABLE_OAUTH_SIGNUP` is `true` it will get priority over `WEBUI_AUTH_SIGNOUT_REDIRECT_URL`. - The `end_session_endpoint` call will get a `id_token_hint` parameter, but lacks the `post_logout_redirect_uri` parameter. - So when using OAuth/OIDC you won't have a sign out redirect anymore. ### Steps to Reproduce 1. Have an instance with OAuth enabled, set `ENABLE_OAUTH_SIGNUP` to true and `WEBUI_AUTH_SIGNOUT_REDIRECT_URL` to a path you want to open after signing out. 2. Sign in to your account. 3. Now sign out and you will now get stuck on your OAuth provider's log out page instead of the configured URL. ### Logs & Screenshots Relevant `.env` config: ``` ENABLE_PERSISTENT_CONFIG="False" OAUTH_PROVIDER_NAME="GreenPT" OAUTH_CLIENT_ID="..." OAUTH_CLIENT_SECRET="..." OPENID_PROVIDER_URL="https://.../.well-known/openid-configuration" OPENID_REDIRECT_URI="http://localhost:8080/oauth/oidc/callback" ENABLE_OAUTH_SIGNUP="true" ENABLE_LOGIN_FORM="false" WEBUI_URL="http://localhost:5173/" WEBUI_AUTH_SIGNOUT_REDIRECT_URL="http://localhost:5173/" ``` ### Additional Information I'm working on a PR to fix this. Having a condition in the `ENABLE_OAUTH_SIGNUP` statement checking for `WEBUI_AUTH_SIGNOUT_REDIRECT_URL`. When available it will add this URL in the `post_logout_redirect_uri` parameter in the `end_session_endpoint` call.
GiteaMirror added the bug label 2026-04-25 06:59:08 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#33110
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?