[GH-ISSUE #16655] feat: ENABLE_API_KEY admin only #33525

New Issue

Closed

opened 2026-04-25 07:26:11 -05:00 by GiteaMirror · 7 comments

GiteaMirror commented 2026-04-25 07:26:11 -05:00

Owner

Copy Link

Originally created by @ncecere on GitHub (Aug 16, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/16655

Check Existing Issues

• I have searched the existing issues and discussions.

Problem Description

I have started work on a terraform provider for open web ui. I'm not sure if this is possible but having the ability for lock down the api to Admin only API keys would be great. Or the abilty to target endpoints to roles. like..

API_KEY_ALLOWED_ENDPOINTS_ADMIN

API_KEY_ALLOWED_ENDPOINTS_USER

If this exists or is already possible I haven't seen it documented

Desired Solution you'd like

Ability to lock the API down to Admin Keys only

API_KEY_ALLOWED_ENDPOINTS_ADMIN

API_KEY_ALLOWED_ENDPOINTS_USER

Alternatives Considered

Ability to define API endpoints by user Role

API_KEY_ALLOWED_ENDPOINTS_ADMIN

API_KEY_ALLOWED_ENDPOINTS_USER

Additional Context

No response

Originally created by @ncecere on GitHub (Aug 16, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/16655 ### Check Existing Issues - [x] I have searched the existing issues and discussions. ### Problem Description I have started work on a terraform provider for open web ui. I'm not sure if this is possible but having the ability for lock down the api to Admin only API keys would be great. Or the abilty to target endpoints to roles. like.. API_KEY_ALLOWED_ENDPOINTS_ADMIN API_KEY_ALLOWED_ENDPOINTS_USER If this exists or is already possible I haven't seen it documented ### Desired Solution you'd like Ability to lock the API down to Admin Keys only API_KEY_ALLOWED_ENDPOINTS_ADMIN API_KEY_ALLOWED_ENDPOINTS_USER ### Alternatives Considered Ability to define API endpoints by user Role API_KEY_ALLOWED_ENDPOINTS_ADMIN API_KEY_ALLOWED_ENDPOINTS_USER ### Additional Context _No response_

GiteaMirror closed this issue 2026-04-25 07:26:12 -05:00

GiteaMirror commented 2026-04-25 07:26:12 -05:00

Author

Owner

Copy Link

@Ark-Levy commented on GitHub (Sep 11, 2025):

@tjbck can you tell me more about why you chose to close this issue ?

I would like to create technical api keys in admin the pannel. My purpose is to purge data automaticly via api.
I don't want my users to use api keys.

Do you think it is a good idea ?

<!-- gh-comment-id:3281285840 --> @Ark-Levy commented on GitHub (Sep 11, 2025): @tjbck can you tell me more about why you chose to close this issue ? I would like to create technical api keys in admin the pannel. My purpose is to purge data automaticly via api. I don't want my users to use api keys. Do you think it is a good idea ?

GiteaMirror commented 2026-04-25 07:26:12 -05:00

Author

Owner

Copy Link

@Classic298 commented on GitHub (Sep 11, 2025):

users can always use the API anyways (and only the user endpoints / endpoints they have access to)

for purging data / pruning data (you mean #16520 ? or what do you mean?)

<!-- gh-comment-id:3281780212 --> @Classic298 commented on GitHub (Sep 11, 2025): users can always use the API anyways (and only the user endpoints / endpoints they have access to) for purging data / pruning data (you mean #16520 ? or what do you mean?)

GiteaMirror commented 2026-04-25 07:26:13 -05:00

Author

Owner

Copy Link

@Ark-Levy commented on GitHub (Sep 12, 2025):

@Classic298 If ApiKey is disabled in admin pannel, no one can use the key.
I want to allow admin only keys. I'll check yout issue #16520

<!-- gh-comment-id:3284040993 --> @Ark-Levy commented on GitHub (Sep 12, 2025): @Classic298 If ApiKey is disabled in admin pannel, no one can use the key. I want to allow admin only keys. I'll check yout issue #16520

GiteaMirror commented 2026-04-25 07:26:13 -05:00

Author

Owner

Copy Link

@Classic298 commented on GitHub (Sep 14, 2025):

I understand. I think a setting via env var and perhaps also a toggle in the admin panel can easily be implemented, do you want to create a PR for this?

<!-- gh-comment-id:3289401002 --> @Classic298 commented on GitHub (Sep 14, 2025): I understand. I think a setting via env var and perhaps also a toggle in the admin panel can easily be implemented, do you want to create a PR for this?

GiteaMirror commented 2026-04-25 07:26:14 -05:00

Author

Owner

Copy Link

@brtptrs commented on GitHub (Oct 27, 2025):

It would be great if ENABLE_API_KEY could be set via group permissions

<!-- gh-comment-id:3449996471 --> @brtptrs commented on GitHub (Oct 27, 2025): It would be great if ENABLE_API_KEY could be set via group permissions

GiteaMirror commented 2026-04-25 07:26:14 -05:00

Author

Owner

Copy Link

@brtptrs commented on GitHub (Oct 29, 2025):

I found this pr
https://github.com/open-webui/open-webui/pull/18336#issue-3514781852

It would be great if ENABLE_API_KEY could be set via group permissions

<!-- gh-comment-id:3461116718 --> @brtptrs commented on GitHub (Oct 29, 2025): I found this pr https://github.com/open-webui/open-webui/pull/18336#issue-3514781852 > It would be great if ENABLE_API_KEY could be set via group permissions

GiteaMirror commented 2026-04-25 07:26:15 -05:00

Author

Owner

Copy Link

@R-Rausch commented on GitHub (Oct 29, 2025):

It would be great if ENABLE_API_KEY could be set via group permissions, which would make things easier for everyone.

<!-- gh-comment-id:3461315119 --> @R-Rausch commented on GitHub (Oct 29, 2025): It would be great if ENABLE_API_KEY could be set via group permissions, which would make things easier for everyone.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#33525