github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-08 04:16:03 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

OpenID Connect SSO stopped working correctly #5493

New Issue
Closed
opened 2025-11-11 16:22:35 -06:00 by GiteaMirror · 1 comment
GiteaMirror commented 2025-11-11 16:22:35 -06:00
Owner
Copy Link

Originally created by @Externalnet on GitHub (Jun 10, 2025).

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Git Clone

Open WebUI Version

latest version

Ollama Version (if applicable)

No response

Operating System

Debian 12

Browser (if applicable)

Latest Google Chrome

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Succesfull redirect to the correct URL (Not localhost:3000) after OpenID Connect SSO

Actual Behavior

Open ID Connect SSO stopped working

I have this config ->

ENV=prod
ENABLE_OLLAMA_API=true
OLLAMA_BASE_URL=http://localhost:11434
ENABLE_OAUTH_SIGNUP=true
ENABLE_LOGIN_FORM=false
ENABLE_SIGNUP=false
OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true
OAUTH_CLIENT_ID='<KEY>'
OAUTH_CLIENT_SECRET='<SECRET>'
OPENID_PROVIDER_URL='https://<IDP_FQDN>/.well-known/openid-configuration'
OPENID_REDIRECT_URI='https://<OPEN-WEBUI_FQDN>/oauth/oidc/callback'
OAUTH_PROVIDER_NAME='<IDP Name>'
OAUTH_SCOPES='openid email profile'

The redirect URL opens like this (of course localhost is unreachable in this way)

Image

It should not open with "localhost:3000" but with the <OPENID_REDIRECT> Url

Steps to Reproduce

Make a OpenID Connect configuration with an existing IDP (Identity Provider)->

ENV=prod
ENABLE_OLLAMA_API=true
OLLAMA_BASE_URL=http://localhost:11434
ENABLE_OAUTH_SIGNUP=true
ENABLE_LOGIN_FORM=false
ENABLE_SIGNUP=false
OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true
OAUTH_CLIENT_ID='<KEY>'
OAUTH_CLIENT_SECRET='<SECRET>'
OPENID_PROVIDER_URL='https://<IDP_FQDN>/.well-known/openid-configuration'
OPENID_REDIRECT_URI='https://<OPEN-WEBUI_FQDN>/oauth/oidc/callback'
OAUTH_PROVIDER_NAME='<IDP Name>'
OAUTH_SCOPES='openid email profile'

The redirect URL opens like this (of course localhost is unreachable in this way)

Image

It should not open with "localhost:3000" but with the <OPENID_REDIRECT> Url

Logs & Screenshots

Image

Additional Information

Image

Originally created by @Externalnet on GitHub (Jun 10, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Git Clone ### Open WebUI Version latest version ### Ollama Version (if applicable) _No response_ ### Operating System Debian 12 ### Browser (if applicable) Latest Google Chrome ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Succesfull redirect to the correct URL (Not localhost:3000) after OpenID Connect SSO ### Actual Behavior Open ID Connect SSO stopped working I have this config -> ``` ENV=prod ENABLE_OLLAMA_API=true OLLAMA_BASE_URL=http://localhost:11434 ENABLE_OAUTH_SIGNUP=true ENABLE_LOGIN_FORM=false ENABLE_SIGNUP=false OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true OAUTH_CLIENT_ID='<KEY>' OAUTH_CLIENT_SECRET='<SECRET>' OPENID_PROVIDER_URL='https://<IDP_FQDN>/.well-known/openid-configuration' OPENID_REDIRECT_URI='https://<OPEN-WEBUI_FQDN>/oauth/oidc/callback' OAUTH_PROVIDER_NAME='<IDP Name>' OAUTH_SCOPES='openid email profile' ``` The redirect URL opens like this (of course localhost is unreachable in this way) ![Image](https://github.com/user-attachments/assets/01d8bf9c-f39a-4f93-9a58-8bb453c12a00) It should not open with "localhost:3000" but with the <OPENID_REDIRECT> Url ### Steps to Reproduce Make a OpenID Connect configuration with an existing IDP (Identity Provider)-> ``` ENV=prod ENABLE_OLLAMA_API=true OLLAMA_BASE_URL=http://localhost:11434 ENABLE_OAUTH_SIGNUP=true ENABLE_LOGIN_FORM=false ENABLE_SIGNUP=false OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true OAUTH_CLIENT_ID='<KEY>' OAUTH_CLIENT_SECRET='<SECRET>' OPENID_PROVIDER_URL='https://<IDP_FQDN>/.well-known/openid-configuration' OPENID_REDIRECT_URI='https://<OPEN-WEBUI_FQDN>/oauth/oidc/callback' OAUTH_PROVIDER_NAME='<IDP Name>' OAUTH_SCOPES='openid email profile' ``` The redirect URL opens like this (of course localhost is unreachable in this way) ![Image](https://github.com/user-attachments/assets/01d8bf9c-f39a-4f93-9a58-8bb453c12a00) It should not open with "localhost:3000" but with the <OPENID_REDIRECT> Url ### Logs & Screenshots ![Image](https://github.com/user-attachments/assets/2ec1ed6f-cccc-40b6-a216-cafc92a3d885) ### Additional Information ![Image](https://github.com/user-attachments/assets/976fd102-1cca-440c-849f-6ebb9a45e01f)
GiteaMirror added the bug label 2025-11-11 16:22:35 -06:00
GiteaMirror commented 2025-11-11 16:22:36 -06:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Jun 10, 2025):

Duplicate, PLEASE check for existing disucssions/issues before creating one instead of just saying you have.

@tjbck commented on GitHub (Jun 10, 2025): Duplicate, PLEASE check for existing disucssions/issues before creating one instead of just saying you have.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#5493
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?