github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-03-22 14:13:08 -05:00
Code Issues 308 Packages Projects Releases 100 Wiki Activity

issue: v0.6.11 broke Authelia oauth #5658

New Issue
Closed
opened 2025-11-11 16:27:43 -06:00 by GiteaMirror · 4 comments
GiteaMirror commented 2025-11-11 16:27:43 -06:00
Owner
Copy Link

Originally created by @zbejas on GitHub (Jun 28, 2025).

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Git Clone

Open WebUI Version

Everything above v0.6.11

Ollama Version (if applicable)

No response

Operating System

Docker

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

I had an Authelia setup configured from their wiki, that worked up until v0.6.11. After this updating to anything above v0.6.10 sets OAuth callback to localhost:<port>.

Actual Behavior

In the logs, you can see the domain that is supposed to be used for callback, but after successful login you get redirected to: https://localhost:<port>/auth#token=abc instead of https://<domain>/auth#token=abc

Steps to Reproduce

  1. Set up Authelia
  2. Try to log in.

Logs & Screenshots

open-webui  | 2025-06-28 04:29:09.083 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 31.15.169.82:0 - "GET /oauth/oidc/callback?code=authelia_ac_7EojqFEXmT8y1iRJvzjzMr3f9iWhBfpM_WNTn3Dg9So.3dx80DpHv8BEMG44x6JU67HSbfC4pX1yEWMEVvnZap8&iss=https%3A%2F%2F<domain>&scope=openid+profile+groups+email&state=BXqYeFQs4vg8a35hnQ3xV38d1oj9Op HTTP/1.1" 307 - {}

Additional Information

No response

Originally created by @zbejas on GitHub (Jun 28, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Git Clone ### Open WebUI Version Everything above v0.6.11 ### Ollama Version (if applicable) _No response_ ### Operating System Docker ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior I had an Authelia setup configured from their wiki, that worked up until `v0.6.11`. After this updating to anything above `v0.6.10` sets OAuth callback to `localhost:<port>`. ### Actual Behavior In the logs, you can see the domain that is supposed to be used for callback, but after successful login you get redirected to: `https://localhost:<port>/auth#token=abc` instead of `https://<domain>/auth#token=abc` ### Steps to Reproduce 1. Set up [Authelia](https://www.authelia.com/integration/openid-connect/open-webui/) 2. Try to log in. ### Logs & Screenshots ``` open-webui | 2025-06-28 04:29:09.083 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 31.15.169.82:0 - "GET /oauth/oidc/callback?code=authelia_ac_7EojqFEXmT8y1iRJvzjzMr3f9iWhBfpM_WNTn3Dg9So.3dx80DpHv8BEMG44x6JU67HSbfC4pX1yEWMEVvnZap8&iss=https%3A%2F%2F<domain>&scope=openid+profile+groups+email&state=BXqYeFQs4vg8a35hnQ3xV38d1oj9Op HTTP/1.1" 307 - {} ``` ### Additional Information _No response_
GiteaMirror added the bug label 2025-11-11 16:27:43 -06:00
GiteaMirror commented 2025-11-11 16:27:44 -06:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Jun 28, 2025):

PLEASE read the changelogs and search for existing issues/discussions, WEBUI_URL is now used for redirect url.

@tjbck commented on GitHub (Jun 28, 2025): PLEASE read the changelogs and search for existing issues/discussions, `WEBUI_URL` is now used for redirect url.
GiteaMirror commented 2025-11-11 16:27:45 -06:00
Author
Owner
Copy Link

@zbejas commented on GitHub (Jun 28, 2025):

PLEASE read the changelogs and search for existing issues/discussions, WEBUI_URL is now used for redirect url.

I'm sorry for not providing my env variables.

    environment:
      - TZ=Europe/Ljubljana
      - ENV=dev
      - ENABLE_OAUTH_SIGNUP=true
      - OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true
      - OAUTH_CLIENT_ID=open-webui
      - OAUTH_CLIENT_SECRET=${AUTHELIA_SECRET}
      - OPENID_PROVIDER_URL=https://auth.domain.com/.well-known/openid-configuration
      - WEBUI_URL=https://chat.domain.com
      - OAUTH_PROVIDER_NAME=Authelia
      - OAUTH_SCOPES=openid profile groups email
      - ENABLE_OAUTH_ROLE_MANAGEMENT=true
      - OAUTH_ALLOWED_ROLES=default
      - OAUTH_ADMIN_ROLES=openwebui-admin,admins
      - OAUTH_ROLES_CLAIM=groups
      - ENABLE_LOGIN_FORM=false

I already had this URL set in the environment. Changing WEBUI_URL does not help. Still getting redirected to localhost, no matter what I put there.

@zbejas commented on GitHub (Jun 28, 2025): > PLEASE read the changelogs and search for existing issues/discussions, `WEBUI_URL` is now used for redirect url. I'm sorry for not providing my env variables. ```yaml environment: - TZ=Europe/Ljubljana - ENV=dev - ENABLE_OAUTH_SIGNUP=true - OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true - OAUTH_CLIENT_ID=open-webui - OAUTH_CLIENT_SECRET=${AUTHELIA_SECRET} - OPENID_PROVIDER_URL=https://auth.domain.com/.well-known/openid-configuration - WEBUI_URL=https://chat.domain.com - OAUTH_PROVIDER_NAME=Authelia - OAUTH_SCOPES=openid profile groups email - ENABLE_OAUTH_ROLE_MANAGEMENT=true - OAUTH_ALLOWED_ROLES=default - OAUTH_ADMIN_ROLES=openwebui-admin,admins - OAUTH_ROLES_CLAIM=groups - ENABLE_LOGIN_FORM=false ``` I already had this URL set in the environment. Changing `WEBUI_URL` does not help. Still getting redirected to localhost, no matter what I put there.
GiteaMirror commented 2025-11-11 16:27:45 -06:00
Author
Owner
Copy Link

@tjbck commented on GitHub (Jun 28, 2025):

WEBUI_URL is a PersistentConfig. Please check for existing discussions and our docs.

https://docs.openwebui.com/getting-started/env-configuration/#webui_url

@tjbck commented on GitHub (Jun 28, 2025): `WEBUI_URL` is a PersistentConfig. Please check for existing discussions and our docs. https://docs.openwebui.com/getting-started/env-configuration/#webui_url
GiteaMirror commented 2025-11-11 16:27:45 -06:00
Author
Owner
Copy Link

@zbejas commented on GitHub (Jun 28, 2025):

WEBUI_URL is a PersistentConfig. Please check for existing discussions and our docs.

https://docs.openwebui.com/getting-started/env-configuration/#webui_url

Missed that if it was mentioned in the changelogs. Now that I've set the matching URL in both the environment and in the panel settings, it works back as intended.

Thanks for pointing me in the right direction.

@zbejas commented on GitHub (Jun 28, 2025): > `WEBUI_URL` is a PersistentConfig. Please check for existing discussions and our docs. > > https://docs.openwebui.com/getting-started/env-configuration/#webui_url Missed that if it was mentioned in the changelogs. Now that I've set the matching URL in both the environment and in the panel settings, it works back as intended. Thanks for pointing me in the right direction.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#5658
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?