github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-03-11 00:04:08 -05:00
Code Issues 308 Packages Projects Releases 100 Wiki Activity

issue: MCP OAuth 2.1 client registration fails when policy_uri, client_uri, logo_uri or tos_uri are not set #6890

New Issue
Open
opened 2025-11-11 17:08:46 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-11 17:08:46 -06:00
Owner
Copy Link

Originally created by @xqqp on GitHub (Nov 11, 2025).

Check Existing Issues

  • I have searched for any existing and/or related issues.
  • I have searched for any existing and/or related discussions.
  • I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!).
  • I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.36

Ollama Version (if applicable)

No response

Operating System

Linux

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

MCP OAuth 2.1 does not fail when policy_uri, client_uri, logo_uri or tos_uri are left empty.

Actual Behavior

Registration of a new tool server via MCP streamable HTTP with OAuth 2.1 client discovery fails if the OAuth server responds with client information containing empty URLs for policy_uri, client_uri, logo_uri or tos_uri .

Steps to Reproduce

  1. Have an oauth server which does not set at least one of the mentioned URLs (Ory Hydra).
  2. Go to admin settings
  3. Go to External Tools
  4. Add a new tool server
  5. Change Type to MCP streamable HTTP
  6. Put in base url
  7. Change Auth to OAuth 2.1
  8. Put in a id
  9. Click register client
  10. Observe that registration fails and see the logs in stdout

Logs & Screenshots

open-webui | 2025-11-11 11:37:07.770 | ERROR | open_webui.utils.oauth:get_oauth_client_info_with_dynamic_client_registration:354 - Error parsing client registration response: 4 validation errors for OAuthClientInformationFull
open-webui | client_uri
open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str]
open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing
open-webui | logo_uri
open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str]
open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing
open-webui | tos_uri
open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str]
open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing
open-webui | policy_uri
open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str]
open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing
open-webui | 2025-11-11 11:37:07.770 | ERROR | open_webui.utils.oauth:get_oauth_client_info_with_dynamic_client_registration:362 - Exception during dynamic client registration: Dynamic client registration failed

Additional Information

The mentioned URLs should be just ignored, while parsing the client information, as they are not necessary for the OAuth client to function.

Originally created by @xqqp on GitHub (Nov 11, 2025). ### Check Existing Issues - [x] I have searched for any existing and/or related issues. - [x] I have searched for any existing and/or related discussions. - [x] I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!). - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.36 ### Ollama Version (if applicable) _No response_ ### Operating System Linux ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior MCP OAuth 2.1 does not fail when policy_uri, client_uri, logo_uri or tos_uri are left empty. ### Actual Behavior Registration of a new tool server via MCP streamable HTTP with OAuth 2.1 client discovery fails if the OAuth server responds with client information containing empty URLs for policy_uri, client_uri, logo_uri or tos_uri . ### Steps to Reproduce 1. Have an oauth server which does not set at least one of the mentioned URLs (Ory Hydra). 2. Go to admin settings 3. Go to External Tools 4. Add a new tool server 5. Change Type to MCP streamable HTTP 6. Put in base url 7. Change Auth to OAuth 2.1 8. Put in a id 9. Click register client 10. Observe that registration fails and see the logs in stdout ### Logs & Screenshots open-webui | 2025-11-11 11:37:07.770 | ERROR | open_webui.utils.oauth:get_oauth_client_info_with_dynamic_client_registration:354 - Error parsing client registration response: 4 validation errors for OAuthClientInformationFull open-webui | client_uri open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str] open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing open-webui | logo_uri open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str] open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing open-webui | tos_uri open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str] open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing open-webui | policy_uri open-webui | Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str] open-webui | For further information visit https://errors.pydantic.dev/2.11/v/url_parsing open-webui | 2025-11-11 11:37:07.770 | ERROR | open_webui.utils.oauth:get_oauth_client_info_with_dynamic_client_registration:362 - Exception during dynamic client registration: Dynamic client registration failed ### Additional Information The mentioned URLs should be just ignored, while parsing the client information, as they are not necessary for the OAuth client to function.
GiteaMirror added the bug label 2025-11-11 17:08:46 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#6890
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?