Skip to content

auths

Classes

AuthsClient 

AuthsClient(client: OWUIClientBase)

Bases: ResourceBase

Client for the Auths endpoints.

This client handles authentication operations such as signin, signup, password updates, and administrative configurations.

Used by:
Source code in src/owui_client/client_base.py 
175
176
def __init__(self, client: OWUIClientBase):
    self._client = client

Functions

get_session_user 
get_session_user() -> SessionUserInfoResponse

Get the current session user information.

This endpoint retrieves detailed information about the currently authenticated user, including their profile, permissions, and status.

Returns:

Type Description
SessionUserInfoResponse

SessionUserInfoResponse: Session user information
Source code in src/owui_client/routers/auths.py 
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
async def get_session_user(self) -> SessionUserInfoResponse:
    """
    Get the current session user information.

    This endpoint retrieves detailed information about the currently authenticated user,
    including their profile, permissions, and status.

    Returns:
        `SessionUserInfoResponse`: Session user information
    """
    return await self._request(
        "GET",
        "/v1/auths/",
        model=SessionUserInfoResponse,
    )
update_profile 
update_profile(form_data: UpdateProfileForm) -> UserProfileImageResponse

Update the current user's profile.

Updates the user's name, bio, gender, date of birth, and profile image.

Parameters:

Name Type Description Default
form_data UpdateProfileForm

The profile update information

 required

Returns:

Type Description
UserProfileImageResponse

UserProfileImageResponse: Updated user information
Source code in src/owui_client/routers/auths.py 
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
async def update_profile(
    self, form_data: UpdateProfileForm
) -> UserProfileImageResponse:
    """
    Update the current user's profile.

    Updates the user's name, bio, gender, date of birth, and profile image.

    Args:
        form_data: The profile update information

    Returns:
        `UserProfileImageResponse`: Updated user information
    """
    return await self._request(
        "POST",
        "/v1/auths/update/profile",
        model=UserProfileImageResponse,
        json=form_data.model_dump(),
    )
update_timezone 
update_timezone(form_data: UpdateTimezoneForm) -> bool

Update the current user's timezone.

Updates the user's timezone preference.

Parameters:

Name Type Description Default
form_data UpdateTimezoneForm

The timezone update information

 required

Returns:

Name Type Description
bool bool

True if successful
Source code in src/owui_client/routers/auths.py 
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
async def update_timezone(self, form_data: UpdateTimezoneForm) -> bool:
    """
    Update the current user's timezone.

    Updates the user's timezone preference.

    Args:
        form_data: The timezone update information

    Returns:
        bool: True if successful
    """
    response = await self._request(
        "POST",
        "/v1/auths/update/timezone",
        json=form_data.model_dump(),
    )
    return response.get("status", False)
update_password 
update_password(form_data: UpdatePasswordForm) -> bool

Update the current user's password.

Verifies the current password before updating to the new one.

Parameters:

Name Type Description Default
form_data UpdatePasswordForm

The password update information (current and new password)

 required

Returns:

Type Description
bool

True if successful
Source code in src/owui_client/routers/auths.py 
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
async def update_password(self, form_data: UpdatePasswordForm) -> bool:
    """
    Update the current user's password.

    Verifies the current password before updating to the new one.

    Args:
        form_data: The password update information (current and new password)

    Returns:
        True if successful
    """
    return await self._request(
        "POST",
        "/v1/auths/update/password",
        model=bool,
        json=form_data.model_dump(),
    )
signin 
signin(form_data: SigninForm, set_client_api_key: bool = True) -> SessionUserResponse

Sign in with email and password.

Authenticates the user using email and password. On success, it returns a session token and user details.

Parameters:

Name Type Description Default
form_data SigninForm

The signin credentials (email, password)

 required
set_client_api_key bool

If True (default), updates the main client's API key upon success

 True

Returns:

Type Description
SessionUserResponse

SessionUserResponse: Session information including token and user details
Source code in src/owui_client/routers/auths.py 
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
async def signin(
    self, form_data: SigninForm, set_client_api_key: bool = True
) -> SessionUserResponse:
    """
    Sign in with email and password.

    Authenticates the user using email and password. On success, it returns a session
    token and user details.

    Args:
        form_data: The signin credentials (email, password)
        set_client_api_key: If True (default), updates the main client's API key upon success

    Returns:
        `SessionUserResponse`: Session information including token and user details
    """
    response = await self._request(
        "POST",
        "/v1/auths/signin",
        model=SessionUserResponse,
        json=form_data.model_dump(),
    )

    if set_client_api_key and response.token:
        self._client.api_key = response.token

    return response
signin_ldap 
signin_ldap(form_data: LdapForm, set_client_api_key: bool = True) -> SessionUserResponse

Sign in with LDAP credentials.

Authenticates the user using LDAP. Requires LDAP to be enabled and configured on the server.

Parameters:

Name Type Description Default
form_data LdapForm

The LDAP credentials (user, password)

 required
set_client_api_key bool

If True (default), updates the main client's API key upon success

 True

Returns:

Type Description
SessionUserResponse

SessionUserResponse: Session information including token and user details
Source code in src/owui_client/routers/auths.py 
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
async def signin_ldap(
    self, form_data: LdapForm, set_client_api_key: bool = True
) -> SessionUserResponse:
    """
    Sign in with LDAP credentials.

    Authenticates the user using LDAP. Requires LDAP to be enabled and configured on the server.

    Args:
        form_data: The LDAP credentials (user, password)
        set_client_api_key: If True (default), updates the main client's API key upon success

    Returns:
        `SessionUserResponse`: Session information including token and user details
    """
    response = await self._request(
        "POST",
        "/v1/auths/ldap",
        model=SessionUserResponse,
        json=form_data.model_dump(),
    )

    if set_client_api_key and response.token:
        self._client.api_key = response.token

    return response
signup 
signup(form_data: SignupForm, set_client_api_key: bool = True) -> SessionUserResponse

Sign up a new user.

Creates a new user account. If this is the first user, they will be assigned the 'admin' role. Subsequent users are assigned the default role (usually 'pending').

Parameters:

Name Type Description Default
form_data SignupForm

The signup information (name, email, password, etc.)

 required
set_client_api_key bool

If True (default), updates the main client's API key upon success

 True

Returns:

Type Description
SessionUserResponse

SessionUserResponse: Session information including token and user details
Source code in src/owui_client/routers/auths.py 
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
async def signup(
    self, form_data: SignupForm, set_client_api_key: bool = True
) -> SessionUserResponse:
    """
    Sign up a new user.

    Creates a new user account. If this is the first user, they will be assigned the 'admin' role.
    Subsequent users are assigned the default role (usually 'pending').

    Args:
        form_data: The signup information (name, email, password, etc.)
        set_client_api_key: If True (default), updates the main client's API key upon success

    Returns:
        `SessionUserResponse`: Session information including token and user details
    """
    response = await self._request(
        "POST",
        "/v1/auths/signup",
        model=SessionUserResponse,
        json=form_data.model_dump(),
    )

    if set_client_api_key and response.token:
        self._client.api_key = response.token

    return response
add_user 
add_user(form_data: AddUserForm) -> SigninResponse

Add a new user (Admin only).

Allows an admin to create a new user account directly, specifying their role.

Parameters:

Name Type Description Default
form_data AddUserForm

The user information (name, email, password, role, etc.)

 required

Returns:

Type Description
SigninResponse

SigninResponse: Response including token and user details
Source code in src/owui_client/routers/auths.py 
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
async def add_user(self, form_data: AddUserForm) -> SigninResponse:
    """
    Add a new user (Admin only).

    Allows an admin to create a new user account directly, specifying their role.

    Args:
        form_data: The user information (name, email, password, role, etc.)

    Returns:
        `SigninResponse`: Response including token and user details
    """
    return await self._request(
        "POST",
        "/v1/auths/add",
        model=SigninResponse,
        json=form_data.model_dump(),
    )
get_admin_details 
get_admin_details() -> AdminDetails

Get admin details.

Retrieves the name and email of the admin user, if configured to be shown.

Returns:

Type Description
AdminDetails

AdminDetails: Admin details (name, email)
Source code in src/owui_client/routers/auths.py 
209
210
211
212
213
214
215
216
217
218
219
220
221
222
async def get_admin_details(self) -> AdminDetails:
    """
    Get admin details.

    Retrieves the name and email of the admin user, if configured to be shown.

    Returns:
        `AdminDetails`: Admin details (name, email)
    """
    return await self._request(
        "GET",
        "/v1/auths/admin/details",
        model=AdminDetails,
    )
sign_out 
sign_out(unset_client_api_key: bool = True) -> SignoutResponse

Sign out the current user.

Invalidates the current session token.

Parameters:

Name Type Description Default
unset_client_api_key bool

If True (default), clears the main client's API key upon success

 True

Returns:

Type Description
SignoutResponse

SignoutResponse: Signout status
Source code in src/owui_client/routers/auths.py 
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
async def sign_out(self, unset_client_api_key: bool = True) -> SignoutResponse:
    """
    Sign out the current user.

    Invalidates the current session token.

    Args:
        unset_client_api_key: If True (default), clears the main client's API key upon success

    Returns:
        `SignoutResponse`: Signout status
    """
    response = await self._request(
        "GET",
        "/v1/auths/signout",
        model=SignoutResponse,
    )

    if unset_client_api_key and response.status:
        self._client.api_key = None

    return response
get_admin_config 
get_admin_config() -> AdminConfig

Get the admin configuration.

Retrieves global configuration settings for the application.

Returns:

Type Description
AdminConfig

AdminConfig: The admin configuration
Source code in src/owui_client/routers/auths.py 
247
248
249
250
251
252
253
254
255
256
257
258
259
260
async def get_admin_config(self) -> AdminConfig:
    """
    Get the admin configuration.

    Retrieves global configuration settings for the application.

    Returns:
        `AdminConfig`: The admin configuration
    """
    return await self._request(
        "GET",
        "/v1/auths/admin/config",
        model=AdminConfig,
    )
update_admin_config 
update_admin_config(config: AdminConfig) -> AdminConfig

Update the admin configuration.

Updates global configuration settings. Requires admin privileges.

Parameters:

Name Type Description Default
config AdminConfig

The new configuration

 required

Returns:

Type Description
AdminConfig

AdminConfig: The updated configuration
Source code in src/owui_client/routers/auths.py 
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
async def update_admin_config(self, config: AdminConfig) -> AdminConfig:
    """
    Update the admin configuration.

    Updates global configuration settings. Requires admin privileges.

    Args:
        config: The new configuration

    Returns:
        `AdminConfig`: The updated configuration
    """
    return await self._request(
        "POST",
        "/v1/auths/admin/config",
        model=AdminConfig,
        json=config.model_dump(),
    )
get_ldap_server 
get_ldap_server() -> LdapServerConfig

Get the LDAP server configuration.

Retrieves the LDAP connection settings. Requires admin privileges.

Returns:

Type Description
LdapServerConfig

LdapServerConfig: LDAP server configuration
Source code in src/owui_client/routers/auths.py 
281
282
283
284
285
286
287
288
289
290
291
292
293
294
async def get_ldap_server(self) -> LdapServerConfig:
    """
    Get the LDAP server configuration.

    Retrieves the LDAP connection settings. Requires admin privileges.

    Returns:
        `LdapServerConfig`: LDAP server configuration
    """
    return await self._request(
        "GET",
        "/v1/auths/admin/config/ldap/server",
        model=LdapServerConfig,
    )
update_ldap_server 
update_ldap_server(form_data: LdapServerConfig) -> LdapServerConfig

Update the LDAP server configuration.

Updates the LDAP connection settings. Requires admin privileges.

Parameters:

Name Type Description Default
form_data LdapServerConfig

The LDAP server configuration

 required

Returns:

Type Description
LdapServerConfig

LdapServerConfig: Updated LDAP server configuration
Source code in src/owui_client/routers/auths.py 
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
async def update_ldap_server(self, form_data: LdapServerConfig) -> LdapServerConfig:
    """
    Update the LDAP server configuration.

    Updates the LDAP connection settings. Requires admin privileges.

    Args:
        form_data: The LDAP server configuration

    Returns:
        `LdapServerConfig`: Updated LDAP server configuration
    """
    return await self._request(
        "POST",
        "/v1/auths/admin/config/ldap/server",
        model=LdapServerConfig,
        json=form_data.model_dump(),
    )
get_ldap_config 
get_ldap_config() -> LdapConfigResponse

Get the LDAP configuration status.

Checks if LDAP authentication is enabled.

Returns:

Type Description
LdapConfigResponse

LdapConfigResponse: LDAP configuration status
Source code in src/owui_client/routers/auths.py 
315
316
317
318
319
320
321
322
323
324
325
326
327
328
async def get_ldap_config(self) -> LdapConfigResponse:
    """
    Get the LDAP configuration status.

    Checks if LDAP authentication is enabled.

    Returns:
        `LdapConfigResponse`: LDAP configuration status
    """
    return await self._request(
        "GET",
        "/v1/auths/admin/config/ldap",
        model=LdapConfigResponse,
    )
update_ldap_config 
update_ldap_config(form_data: LdapConfigForm) -> LdapConfigResponse

Update the LDAP configuration status.

Enables or disables LDAP authentication. Requires admin privileges.

Parameters:

Name Type Description Default
form_data LdapConfigForm

The LDAP configuration form

 required

Returns:

Type Description
LdapConfigResponse

LdapConfigResponse: Updated LDAP configuration status
Source code in src/owui_client/routers/auths.py 
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
async def update_ldap_config(self, form_data: LdapConfigForm) -> LdapConfigResponse:
    """
    Update the LDAP configuration status.

    Enables or disables LDAP authentication. Requires admin privileges.

    Args:
        form_data: The LDAP configuration form

    Returns:
        `LdapConfigResponse`: Updated LDAP configuration status
    """
    return await self._request(
        "POST",
        "/v1/auths/admin/config/ldap",
        model=LdapConfigResponse,
        json=form_data.model_dump(),
    )
generate_api_key 
generate_api_key() -> ApiKey

Generate a new API key for the current user.

Creates or rotates the API key for the current user.

Returns:

Type Description
ApiKey

ApiKey: The generated API key
Source code in src/owui_client/routers/auths.py 
349
350
351
352
353
354
355
356
357
358
359
360
361
362
async def generate_api_key(self) -> ApiKey:
    """
    Generate a new API key for the current user.

    Creates or rotates the API key for the current user.

    Returns:
        `ApiKey`: The generated API key
    """
    return await self._request(
        "POST",
        "/v1/auths/api_key",
        model=ApiKey,
    )
delete_api_key 
delete_api_key() -> bool

Delete the current user's API key.

Removes the API key associated with the current user.

Returns:

Name Type Description
bool bool

True if successful
Source code in src/owui_client/routers/auths.py 
364
365
366
367
368
369
370
371
372
373
374
375
376
377
async def delete_api_key(self) -> bool:
    """
    Delete the current user's API key.

    Removes the API key associated with the current user.

    Returns:
        bool: True if successful
    """
    return await self._request(
        "DELETE",
        "/v1/auths/api_key",
        model=bool,
    )
get_api_key 
get_api_key() -> ApiKey

Get the current user's API key.

Retrieves the existing API key for the current user.

Returns:

Type Description
ApiKey

ApiKey: The current API key
Source code in src/owui_client/routers/auths.py 
379
380
381
382
383
384
385
386
387
388
389
390
391
392
async def get_api_key(self) -> ApiKey:
    """
    Get the current user's API key.

    Retrieves the existing API key for the current user.

    Returns:
        `ApiKey`: The current API key
    """
    return await self._request(
        "GET",
        "/v1/auths/api_key",
        model=ApiKey,
    )
token_exchange 
token_exchange(provider: str, form_data: TokenExchangeForm, set_client_api_key: bool = True) -> SessionUserResponse

Exchange an external OAuth provider token for an Open WebUI JWT.

This endpoint allows exchanging an OAuth access token from an external provider (e.g., Google, GitHub, Microsoft) for an Open WebUI session token. The feature must be enabled on the server with ENABLE_OAUTH_TOKEN_EXCHANGE=True.

The user must already exist in Open WebUI (created via web interface signin) for the token exchange to succeed. The provider must be configured in the server's OAUTH_PROVIDERS setting.

Parameters:

Name Type Description Default
provider str

The OAuth provider name (e.g., "google", "github", "microsoft")

 required
form_data TokenExchangeForm

The token exchange form containing the OAuth access token

 required
set_client_api_key bool

If True (default), updates the main client's API key upon success

 True

Returns:

Type Description
SessionUserResponse

SessionUserResponse: Session information including token and user details

Raises:

Type Description
HTTPError

403 if token exchange is disabled on the server
HTTPError

404 if the provider is not configured
HTTPError

400 if the token is invalid or user info cannot be fetched
HTTPError

403 if the user is not found (must sign in via web first)
Source code in src/owui_client/routers/auths.py 
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
async def token_exchange(
    self,
    provider: str,
    form_data: TokenExchangeForm,
    set_client_api_key: bool = True,
) -> SessionUserResponse:
    """
    Exchange an external OAuth provider token for an Open WebUI JWT.

    This endpoint allows exchanging an OAuth access token from an external provider
    (e.g., Google, GitHub, Microsoft) for an Open WebUI session token. The feature
    must be enabled on the server with ENABLE_OAUTH_TOKEN_EXCHANGE=True.

    The user must already exist in Open WebUI (created via web interface signin) for
    the token exchange to succeed. The provider must be configured in the server's
    OAUTH_PROVIDERS setting.

    Args:
        provider: The OAuth provider name (e.g., "google", "github", "microsoft")
        form_data: The token exchange form containing the OAuth access token
        set_client_api_key: If True (default), updates the main client's API key upon success

    Returns:
        `SessionUserResponse`: Session information including token and user details

    Raises:
        HTTPError: 403 if token exchange is disabled on the server
        HTTPError: 404 if the provider is not configured
        HTTPError: 400 if the token is invalid or user info cannot be fetched
        HTTPError: 403 if the user is not found (must sign in via web first)
    """
    response = await self._request(
        "POST",
        f"/v1/auths/oauth/{provider}/token/exchange",
        model=SessionUserResponse,
        json=form_data.model_dump(),
    )

    if set_client_api_key and response.token:
        self._client.api_key = response.token

    return response