From 89db0f38d63e195912a202e8ce1d1a6cbeaa4a97 Mon Sep 17 00:00:00 2001 From: silentoplayz <50341825+silentoplayz@users.noreply.github.com> Date: Tue, 17 Dec 2024 13:50:59 -0500 Subject: [PATCH 1/3] New JSON Web Token docs page New JSON Web Token docs page --- docs/features/jwttoken.md | 77 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 docs/features/jwttoken.md diff --git a/docs/features/jwttoken.md b/docs/features/jwttoken.md new file mode 100644 index 0000000..04e321f --- /dev/null +++ b/docs/features/jwttoken.md @@ -0,0 +1,77 @@ +--- +sidebar_position: 12 +title: "🔰 Configuring JWT Expiration" +--- + +Overview +-------- + +Open WebUI provides a feature that allows administrators to configure the expiration time of their JWT (JSON Web Token) token. This setting is crucial for ensuring secure access to the API, as it determines how long a JWT token remains valid for. + +Configuring JWT Expiration +--------------------------- + +To configure the JWT expiration time, follow these steps: + +### Option 1: Configure through the Admin Panel + +1. Log in to your Open WebUI instance as an administrator. +2. Navigate to the `Admin Panel` -> `Settings` -> `General`. +3. Locate the `JWT Expiration` option. +4. Enter the desired expiration time value. +5. Save the changes. + +### Option 2: Configure through Environment Variables + +Alternatively, you can configure the JWT expiration time by setting the `JWT_EXPIRES_IN` environment variable. + +For more information on configuring environment variables in Open WebUI, see [Environment Variable Configuration](https://docs.openwebui.com/getting-started/advanced-topics/env-configuration#jwt_expires_in). + +Generating a Secret Key for JWT Tokens +-------------------------------------- + +Open WebUI uses a secret key to generate JWT tokens. By default, this secret key is randomly generated on the first start of the container. However, you can override this secret key by setting the `WEBUI_SECRET_KEY` environment variable. + +Environment Variable Descriptions +--------------------------------- + +* `JWT_EXPIRES_IN`: + + Type: int + + Default: -1 + + Description: Sets the JWT expiration time in seconds. A value of -1 disables expiration. +* `WEBUI_SECRET_KEY`: + + Type: str + + Default: t0p-s3cr3t + + Docker Default: Randomly generated on first start + + Description: Overrides the randomly generated string used for JSON Web Token. + +Valid Time Units +----------------- + +* `s`: seconds +* `m`: minutes +* `h`: hours +* `d`: days +* `w`: weeks +* `-1`: no expiration + +Authentication with JWT Tokens +--------------------------------- + +To authenticate your API requests using your JWT token, obtain your API key from `Settings > Account > API Keys > API Key` in Open WebUI. Alternatively, you can obtain a `JWT token` from the same location. + +Note: The JWT token is used for authentication purposes only and should be kept secure to prevent unauthorized access to the API. + +FAQ +---- + +* Q: What is the default expiration time for JWT tokens in Open WebUI? +A: The default expiration time for JWT tokens in Open WebUI is -1, which disables expiration. +* Q: Can I configure the JWT expiration time using environment variables? +A: Yes, you can configure the JWT expiration time by setting the `JWT_EXPIRES_IN` environment variable. +* Q: What are the valid time units for configuring JWT expiration in Open WebUI? +A: The valid time units are `s`, `m`, `h`, `d`, `w`, or `-1` for no expiration. +* Q: How do I obtain a JWT token for authentication purposes? +A: You can obtain a JWT token from the Open WebUI API or by navigating to `Settings > Account` in the Open WebUI admin panel. +* Q: Can I override the default secret key used for JWT tokens? +A: Yes, you can override the default secret key by setting the `WEBUI_SECRET_KEY` environment variable. \ No newline at end of file From e159005529ec1f03ec0d4c7f045b7b1498a24eb9 Mon Sep 17 00:00:00 2001 From: silentoplayz <50341825+silentoplayz@users.noreply.github.com> Date: Tue, 17 Dec 2024 13:56:46 -0500 Subject: [PATCH 2/3] Update jwttoken.md Emoji swap --- docs/features/jwttoken.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/features/jwttoken.md b/docs/features/jwttoken.md index 04e321f..4182371 100644 --- a/docs/features/jwttoken.md +++ b/docs/features/jwttoken.md @@ -1,6 +1,6 @@ --- sidebar_position: 12 -title: "🔰 Configuring JWT Expiration" +title: "📎 Configuring JWT Expiration" --- Overview @@ -74,4 +74,4 @@ A: The valid time units are `s`, `m`, `h`, `d`, `w`, or `-1` for no expiration. * Q: How do I obtain a JWT token for authentication purposes? A: You can obtain a JWT token from the Open WebUI API or by navigating to `Settings > Account` in the Open WebUI admin panel. * Q: Can I override the default secret key used for JWT tokens? -A: Yes, you can override the default secret key by setting the `WEBUI_SECRET_KEY` environment variable. \ No newline at end of file +A: Yes, you can override the default secret key by setting the `WEBUI_SECRET_KEY` environment variable. From 262401daa40b6d295d3ef278cc6b11920323d13a Mon Sep 17 00:00:00 2001 From: silentoplayz <50341825+silentoplayz@users.noreply.github.com> Date: Tue, 17 Dec 2024 13:59:02 -0500 Subject: [PATCH 3/3] Update jwttoken.md --- docs/features/jwttoken.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/features/jwttoken.md b/docs/features/jwttoken.md index 4182371..dd62034 100644 --- a/docs/features/jwttoken.md +++ b/docs/features/jwttoken.md @@ -1,6 +1,6 @@ --- sidebar_position: 12 -title: "📎 Configuring JWT Expiration" +title: "📎 JWT Expiration" --- Overview