Issue Station
Sign In
Tools hereToolbox

litellm - 💡(How to fix) Fix [Bug]: /key/update rejects non-admin users editing models when key has allowed_routes set via key_type [1 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
BerriAI/litellm#26555Fetched 2026-04-27 05:29:33
View on GitHub
Comments
0
Participants
1
Timeline
3
Reactions
0
Author
darsh12darsh12
Participants
darsh12darsh12
Timeline (top)
labeled ×3

Error Message

Suggested fix:

if not is_proxy_admin and allowed_routes != existing_key.allowed_routes: raise HTTPException(...)

Root Cause

Root cause:

Fix Action

Fix / Workaround

Workaround: Call /key/update via API omitting allowed_routes entirely:

Code Example

403: {'error': 'Only proxy admins can set `allowed_routes` on a key. Use `key_type` to pick a preset route bucket instead.'}

---

{
  "key_alias": "pi-fury",
  "models": ["main", "gemini/gemini-3-flash-preview", "cerebras/gpt-oss-120b", "cerebras/zai-glm-4.7"],
  "allowed_routes": ["llm_api_routes"],
  ...
}

---

# Suggested fix:
if not is_proxy_admin and allowed_routes != existing_key.allowed_routes:
    raise HTTPException(...)

---

curl -X POST 'http://your-litellm-host:4000/key/update' \
  -H 'Authorization: Bearer <your-session-token>' \
  -H 'Content-Type: application/json' \
  -d '{
    "key": "sk-your-key",
    "models": ["main", "gemini/gemini-3-flash-preview"]
  }'

---

litellm-1 | 19:08:30 - LiteLLM Proxy:ERROR: key_management_endpoints.py:2314 - update_key_fn(): Exception occured - 403: {'error': 'Only proxy admins can set `allowed_routes` on a key...'}

  File "key_management_endpoints.py", line 2237, in update_key_fn
    await _validate_update_key_data(...)
  File "key_management_endpoints.py", line 1939, in _validate_update_key_data
    _check_allowed_routes_caller_permission(
        allowed_routes=data.allowed_routes,
        user_api_key_dict=user_api_key_dict,
    )
  File "key_management_endpoints.py", line 476, in _check_allowed_routes_caller_permission
    raise HTTPException(...)
RAW_BUFFERClick to expand / collapse

Check for existing issues

  • I have searched the existing issues and checked that my issue is not a duplicate.

What happened?

What happened?

When a non-admin user edits a virtual key in the UI and changes only the models list, saving fails with a 403 if the key was originally created with a key_type (e.g. "LLM API"). The UI round-trips the full key object back to /key/update, which includes allowed_routes: ["llm_api_routes"] — a value that was set by the system via key_type at creation time, not by the user now. The backend's _check_allowed_routes_caller_permission treats any non-empty allowed_routes in the update payload as an unauthorized attempt to set routes, and raises a 403.

Expected behavior:

Non-admin users should be able to update models on a key that has allowed_routes already set via key_type. The permission check should only trigger if the user is changing allowed_routes from its current value, not when they're submitting it unchanged.

Actual behavior:

403: {'error': 'Only proxy admins can set `allowed_routes` on a key. Use `key_type` to pick a preset route bucket instead.'}

Request payload sent by UI:

{
  "key_alias": "pi-fury",
  "models": ["main", "gemini/gemini-3-flash-preview", "cerebras/gpt-oss-120b", "cerebras/zai-glm-4.7"],
  "allowed_routes": ["llm_api_routes"],
  ...
}

allowed_routes: ["llm_api_routes"] was set at key creation via key_type, not by the user during this edit.

Root cause:

_check_allowed_routes_caller_permission raises for any non-admin submitting a non-empty allowed_routes, with no check for whether the value differs from what's already stored on the key. The correct fix is to compare the submitted allowed_routes against the existing key's value and only raise if it's actually changing:

# Suggested fix:
if not is_proxy_admin and allowed_routes != existing_key.allowed_routes:
    raise HTTPException(...)

Version: v1.83.13
Configuration: UI only, no config.yaml

Workaround: Call /key/update via API omitting allowed_routes entirely:

curl -X POST 'http://your-litellm-host:4000/key/update' \
  -H 'Authorization: Bearer <your-session-token>' \
  -H 'Content-Type: application/json' \
  -d '{
    "key": "sk-your-key",
    "models": ["main", "gemini/gemini-3-flash-preview"]
  }'

Steps to Reproduce

  1. As internal_user, create a virtual key with key_type set to "LLM API" (sets allowed_routes: ["llm_api_routes"])
  2. Navigate to Keys → Edit that key
  3. Add or remove a model from the allowed models list
  4. Click Save → 403 error

Relevant log output

litellm-1 | 19:08:30 - LiteLLM Proxy:ERROR: key_management_endpoints.py:2314 - update_key_fn(): Exception occured - 403: {'error': 'Only proxy admins can set `allowed_routes` on a key...'}

  File "key_management_endpoints.py", line 2237, in update_key_fn
    await _validate_update_key_data(...)
  File "key_management_endpoints.py", line 1939, in _validate_update_key_data
    _check_allowed_routes_caller_permission(
        allowed_routes=data.allowed_routes,
        user_api_key_dict=user_api_key_dict,
    )
  File "key_management_endpoints.py", line 476, in _check_allowed_routes_caller_permission
    raise HTTPException(...)

What part of LiteLLM is this about?

UI Dashboard

What LiteLLM version are you on ?

v1.83.13-nightly

Twitter / LinkedIn details

No response

extent analysis

TL;DR

The most likely fix is to modify the _check_allowed_routes_caller_permission function to compare the submitted allowed_routes against the existing key's value and only raise an exception if it's actually changing.

Guidance

  • The issue arises from the _check_allowed_routes_caller_permission function not checking if the allowed_routes value has changed, causing a 403 error for non-admin users when updating a key with pre-set allowed_routes.
  • To verify the issue, reproduce the steps provided, which involve creating a virtual key with a specific key_type, editing the key, and attempting to save changes.
  • A potential workaround is to call the /key/update API endpoint omitting the allowed_routes field, as shown in the provided curl example.
  • The suggested fix involves modifying the _check_allowed_routes_caller_permission function to compare the submitted allowed_routes against the existing key's value, only raising an exception if the value has changed.

Example

if not is_proxy_admin and allowed_routes != existing_key.allowed_routes:
    raise HTTPException(...)

Notes

This fix assumes that the existing_key.allowed_routes value is accessible within the _check_allowed_routes_caller_permission function. If this is not the case, additional modifications may be necessary to retrieve the existing key's allowed_routes value.

Recommendation

Apply the suggested workaround by modifying the _check_allowed_routes_caller_permission function to compare the submitted allowed_routes against the existing key's value, as this directly addresses the root cause of the issue.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#api#authentication setup#request error#file not found#serialization error

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

litellm - 💡(How to fix) Fix [Bug]: /key/update rejects non-admin users editing models when key has allowed_routes set via key_type [1 participants]