litellm - 💡(How to fix) Fix [Bug]: v1.86.0 regression — UI/SSO/CLI session token's $0.25 max_ui_session_budget incorrectly used as ceiling for /key/generate, blocking non-admin team admins from creating keys

Check for existing issues

• I have searched the existing issues and checked that my issue is not a duplicate.

What happened?

Starting in v1.86.0, non-admin users (including team admins) cannot create a key with any max_budget greater than $0.25 through the UI, the experimental UI JWT, the CLI JWT, or the SSO//login flow. The request fails with:

{"error":{"message":"max_budget (100.0) cannot exceed the caller's own max_budget (0.25).","type":"internal_server_error","param":"None","code":"400"}}

The 0.25 does not come from the user's record, the team's budget, or any configured value. It is litellm.max_ui_session_budget, a hardcoded constant defined at litellm/__init__.py:407:

max_ui_session_budget: Optional[float] = 0.25  # $0.25 USD budgets for UI Chat sessions

That constant is intended to cap the cost of the user's own interactive chat in the dashboard's Test Key pane so a stray UI session can't run up a large bill. It is not an expression of the user's administrative authority over their team's budget.

The constant is stamped onto the synthetic UserAPIKeyAuth token minted during four login paths:

• litellm/proxy/auth/auth_checks.py:2221 — get_experimental_ui_login_jwt_auth_token
• litellm/proxy/auth/auth_checks.py:2275 — get_cli_jwt_auth_token
• litellm/proxy/auth/login_utils.py:231 — /login
• litellm/proxy/management_endpoints/ui_sso.py:1897, :2955 — SSO

The new delegated-authority ceiling check added in #27897 (commit 410ce761dc, GHSA-q775-qw9r-2r4g) reads the caller's user_api_key_dict.max_budget without distinguishing a real API key from a synthetic UI/SSO/CLI session token. See litellm/proxy/management_endpoints/key_management_endpoints.py:742-756:

if (
    user_api_key_dict.user_role != LitellmUserRoles.PROXY_ADMIN.value
    and _requested_max_budget is not None
    and user_api_key_dict.max_budget is not None
    and _requested_max_budget > user_api_key_dict.max_budget
):
    raise HTTPException(
        status_code=400,
        detail={"error": f"max_budget ({_requested_max_budget}) cannot exceed the caller's own max_budget ({user_api_key_dict.max_budget})."},
    )

So when a team admin (non-admin user) logs into the UI and clicks "Create Key" with max_budget=100, the check sees the synthetic session token's max_budget=0.25 and refuses. The user's actual authority over the team's budget is never consulted.

The original GHSA-q775 case — a low-budget real API key shouldn't be able to mint a higher-budget sibling — is legitimate. But applying the same ceiling to a UI/SSO/CLI session token whose 0.25 has nothing to do with the user's administrative authority is a regression.

Expected behavior

A non-admin user who is a team admin/owner of team T should be able to create keys with max_budget anywhere within team T's max_budget, regardless of the 0.25 cap on their own UI session token.

Equivalently: the delegated-authority ceiling should not consult user_api_key_dict.max_budget when that value originates from litellm.max_ui_session_budget (a UI/CLI session token), or it should consult the team's max_budget instead when data.team_id is set and the caller is authorized for that team.

Steps to Reproduce

1. Run LiteLLM proxy v1.86.0 or newer.
2. Create an internal user (non-admin role) and add them as admin of a team with max_budget=1000.
3. Have that user log into the UI (or obtain a CLI/SSO JWT).
4. From the UI, attempt to create a new key for that team with max_budget=100. (Or via API using the UI-issued session token: POST /key/generate with {"team_id": "<team>", "max_budget": 100}.)
5. Observe the 400 error: max_budget (100.0) cannot exceed the caller's own max_budget (0.25).

The 0.25 will appear regardless of any configuration — it is litellm.max_ui_session_budget, hardcoded.

Suggested fixes

Either or both:

1. Exempt session tokens from the ceiling. UI/CLI session tokens carry recognizable markers (key_alias in ("ui-token", CLI_JWT_TOKEN_NAME), team_id == "litellm-dashboard", etc.). The check in _common_key_generation_helper could skip them. Smallest, most targeted fix.
2. Use the team's max_budget as the ceiling when data.team_id is set and the caller is the team's admin/owner. This matches intent: team admins delegate from the team's budget pool, not their personal session token's. Mirrors how /team/new already special-cases org context (cf. #17059).

What part of LiteLLM is this about?

Proxy

Version

v1.86.0 (regression introduced by #27897 / commit 410ce761dc; affects all releases ≥ v1.86.0)