diff --git a/litellm/proxy/middleware/prometheus_auth_middleware.py b/litellm/proxy/middleware/prometheus_auth_middleware.py index ae2481384b..ca38a9d445 100644 --- a/litellm/proxy/middleware/prometheus_auth_middleware.py +++ b/litellm/proxy/middleware/prometheus_auth_middleware.py @@ -5,6 +5,7 @@ from fastapi import Request from starlette.middleware.base import BaseHTTPMiddleware import litellm +from litellm.proxy._types import SpecialHeaders from litellm.proxy.auth.user_api_key_auth import user_api_key_auth @@ -13,12 +14,17 @@ class PrometheusAuthMiddleware(BaseHTTPMiddleware): # Check if this is a request to the metrics endpoint if self._is_prometheus_metrics_endpoint(request): - try: - await user_api_key_auth( - request=request, api_key=request.headers.get("Authorization") or "" - ) - except Exception as e: - raise e + if self._should_run_auth_on_metrics_endpoint() is True: + try: + await user_api_key_auth( + request=request, + api_key=request.headers.get( + SpecialHeaders.openai_authorization.value + ) + or "", + ) + except Exception as e: + raise e # Process the request and get the response response = await call_next(request) @@ -36,4 +42,14 @@ class PrometheusAuthMiddleware(BaseHTTPMiddleware): @staticmethod def _should_run_auth_on_metrics_endpoint(): + """ + Returns True if auth should be run on the metrics endpoint + + False by default, set to True in proxy_config.yaml to enable + + ```yaml + litellm_settings: + require_auth_for_metrics_endpoint: true + ``` + """ return litellm.require_auth_for_metrics_endpoint diff --git a/litellm/proxy/proxy_config.yaml b/litellm/proxy/proxy_config.yaml index 788bf9642d..61950f55fe 100644 --- a/litellm/proxy/proxy_config.yaml +++ b/litellm/proxy/proxy_config.yaml @@ -10,6 +10,5 @@ model_list: api_key: fake-key litellm_settings: - require_auth_for_metrics_endpoint: true callbacks: ["prometheus"] service_callback: ["prometheus_system"] \ No newline at end of file