Authentication methods

yt-dlp support two main authentication schemes:

• Username/password based authentication
• OpenID authentification

Username/password based authentication

To enable this authentication scheme edit your config.yml and add the following lines:

require_auth: true
username: your_username
password: your_password

Provide your config.yml to yt-dlp-webui:

./yt-dlp-webui -conf config.yml

# or with docker
docker exec --rm -d -p 3033:3033 -v <your_config_directory>:/conf ghcr.io/marcopeocchi/yt-dlp-web-ui:latest

OpenID authentification

To enable this authentication scheme you need an OpenID authentication provider (e.g. Google Oauth2), a client_id and a client_secret.
The requirements can be obtained from your authentication provider, for example, Google make them available here https://console.cloud.google.com/apis/credentials.

The callback URL is https://localhost:3033/auth/openid/signin where https://localhost:3033 is where yt-dlp-web-ui is exposed, a real-like application would be something served by a reverse-proxy (e.g. https://yt-dlp-webui.yourdomain.tld/auth/openid/signin)

Edit your config.yml with the following keys:

# OpenID Google Oauth2 example

# disable password based authentication
require_auth: false

# enable openid authentification
use_openid: true
openid_provider_url: https://accounts.google.com
openid_client_id: your-client-id
openid_client_secret: your-client-secret

# localhost:3033 is where yt-dlp-webui is exposed
openid_redirect_url: your-callback-url
# a production like example
# openid_redirect_url: https://yt-dlp-webui.yourdomain.tld/auth/openid/signin

Provide your config.yml to yt-dlp-webui:

./yt-dlp-webui -conf config.yml

# or with docker
docker exec --rm -d -p 3033:3033 -v <your_config_directory>:/conf ghcr.io/marcopeocchi/yt-dlp-web-ui:latest