Check Existing Issues

• I have searched the existing issues and discussions.

Problem Description

Following the change here issue-16979, I've tried to use the REDIS_KEY_PREFIX and ACLs to gate permissions for a given open-webui instance behind the key prefix. For example, the pseudo code below

REDIS_KEY_PREFIX = "openwebui-special"

redis-cli -u redis://redis-password@redis-host:redis-port 
                ACL SETUSER openwebuispecial 
                on 
                ~openwebui-special:* 
                +@all 
                ">openwebuispecial-password"

The issue, is there are other places where redis is used in openwebui not covered by the previous change. For example, in tools.py:

if request.app.state.redis is not None:
    await request.app.state.redis.set(
        "tool_servers", json.dumps(request.app.state.TOOL_SERVERS)
    )

and

tool_servers = json.loads(await request.app.state.redis.get("tool_servers"))

These keys are not prefixed and so, openwebui will throw a permissions error like the following:

2025-08-29 09:54:29.646 | ERROR    | open_webui.utils.tools:get_tool_servers:494 - Error fetching tool_servers from Redis: No permissions to access a key
...
redis.exceptions.NoPermissionError: No permissions to access a key

Desired Solution you'd like

Please ensure that these keys are also prefixed. I am not sure if there are any others which also may need prefixing - I have searched for all instances of Redis use in the codebase, and these seem to be the only ones left - but might be worth a sanity check.

Alternatives Considered

I can add this tool_servers key to my ACL but I don't think that's in the spirit of the previous changes. If there are any others I'd also have to keep adding these which again feels out of the spirit of the previous changes.

Additional Context

No response