Check for existing issues
Searched for similar existing issues, haven't found anything, verified issue exists also on stable on 1.82.3 as well.
What happened?
After updating a team’s MCP access groups via POST /team/update, POST /key/generate can fail with 403 if called immediately afterward. The error says the requested MCP access groups are not allowed for the team, and the “Team allows” list in the message matches the pre-update state, not the merged permissions from the latest team/update. Retrying after ~1 minute succeeds. Setting DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL=0 avoids the issue, which suggests stale in-memory management/team state during key validation.
Steps to Reproduce
- Create a team
- Set team initial object_permission.mcp_access_groups to a single group, e.g. ["G1"] (POST /team/update or /team/new as applicable).
- POST /key/generate for that team_id with permissions scoped to G1 only — succeeds (baseline key).
- POST /team/update — merge in a second group, e.g. mcp_access_groups: ["G1","G2"].
- Immediately POST /key/generate with same team_id and key permissions requesting G2.
- Behavior: 403 — error text lists Team allows without G2 (stale).
- Retry POST /key/generate after ~60s with the same payload — succeeds (or set DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL=0 and repeat step 6).
Expected behavior
key/generate should enforce MCP access groups against the current team permissions after a successful team/update, so update and key creation can run back-to-back without delay.
Actual behavior
key/generate returns 403 with a message like:
{"error":{"message":"{'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}","type":"internal_server_error","param":"None","code":"403"}}
Same request succeeds after a 1-minute delay or with DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL=0.
Relevant log output
12:05:30 - LiteLLM Proxy:DEBUG: key_management_endpoints.py:1232 - entered /key/generate
12:05:30 - LiteLLM Proxy:ERROR: key_management_endpoints.py:1326 - litellm.proxy.proxy_server.generate_key_fn(): Exception occured - 403: {'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}
Traceback (most recent call last):
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_endpoints/key_management_endpoints.py", line 1318, in generate_key_fn
return await _common_key_generation_helper(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...<4 lines>...
)
^
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_endpoints/key_management_endpoints.py", line 688, in _common_key_generation_helper
await validate_key_mcp_servers_against_team(
...<2 lines>...
)
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_helpers/object_permission_utils.py", line 378, in validate_key_mcp_servers_against_team
raise HTTPException(
...<2 lines>...
)
�fastapi.exceptions.HTTPException: 403: {'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}
�12:05:30 - LiteLLM Proxy:ERROR: utils.py:5285 - Exception: 403: {'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}
Traceback (most recent call last):
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_endpoints/key_management_endpoints.py", line 1318, in generate_key_fn
return await _common_key_generation_helper(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...<4 lines>...
)
^
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_endpoints/key_management_endpoints.py", line 688, in _common_key_generation_helper
await validate_key_mcp_servers_against_team(
...<2 lines>...
)
� File "/usr/lib/python3.13/site-packages/litellm/proxy/management_helpers/object_permission_utils.py", line 378, in validate_key_mcp_servers_against_team
raise HTTPException(
...<2 lines>...
)
�fastapi.exceptions.HTTPException: 403: {'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}
INFO: 10.89.5.1:35134 - "POST /key/generate HTTP/1.1" 403 ForbiddenWhat part of LiteLLM is this about?
Proxy
What LiteLLM version are you on ?
v1.83.4-nightly
Twitter / LinkedIn details
No response
Check for existing issues
Searched for similar existing issues, haven't found anything, verified issue exists also on stable on 1.82.3 as well.
What happened?
After updating a team’s MCP access groups via POST /team/update, POST /key/generate can fail with 403 if called immediately afterward. The error says the requested MCP access groups are not allowed for the team, and the “Team allows” list in the message matches the pre-update state, not the merged permissions from the latest team/update. Retrying after ~1 minute succeeds. Setting DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL=0 avoids the issue, which suggests stale in-memory management/team state during key validation.
Steps to Reproduce
Expected behavior
key/generate should enforce MCP access groups against the current team permissions after a successful team/update, so update and key creation can run back-to-back without delay.
Actual behavior
key/generate returns 403 with a message like:
{"error":{"message":"{'error': "Key requests MCP access groups not allowed by team '9c645ef3-5c43-49eb-a1da-46092dffe823': ['test2']. Team allows: ['test1']."}","type":"internal_server_error","param":"None","code":"403"}}
Same request succeeds after a 1-minute delay or with DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL=0.
Relevant log output
What part of LiteLLM is this about?
Proxy
What LiteLLM version are you on ?
v1.83.4-nightly
Twitter / LinkedIn details
No response