Description

The /prompts/list endpoint returns 401 Unauthorized for users with internal_user role, even though the endpoint is intended to be accessible to non-admin users.

Root Cause

There is a singular/plural naming mismatch between the route definition and the self_managed_routes whitelist:

• Route defined as (plural): @router.get("/prompts/list") in litellm/proxy/prompts/prompt_endpoints.py
• Whitelist entry (singular): "/prompt/list" in litellm/proxy/_types.py → self_managed_routes

Because "/prompts/list" is not in self_managed_routes, the proxy's route permission checker falls back to requiring PROXY_ADMIN privileges, causing a 401 for internal_user sessions.

Steps to Reproduce

1. Create an internal_user API key
2. Make a GET /prompts/list request with that key
3. Observe 401 Unauthorized response

Expected Behavior

internal_user and other non-admin roles should be able to list prompts (read-only access) without a 401 error.

Fix

Add "/prompts/list" (plural) to self_managed_routes in litellm/proxy/_types.py:

# litellm/proxy/_types.py
self_managed_routes: List[str] = [
    ...
    "/prompts/list",   # was "/prompt/list" — typo, route is actually plural
    ...
]

I have a one-line fix ready and can submit a PR.

Environment

• LiteLLM proxy (latest main)
• Affected roles: internal_user, team, any non-PROXY_ADMIN role