@Divemasterza figured out how to get this to work without making searx public (from https://forum.cloudron.io/topic/10618/how-to-connect-from-one-app-to-another-via-the-internal-network/6)
you can have cloudron oauth enabled but bypass it by calling its local hostname instead of public URL from openwebui. Tweaking @coniunctio 's query:
http://<searx app id>:<searx port>/search?q=<query>&language=auto&time_range=&safesearch=0&categories=social+media,map,it,general,science,news&format=json
example:
http://12345678-1234-1234-1234-abcdefabcdef:8888/search?q=<query>&language=auto&time_range=&safesearch=0&categories=social+media,map,it,general,science,news&format=json
find app id from cloudron dashboard, port from searxng filemanager->settings.yml under 'port:'