🐛 Bug Report: Since 1.0 #192

New Issue

Closed

opened 2025-10-07 00:05:24 +03:00 by OVERLORD · 16 comments

OVERLORD commented 2025-10-07 00:05:24 +03:00

Owner

Copy Link

Originally created by @brentcrammond on GitHub.

Reproduction steps

Since 1.0.0 I have not been able to set it up. I have since upgraded to 1.1.0 and still the same behaviour.

I removed the data directory and recreated it.

It goes from the Pocket Id Setup Screen straight to the Authenticate Screen rather than to my configuration screen.

I tried generating a Login code for Admin and the same thing happens.

Expected behavior

Should go to the Setup Screen.

Actual Behavior

Goes to Authenticate Screen.

Version and Environment

v1.1.0

Log Output

Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 200 | 325.754µs | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 200 | 434.547µs | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 200 | 120.92µs | 172.19.0.1 | GET "/_app/immutable/chunks/CqSS0KpJ.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 228.561µs | 172.19.0.1 | GET "/_app/immutable/chunks/CqSS0KpJ.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 93.153µs | 172.19.0.1 | GET "/_app/immutable/chunks/DE3NMZcN.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 191.272µs | 172.19.0.1 | GET "/_app/immutable/chunks/DE3NMZcN.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 608.193µs | 172.19.0.1 | GET "/_app/immutable/nodes/10.DY40ijMa.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 669.277µs | 172.19.0.1 | GET "/_app/immutable/nodes/10.DY40ijMa.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 209.88µs | 172.19.0.1 | GET "/_app/immutable/chunks/C8Uzcp-Y.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 330.12µs | 172.19.0.1 | GET "/_app/immutable/chunks/C8Uzcp-Y.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 294.71µs | 172.19.0.1 | GET "/_app/immutable/chunks/CZFQFdVL.js"
[GIN] 2025/05/29 - 20:59:51 | 200 | 383.53µs | 172.19.0.1 | GET "/_app/immutable/chunks/CZFQFdVL.js"
[GIN] 2025/05/29 - 20:59:51 | 401 | 177.073µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 401 | 307.165µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 200 | 1.427034ms | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 200 | 1.953721ms | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 304 | 290.046µs | 172.19.0.1 | GET "/api/application-configuration/logo?light=false"
[GIN] 2025/05/29 - 20:59:51 | 304 | 362.416µs | 172.19.0.1 | GET "/api/application-configuration/logo?light=false"
[GIN] 2025/05/29 - 20:59:51 | 304 | 225.139µs | 172.19.0.1 | GET "/api/application-configuration/background-image"
[GIN] 2025/05/29 - 20:59:51 | 304 | 286.261µs | 172.19.0.1 | GET "/api/application-configuration/background-image"
[GIN] 2025/05/29 - 20:59:51 | 200 | 18.203684ms | 172.19.0.1 | POST "/api/one-time-access-token/uq8S4t8GSEbYd5MP"
[GIN] 2025/05/29 - 20:59:51 | 200 | 18.285466ms | 172.19.0.1 | POST "/api/one-time-access-token/uq8S4t8GSEbYd5MP"
[GIN] 2025/05/29 - 20:59:51 | 401 | 127.202µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 401 | 234.662µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 200 | 241.159µs | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 200 | 309.709µs | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 401 | 35.249µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 401 | 60.38µs | 172.19.0.1 | GET "/api/users/me"
Error #01: You are not signed in
[GIN] 2025/05/29 - 20:59:51 | 200 | 49.497µs | 172.19.0.1 | GET "/api/application-configuration"
[GIN] 2025/05/29 - 20:59:51 | 200 | 70.099µs | 172.19.0.1 | GET "/api/application-configuration"
2025/05/29 21:00:00 Job "SyncLdap" run successfully
[GIN] 2025/05/29 - 21:00:00 | 204 | 1.153µs | ::1 | GET "/healthz"
[GIN] 2025/05/29 - 21:00:00 | 204 | 36.303µs | ::1 | GET "/healthz"
[GIN] 2025/05/29 - 21:01:30 | 204 | 1.132µs | ::1 | GET "/healthz"
[GIN] 2025/05/29 - 21:01:30 | 204 | 33.085µs | ::1 | GET "/healthz"
[GIN] 2025/05/29 - 21:03:00 | 204 | 1.064µs | ::1 | GET "/healthz"
[GIN] 2025/05/29 - 21:03:00 | 204 | 30.732µs | ::1 | GET "/healthz"

Originally created by @brentcrammond on GitHub. ### Reproduction steps Since 1.0.0 I have not been able to set it up. I have since upgraded to 1.1.0 and still the same behaviour. I removed the data directory and recreated it. It goes from the Pocket Id Setup Screen straight to the Authenticate Screen rather than to my configuration screen. I tried generating a Login code for Admin and the same thing happens. ### Expected behavior Should go to the Setup Screen. ### Actual Behavior Goes to Authenticate Screen. ### Version and Environment v1.1.0 ### Log Output Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 200 | 325.754µs | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 200 | 434.547µs | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 200 | 120.92µs | 172.19.0.1 | GET "/_app/immutable/chunks/CqSS0KpJ.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 228.561µs | 172.19.0.1 | GET "/_app/immutable/chunks/CqSS0KpJ.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 93.153µs | 172.19.0.1 | GET "/_app/immutable/chunks/DE3NMZcN.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 191.272µs | 172.19.0.1 | GET "/_app/immutable/chunks/DE3NMZcN.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 608.193µs | 172.19.0.1 | GET "/_app/immutable/nodes/10.DY40ijMa.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 669.277µs | 172.19.0.1 | GET "/_app/immutable/nodes/10.DY40ijMa.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 209.88µs | 172.19.0.1 | GET "/_app/immutable/chunks/C8Uzcp-Y.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 330.12µs | 172.19.0.1 | GET "/_app/immutable/chunks/C8Uzcp-Y.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 294.71µs | 172.19.0.1 | GET "/_app/immutable/chunks/CZFQFdVL.js" [GIN] 2025/05/29 - 20:59:51 | 200 | 383.53µs | 172.19.0.1 | GET "/_app/immutable/chunks/CZFQFdVL.js" [GIN] 2025/05/29 - 20:59:51 | 401 | 177.073µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 401 | 307.165µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 200 | 1.427034ms | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 200 | 1.953721ms | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 304 | 290.046µs | 172.19.0.1 | GET "/api/application-configuration/logo?light=false" [GIN] 2025/05/29 - 20:59:51 | 304 | 362.416µs | 172.19.0.1 | GET "/api/application-configuration/logo?light=false" [GIN] 2025/05/29 - 20:59:51 | 304 | 225.139µs | 172.19.0.1 | GET "/api/application-configuration/background-image" [GIN] 2025/05/29 - 20:59:51 | 304 | 286.261µs | 172.19.0.1 | GET "/api/application-configuration/background-image" [GIN] 2025/05/29 - 20:59:51 | 200 | 18.203684ms | 172.19.0.1 | POST "/api/one-time-access-token/uq8S4t8GSEbYd5MP" [GIN] 2025/05/29 - 20:59:51 | 200 | 18.285466ms | 172.19.0.1 | POST "/api/one-time-access-token/uq8S4t8GSEbYd5MP" [GIN] 2025/05/29 - 20:59:51 | 401 | 127.202µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 401 | 234.662µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 200 | 241.159µs | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 200 | 309.709µs | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 401 | 35.249µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 401 | 60.38µs | 172.19.0.1 | GET "/api/users/me" Error #01: You are not signed in [GIN] 2025/05/29 - 20:59:51 | 200 | 49.497µs | 172.19.0.1 | GET "/api/application-configuration" [GIN] 2025/05/29 - 20:59:51 | 200 | 70.099µs | 172.19.0.1 | GET "/api/application-configuration" 2025/05/29 21:00:00 Job "SyncLdap" run successfully [GIN] 2025/05/29 - 21:00:00 | 204 | 1.153µs | ::1 | GET "/healthz" [GIN] 2025/05/29 - 21:00:00 | 204 | 36.303µs | ::1 | GET "/healthz" [GIN] 2025/05/29 - 21:01:30 | 204 | 1.132µs | ::1 | GET "/healthz" [GIN] 2025/05/29 - 21:01:30 | 204 | 33.085µs | ::1 | GET "/healthz" [GIN] 2025/05/29 - 21:03:00 | 204 | 1.064µs | ::1 | GET "/healthz" [GIN] 2025/05/29 - 21:03:00 | 204 | 30.732µs | ::1 | GET "/healthz"

OVERLORD added the bug label 2025-10-07 00:05:24 +03:00

OVERLORD closed this issue 2025-10-07 00:05:24 +03:00

OVERLORD commented 2025-10-07 00:05:26 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

docker-compose.yml

services:
pocket-id:
container_name: pocket-id
image: ghcr.io/pocket-id/pocket-id:v1.1.0
env_file: .env
ports:
- "1411:1411"
networks:
- default
- backbone
volumes:
- "./data:/app/data"
restart: unless-stopped
healthcheck:
test: "curl -f http://localhost:1411/healthz"
interval: 1m30s
timeout: 5s
retries: 2
start_period: 10s

networks:
default:
backbone:
external: true

.env

See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables

APP_URL=http://nuc:1411
TRUST_PROXY=false
MAXMIND_LICENSE_KEY=
PUID=1000
PGID=1000

@brentcrammond commented on GitHub: docker-compose.yml --- services: pocket-id: container_name: pocket-id image: ghcr.io/pocket-id/pocket-id:v1.1.0 env_file: .env ports: - "1411:1411" networks: - default - backbone volumes: - "./data:/app/data" restart: unless-stopped healthcheck: test: "curl -f http://localhost:1411/healthz" interval: 1m30s timeout: 5s retries: 2 start_period: 10s networks: default: backbone: external: true .env ---- # See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables APP_URL=http://nuc:1411 TRUST_PROXY=false MAXMIND_LICENSE_KEY= PUID=1000 PGID=1000

OVERLORD commented 2025-10-07 00:05:26 +03:00

Author

Owner

Copy Link

@simono41 commented on GitHub:

I have the problem, too.
It has had a short time after the successful migration to v1.0.0 worked but now it does not work on both versions v1.0.0 and v1.1.0 anymore.

services:
  pocketid:
    image: ghcr.io/pocket-id/pocket-id:latest
    container_name: pocket-id
    restart: unless-stopped
    env_file: .env
    volumes:
      - ./data:/app/data
    #ports:
    #  - "1411:1411"
    depends_on:
      - db
    labels:
      caddy: xxx
      caddy.route.appsec: ""
      caddy.route.crowdsec: ""
      caddy.route.reverse_proxy: "{{upstreams 1411}}"
      caddy.encode: zstd gzip
      caddy.log: ""
      caddy.log.output: file /logs/xxx.log
      caddy.log.output.roll_size: 100MiB
      caddy.log.output.roll_keep: "5"
      caddy.log.output.roll_keep_for: 100d
      caddy.log.format: json
      caddy.log.level: INFO
    networks:
      default:
      caddy:
      monitoring:
        ipv4_address: 10.1.0.179
    healthcheck:
      test: "curl -f http://localhost:1411/healthz" # Update the port in the healthcheck
      interval: 1m30s
      timeout: 5s
      retries: 2
      start_period: 10s

APP_URL=xxx
DB_CONNECTION_STRING=xxx
TRUST_PROXY=true # Set to true if a reverse proxy is in front of the container
DB_PROVIDER=postgres
TRACING_ENABLED=false
METRICS_ENABLED=true
OTEL_METRICS_EXPORTER=prometheus
OTEL_EXPORTER_PROMETHEUS_HOST=10.1.0.179
OTEL_EXPORTER_PROMETHEUS_PORT=9464
TRUST_PROXY=true
MAXMIND_LICENSE_KEY=xxx
PUID=1000
PGID=1000

docker inspect --format='{{index .RepoDigests 0}}'  ghcr.io/pocket-id/pocket-id
ghcr.io/pocket-id/pocket-id@sha256:eaf427326c36e3e7ea2d8b6997e0cee904c935cff6b626e5edda4ded9500dbc4

@simono41 commented on GitHub: I have the problem, too. It has had a short time after the successful migration to v1.0.0 worked but now it does not work on both versions v1.0.0 and v1.1.0 anymore. ~~~ services: pocketid: image: ghcr.io/pocket-id/pocket-id:latest container_name: pocket-id restart: unless-stopped env_file: .env volumes: - ./data:/app/data #ports: # - "1411:1411" depends_on: - db labels: caddy: xxx caddy.route.appsec: "" caddy.route.crowdsec: "" caddy.route.reverse_proxy: "{{upstreams 1411}}" caddy.encode: zstd gzip caddy.log: "" caddy.log.output: file /logs/xxx.log caddy.log.output.roll_size: 100MiB caddy.log.output.roll_keep: "5" caddy.log.output.roll_keep_for: 100d caddy.log.format: json caddy.log.level: INFO networks: default: caddy: monitoring: ipv4_address: 10.1.0.179 healthcheck: test: "curl -f http://localhost:1411/healthz" # Update the port in the healthcheck interval: 1m30s timeout: 5s retries: 2 start_period: 10s ~~~ ~~~ APP_URL=xxx DB_CONNECTION_STRING=xxx TRUST_PROXY=true # Set to true if a reverse proxy is in front of the container DB_PROVIDER=postgres TRACING_ENABLED=false METRICS_ENABLED=true OTEL_METRICS_EXPORTER=prometheus OTEL_EXPORTER_PROMETHEUS_HOST=10.1.0.179 OTEL_EXPORTER_PROMETHEUS_PORT=9464 TRUST_PROXY=true MAXMIND_LICENSE_KEY=xxx PUID=1000 PGID=1000 ~~~ ~~~ docker inspect --format='{{index .RepoDigests 0}}' ghcr.io/pocket-id/pocket-id ghcr.io/pocket-id/pocket-id@sha256:eaf427326c36e3e7ea2d8b6997e0cee904c935cff6b626e5edda4ded9500dbc4 ~~~

OVERLORD commented 2025-10-07 00:05:27 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

The image doesn't load

@stonith404 commented on GitHub: The image doesn't load

OVERLORD commented 2025-10-07 00:05:27 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

@brentcrammond You have to use https as stated in the docs.

@stonith404 commented on GitHub: @brentcrammond You have to use https as [stated in the docs](https://pocket-id.org/docs/setup/installation#before-you-start).

OVERLORD commented 2025-10-07 00:05:27 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

I'm confused it states http not https see below.

[image: image.png]
Kind Regards

Brent Crammond

On Fri, May 30, 2025 at 9:52 AM Elias Schneider @.***>
wrote:

stonith404 left a comment (pocket-id/pocket-id#591)
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920669377

@brentcrammond https://github.com/brentcrammond You have to use https
as stated in the docs
https://pocket-id.org/docs/setup/installation#before-you-start.

—
Reply to this email directly, view it on GitHub
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920669377,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ABPYWIW63GFCVYVKLTLDT2D3A56SLAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRQGY3DSMZXG4
.
You are receiving this because you were mentioned.Message ID:
@.***>

@brentcrammond commented on GitHub: I'm confused it states http not https see below. [image: image.png] Kind Regards --- Brent Crammond On Fri, May 30, 2025 at 9:52 AM Elias Schneider ***@***.***> wrote: > *stonith404* left a comment (pocket-id/pocket-id#591) > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920669377> > > @brentcrammond <https://github.com/brentcrammond> You have to use https > as stated in the docs > <https://pocket-id.org/docs/setup/installation#before-you-start>. > > — > Reply to this email directly, view it on GitHub > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920669377>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ABPYWIW63GFCVYVKLTLDT2D3A56SLAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRQGY3DSMZXG4> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

OVERLORD commented 2025-10-07 00:05:28 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

I did try https but that didn't work either.

Yes http://localhost:1411/login/setup kind of suggests http.

Kind Regards

Brent Crammond
MBA, BSc(Comp. Sci.)
email: @.*** @.***>
mobile: +64 21 228 5366

“Live as if you were to die tomorrow. Learn as if you were to live
forever” - Gandhi

On Fri, May 30, 2025 at 11:31 AM Elias Schneider @.***>
wrote:

stonith404 left a comment (pocket-id/pocket-id#591)
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920806594

I don't see where it should state that you should use http instead of
https in your screenshot. Maybe the "http://localhost:1411/login/setup"
confuses you?

But anyways, does it work with https enabled?

—
Reply to this email directly, view it on GitHub
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920806594,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ABPYWIRZOOGMSR27AAOAU7D3A6KEJAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRQHAYDMNJZGQ
.
You are receiving this because you were mentioned.Message ID:
@.***>

@brentcrammond commented on GitHub: I did try https but that didn't work either. Yes http://localhost:1411/login/setup kind of suggests http. Kind Regards --- Brent Crammond *MBA, BSc(Comp. Sci.)* email: ***@***.*** ***@***.***> *mobile:* +64 21 228 5366 *“Live as if you were to die tomorrow. Learn as if you were to live forever”* - *Gandhi* On Fri, May 30, 2025 at 11:31 AM Elias Schneider ***@***.***> wrote: > *stonith404* left a comment (pocket-id/pocket-id#591) > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920806594> > > I don't see where it should state that you should use http instead of > https in your screenshot. Maybe the "http://localhost:1411/login/setup" > confuses you? > > But anyways, does it work with https enabled? > > — > Reply to this email directly, view it on GitHub > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2920806594>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ABPYWIRZOOGMSR27AAOAU7D3A6KEJAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRQHAYDMNJZGQ> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

OVERLORD commented 2025-10-07 00:05:28 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

I don't see where it should state that you should use http instead of https in your screenshot. Maybe the "http://localhost:1411/login/setup" confuses you?

But anyways, does it work with https enabled?

@stonith404 commented on GitHub: I don't see where it should state that you should use http instead of https in your screenshot. Maybe the "http://localhost:1411/login/setup" confuses you? But anyways, does it work with https enabled?

OVERLORD commented 2025-10-07 00:05:29 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

Note I am treating it as a new installation and have deleted all files in data and cleared out cookies and local/session storage

@brentcrammond commented on GitHub: Note I am treating it as a new installation and have deleted all files in data and cleared out cookies and local/session storage

OVERLORD commented 2025-10-07 00:05:29 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

@brentcrammond commented on GitHub: 

OVERLORD commented 2025-10-07 00:05:29 +03:00

Author

Owner

Copy Link

@Loapu commented on GitHub:

@brentcrammond I think @stonith404 meant this page: https://pocket-id.org/docs/troubleshooting/common-issues
There it states that you should navigate to the public URL to set up the admin account. In your environment, the app URL is "http://nuc:1411" which is in fact HTTP and not HTTPS. You need a true HTTPS setup with a valid certificate and the correct APP_URL set in your environment for any passkey-stuff to work correctly.

@Loapu commented on GitHub: @brentcrammond I think @stonith404 meant this page: https://pocket-id.org/docs/troubleshooting/common-issues There it states that you should navigate to the public URL to set up the admin account. In your environment, the app URL is "http://nuc:1411" which is in fact HTTP and not HTTPS. You need a true HTTPS setup with a valid certificate and the correct APP_URL set in your environment for any passkey-stuff to work correctly.

OVERLORD commented 2025-10-07 00:05:30 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

I'll put it back behind my reverse proxy, I had removed it from there as I
was getting another error.

Kind Regards

Brent Crammond

On Sat, May 31, 2025 at 1:11 AM Elias Schneider @.***>
wrote:

stonith404 left a comment (pocket-id/pocket-id#591)
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2922361150

@simono41 https://github.com/simono41 Okay that's really odd, let me
know if you have the issue again.

@brentcrammond https://github.com/brentcrammond Can you confirm that
you are accessing Pocket ID over HTTPS when you try to open the setup page?

If yes, please share a screenshot of the /api/one-time-access-token/setup
request in the network tab of the Chrom dev tools:
image.png (view on web)
https://github.com/user-attachments/assets/a398ba0a-cc85-4f00-9227-69ed334ab19f
Make sure to blur out the access token.

—
Reply to this email directly, view it on GitHub
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2922361150,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ABPYWIT2OZFHKP3HELPE5FT3BBKJFAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRSGM3DCMJVGA
.
You are receiving this because you were mentioned.Message ID:
@.***>

@brentcrammond commented on GitHub: I'll put it back behind my reverse proxy, I had removed it from there as I was getting another error. Kind Regards --- Brent Crammond On Sat, May 31, 2025 at 1:11 AM Elias Schneider ***@***.***> wrote: > *stonith404* left a comment (pocket-id/pocket-id#591) > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2922361150> > > @simono41 <https://github.com/simono41> Okay that's really odd, let me > know if you have the issue again. > > @brentcrammond <https://github.com/brentcrammond> Can you confirm that > you are accessing Pocket ID over HTTPS when you try to open the setup page? > > If yes, please share a screenshot of the /api/one-time-access-token/setup > request in the network tab of the Chrom dev tools: > image.png (view on web) > <https://github.com/user-attachments/assets/a398ba0a-cc85-4f00-9227-69ed334ab19f> > Make sure to blur out the access token. > > — > Reply to this email directly, view it on GitHub > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2922361150>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ABPYWIT2OZFHKP3HELPE5FT3BBKJFAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRSGM3DCMJVGA> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

OVERLORD commented 2025-10-07 00:05:31 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

@simono41 Okay that's really odd, let me know if you have the issue again.

@brentcrammond Can you confirm that you are accessing Pocket ID over HTTPS when you try to open the setup page?

If yes, please share a screenshot of the /api/one-time-access-token/setup request in the network tab of the Chrom dev tools:

Make sure to blur out the access token.

@stonith404 commented on GitHub: @simono41 Okay that's really odd, let me know if you have the issue again. @brentcrammond Can you confirm that you are accessing Pocket ID over HTTPS when you try to open the setup page? If yes, please share a screenshot of the `/api/one-time-access-token/setup` request in the network tab of the Chrom dev tools: <img width="974" alt="Image" src="https://github.com/user-attachments/assets/a398ba0a-cc85-4f00-9227-69ed334ab19f" /> Make sure to blur out the access token.

OVERLORD commented 2025-10-07 00:05:31 +03:00

Author

Owner

Copy Link

@progsam commented on GitHub:

I had the same issues. The main source of the confusion are the paragraphs in https://pocket-id.org/docs/setup/installation:

I suggest editing that to something like:

You can now sign in with the admin account on https://id.example.com/login/setup (replace with your actual domain), assuming the secure URL has already been set up.

Same with the .env file. The entry should be changed to APP_URL=https://id.example.com instead of APP_URL=http://localhost:1411 and add a comment that it's necessary to change.

The "Before you start" section can also be expanded to include examples of how to use reverse proxies like Traefik for self-hosted sites. I used Cloudflare Tunnels (my nameservers were already hosted there). It was easy to set up a public hostname to point to a self-hosted IP like http://10.0.0.2:1411.

@progsam commented on GitHub: I had the same issues. The main source of the confusion are the paragraphs in https://pocket-id.org/docs/setup/installation:  I suggest editing that to something like: > You can now sign in with the admin account on https://id.example.com/login/setup (replace with your actual domain), assuming the secure URL has already been set up. Same with the `.env` file. The entry should be changed to `APP_URL=https://id.example.com` instead of `APP_URL=http://localhost:1411` and add a comment that it's necessary to change. The "Before you start" section can also be expanded to include examples of how to use reverse proxies like Traefik for self-hosted sites. I used Cloudflare Tunnels (my nameservers were already hosted there). It was easy to set up a public hostname to point to a self-hosted IP like http://10.0.0.2:1411.

OVERLORD commented 2025-10-07 00:05:31 +03:00

Author

Owner

Copy Link

@simono41 commented on GitHub:

With me, I had already set it to HTTPS. But now comes something banal, I have tried the login again today, and now it has worked like a magic hand again. I had exactly the same error message yesterday @brentcrammond

@simono41 commented on GitHub: With me, I had already set it to HTTPS. But now comes something banal, I have tried the login again today, and now it has worked like a magic hand again. I had exactly the same error message yesterday @brentcrammond

OVERLORD commented 2025-10-07 00:05:31 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

Thanks for the suggestion. The .env.example has now an URL with https and I've improved the docs.

I'm closing this issue because the issue seems that you're not using HTTPS.

@stonith404 commented on GitHub: Thanks for the suggestion. The `.env.example` has now an URL with https and I've improved the docs. I'm closing this issue because the issue seems that you're not using HTTPS.

OVERLORD commented 2025-10-07 00:05:32 +03:00

Author

Owner

Copy Link

@brentcrammond commented on GitHub:

Thanks I finally got around to getting it going, it is sitting behind my
caddy server. Weird thing is it is pretty much how I had it configured
initially.

Kind Regards

Brent Crammond

On Sun, Jun 1, 2025 at 6:53 AM Elias Schneider @.***>
wrote:

stonith404 left a comment (pocket-id/pocket-id#591)
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2925578444

Thanks for the suggestion. The .env.example has now an URL with https and
I've improved the docs.

I'm closing this issue because the issue seems that you're not using HTTPS.

—
Reply to this email directly, view it on GitHub
https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2925578444,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ABPYWIVYCXNWTL646L5XELL3BH3CNAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRVGU3TQNBUGQ
.
You are receiving this because you were mentioned.Message ID:
@.***>

@brentcrammond commented on GitHub: Thanks I finally got around to getting it going, it is sitting behind my caddy server. Weird thing is it is pretty much how I had it configured initially. Kind Regards --- Brent Crammond On Sun, Jun 1, 2025 at 6:53 AM Elias Schneider ***@***.***> wrote: > *stonith404* left a comment (pocket-id/pocket-id#591) > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2925578444> > > Thanks for the suggestion. The .env.example has now an URL with https and > I've improved the docs. > > I'm closing this issue because the issue seems that you're not using HTTPS. > > — > Reply to this email directly, view it on GitHub > <https://github.com/pocket-id/pocket-id/issues/591#issuecomment-2925578444>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ABPYWIVYCXNWTL646L5XELL3BH3CNAVCNFSM6AAAAAB6GPRA5CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMRVGU3TQNBUGQ> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

i18n_crowdin

breaking/v2

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id#192