mirror of
https://github.com/pocket-id/pocket-id.git
synced 2025-12-06 09:13:19 +03:00
🐛 Bug Report: Passkey doesn't get saved on Firefox Mobile, Android 13 #270
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @000yesnt on GitHub.
Reproduction steps
After adding a new passkey through Firefox Mobile on Android 13, log out and try to log back in.
Expected behavior
Android shows me that I have a passkey available; the passkey appears on Google's Password Manager. Example video recorded on Chrome:
https://github.com/user-attachments/assets/7deb1d72-b658-41ac-9048-9272e0f31c80
Actual Behavior
Android says I have no passkey; passkey doesn't appear on Google Password Manager
https://github.com/user-attachments/assets/8736e50d-1048-414a-977a-ad15aa081b3d
Version and Environment
Pocket ID 0.44.0 (the demo version at time of report)
Samsung Galaxy M52 5G, Android 13, One UI 5.1
Firefox 136.0.2
Passkeys do work on Firefox. Here's a recording of me successfully using one on webauthn.io
https://github.com/user-attachments/assets/7a85e909-9ee7-4a48-bf33-d3d53d7f515d
I have to create a passkey from Chrome to be able to use it in Firefox.
Log Output
Replicating the issue on my server:
@000yesnt commented on GitHub:
I understand, but I don't think that explains why webauthn.io prompted me to add a passkey to my Google account while Pocket ID didn't.
What does Pocket ID do different? if it worked like webauthn, shouldn't it ask me to use the google password manager?
and I'm only getting this issue on firefox, and only on pocket id. it works fine on other passkey demos. I attached a recording of webauthn.io working fine on firefox. I don't think we're having the same exact issue?
I should also emphasize the following part on my report:
@stonith404 commented on GitHub:
Thanks for reporting this https://github.com/keycloak/keycloak/issues/32816 doesn't seem related as "Require discoverable credential" is enabled in Pocket ID.
I don't have an Android device so I can't really debug this but I keep an eye on this issue.
@000yesnt commented on GitHub:
I found a similar issue reported to Keycloak, could this be related somehow? https://github.com/keycloak/keycloak/issues/32816
@wargio commented on GitHub:
Because your device prompted you with the google password manager, meanwhile in the second screen it didn't.
Yes indeed. i have the same issue on the phone which does have google services and i only recently was able to do the same. it's an issue with firefox and the android ecosystem.
Try updating firefox to 136.0.2 or use the dev build (from google play i use 138.0a1)
@wargio commented on GitHub:
This is not an issue with pocketid, it's an issue with google services. i have the exact same behaviour on phones that do not support/use google services.
Essentially in the first video you are using google password manager, meanwhile in the second you are using the passkeys selector, which allows you to use different ways of logging in (like nfc cards, usb keys, etc..)
The "use this device" is absolutely broken on all the devices, unless you specifically use the google password manager (this is why it says "cannot find passkey for xxx.domain.yyy").
To be clear, i have the exact same behaviour on all the demo websites (including pocket-id) using firefox & chrome.
@reneald commented on GitHub:
I've been encountering this same issue on Android 14 + Firefox. When on https://webauthn.io I use the default settings to register, Google Password Manager kicks in, I can save a passkey, and am able to use that passkey to authenticate (as in OP's 3rd recording). When on pocket-id, instead of Google Password Manager I get the same popup as in OP's 2nd recording. Choosing 'this device' doesn't seem to actually save a passkey to the device, and I cannot authenticate afterwards.
I've done some more digging around. On WebAuthn, when going to advanced settings and selecting Discoverable Credential: Discouraged, the same popup from OP's 2nd recording shows up instead of Google Password Manager.
Is it possible that pocket-id uses non-discoverable credentials? I couldn't find any info about it in the documentation. Is there any way to force the use of discoverable credentials instead?
@stonith404 commented on GitHub:
I'm closing this issue as this doesn't seem related to Pocket ID. Feel free to comment on this issue if you find out more.
@nydragon commented on GitHub:
I am encountering the exact same behaviour, Pocket ID allows me to register a new key on Firefox and Chrome, but when trying to log in, my phones claim that there is no passkey for that website.
Tested with Google Play Services and MicroG and everything works as expected on webauthn.io for both of GApps and MicroG
@stonith404 commented on GitHub:
@reneald Thanks for helping to debug this issue.
Pocket ID requires discoverable credentials by setting
residentKeytorequired. Webauthn.io seems to setresidentKeytopreferred. Would you mind to test setting "Discoverable Credential" to "required" on webauthn.io and let me know if the Google Password Manager doesn't get shown in this case?@reneald commented on GitHub:
Both options work with Google password manager, although the user interface is slightly different:
Preferred:
Required:
@stonith404 commented on GitHub:
@Sud-Puth thanks for sharing your findings.
Would you guys mind to testing Firefox beta too?
@Sud-Puth commented on GitHub:
One more data point - I am on Android 16 and Firefox - 142.0.1 , the behavior for me is that the popup from webauthn works in Chrome and the latest Firefox beta but not on the latest Firefox. I did go back to the previous version of Firefox stable and nope, didn't work.
Somehow gives the 'highlighted' focus error - Type error for parameter updateProperties (Property "highlighted" is unsupported by Firefox) for tabs.update.
I guess the official page does say Firefox is not supported - https://www.webauthn.me/browser-support
While the tab with 'your current browser' information does say it's supported.
@stonith404 commented on GitHub:
Huh, okay, that's really strange. I'll check what other things Pocket ID handles differently from Webauthn.io. I get back on you as soon as I have more information.
@Ulrar commented on GitHub:
Running into this myself now, I see this issue is still closed as not planned, should it maybe be re-opened if it's being investigated ?
@domodial commented on GitHub:
I have a similar problem.
On Firefox and Firefox Beta, it's impossible to save the key on Android.
When I select "this device," nothing happens.
The window keeps looping.
While reading your thread, I tried Chrome (which I haven't used for a long time). Wow ! It works perfectly.
If I log out, I can log back in with the key without any problems.
If I log on Firefox, chrome send the key on firefox and work without any problems !
What's going on with Firefox?
I imagine this solution should work with most popular browsers, or just with Chrome?
@reneald commented on GitHub:
I've just tested with Firefox beta on android, and it doesn't work for me unfortunately. It still says that no passkeys are found on my device, while chrome or brave work as expected.
@stonith404 commented on GitHub:
I’m closing this issue because it’s very unlikely that the problem is caused by Pocket ID itself. If you continue to experience the issue, please try the solution suggested by @Sud-Puth in the comment above. If the problem persists without having enabled a non-default password manager for passkeys, feel free to reopen this issue.
@Sud-Puth commented on GitHub:
So with that, mine might be a user error. I had to disable my bitwarden
extension on Firefox for it too work properly. I'll go open an issue with
bitwarden. But Android 16 - bitwarden / Google passkeys - it works as long
as I don't have extensions that are causing issues
On Fri, Aug 29, 2025, 2:35 AM Leander Van Reeth @.***>
wrote: