NGINX log / 400 error after unlock vault #1110

New Issue

Closed

opened 2025-10-09 17:04:05 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2025-10-09 17:04:05 +03:00

Owner

Copy Link

Originally created by @alialAGR on GitHub.

Subject of the issue

After unlocking Vault, NGINX access log shows error 400 token access request like:
10.122.15.177 - - [23/Jun/2022:16:52:48 +0200] "GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NTU5OTU5NjUsImV4cCI6MTY1NjAwMzE2NSwiaXNzIjoiaHR0cHM6Ly9iaXR3YXJkZW4uc2FuZGV0ZWwuaW50fGxvZ2luIiwic3ViIjoiZTU0NzQ4M2QtOTY4Yy00ZmQ5LWFlMjEtY2FkZmRjNWI2MDEyIiwicHJlbWl1bSI6dHJ1ZSwibmFtZSI6IkFsZWphbmRybyBHb256w6FsZXoiLCJlbWFpbCI6ImFyZWF0aWMuYWRtLnNhbmRldGVsQGp1bnRhZGVhbmRhbHVjaWEuZXMiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwib3Jnb3duZXIiOlsiMjhiYTJmYzUtOTI0ZS00OWI0LWFkYTctMTgyZGEwZWRhMDk0IiwiOGUwM2RkYzItNWM2Yi00MTE3LWEzMTgtZGQ1MTZmMzcwN2M4IiwiOTAyYmJjMTQtM2NiMy00OTk5LTg5OTYtNzk2MjM0NDI0ZTUyIiwiZTdkMjc2ODUtM2ZjMy00MjFjLWIwOWMtNWI2NmZjNGFiNTVhIl0sIm9yZ2FkbWluIjpbXSwib3JndXNlciI6W10sIm9yZ21hbmFnZXIiOltdLCJzc3RhbXAiOiIzYjk5N2YzMS1lZGM1LTQ2ODEtOWVhMy02YjFkZDMwYmUwYWQiLCJkZXZpY2UiOiI4ZTZhODZiNS0yMjNhLTRhMDYtYTI0YS00YzYxZWMxNDRkNTgiLCJzY29wZSI6WyJhcGkiLCJvZmZsaW5lX2FjY2VzcyJdLCJhbXIiOlsiQXBwbGljYXRpb24iXX0.3mAOCUqOEwPn7UOo4psWtzLxHe3g5g7MmGpfF7FeV8CGFQNko4TzOVN5fWpmF9yb1anHzejglSAuGIp5Z-I5-O2xDYr-wqVgygkw3uq80WbkoC3tFO5il3xGmUhkXTWKq60DwRSGuoO3YkTmsbEzDtHjMAA6Mamd0S0GG6NfhZwVhto0rwg7UcD9Y3XQaJTsktdMEQQa_assa1NglJ7RYxvkM-i1PQg-E5iIDN6SukMWLK0dhRcmrTtNdoreN5lX1KCMaKVUNDZugKfWL6KoVvqSAEDpz_xarCDGvbLTmB00LFZENJDpnhHS3DoMnfZ2qxQt_iMDGQ2XMKjUJPMOuA HTTP/1.1" 400 2 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0"

(token changes everytime you unlock vault))

Deployment environment

• vaultwarden version: 1.25.0 (vault 2.28.1 )

• Install method: Docker in RHEL 8.5

• Clients used: Web: Mozilla / Chrome / Brave (over Ubuntu 22.04)

• Reverse proxy and version: True

• MySQL/MariaDB or PostgreSQL version:
  mysql Ver 15.1 Distrib 10.4.22-MariaDB, for Linux (x86_64) using EditLine wrapper

• Other relevant details: nginx version: nginx/1.16.1

Steps to reproduce

When Vault is locked, after validating master pass, I can work whith Vaultwarden, but I notice that apears token / error 400 in NGINX's access.log

Expected behaviour

I understand that kind of request are errors

Actual behaviour

Troubleshooting data

Originally created by @alialAGR on GitHub. <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue <!-- Describe your issue here. --> After unlocking Vault, NGINX access log shows error 400 token access request like: 10.122.15.177 - - [23/Jun/2022:16:52:48 +0200] "GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NTU5OTU5NjUsImV4cCI6MTY1NjAwMzE2NSwiaXNzIjoiaHR0cHM6Ly9iaXR3YXJkZW4uc2FuZGV0ZWwuaW50fGxvZ2luIiwic3ViIjoiZTU0NzQ4M2QtOTY4Yy00ZmQ5LWFlMjEtY2FkZmRjNWI2MDEyIiwicHJlbWl1bSI6dHJ1ZSwibmFtZSI6IkFsZWphbmRybyBHb256w6FsZXoiLCJlbWFpbCI6ImFyZWF0aWMuYWRtLnNhbmRldGVsQGp1bnRhZGVhbmRhbHVjaWEuZXMiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwib3Jnb3duZXIiOlsiMjhiYTJmYzUtOTI0ZS00OWI0LWFkYTctMTgyZGEwZWRhMDk0IiwiOGUwM2RkYzItNWM2Yi00MTE3LWEzMTgtZGQ1MTZmMzcwN2M4IiwiOTAyYmJjMTQtM2NiMy00OTk5LTg5OTYtNzk2MjM0NDI0ZTUyIiwiZTdkMjc2ODUtM2ZjMy00MjFjLWIwOWMtNWI2NmZjNGFiNTVhIl0sIm9yZ2FkbWluIjpbXSwib3JndXNlciI6W10sIm9yZ21hbmFnZXIiOltdLCJzc3RhbXAiOiIzYjk5N2YzMS1lZGM1LTQ2ODEtOWVhMy02YjFkZDMwYmUwYWQiLCJkZXZpY2UiOiI4ZTZhODZiNS0yMjNhLTRhMDYtYTI0YS00YzYxZWMxNDRkNTgiLCJzY29wZSI6WyJhcGkiLCJvZmZsaW5lX2FjY2VzcyJdLCJhbXIiOlsiQXBwbGljYXRpb24iXX0.3mAOCUqOEwPn7UOo4psWtzLxHe3g5g7MmGpfF7FeV8CGFQNko4TzOVN5fWpmF9yb1anHzejglSAuGIp5Z-I5-O2xDYr-wqVgygkw3uq80WbkoC3tFO5il3xGmUhkXTWKq60DwRSGuoO3YkTmsbEzDtHjMAA6Mamd0S0GG6NfhZwVhto0rwg7UcD9Y3XQaJTsktdMEQQa_assa1NglJ7RYxvkM-i1PQg-E5iIDN6SukMWLK0dhRcmrTtNdoreN5lX1KCMaKVUNDZugKfWL6KoVvqSAEDpz_xarCDGvbLTmB00LFZENJDpnhHS3DoMnfZ2qxQt_iMDGQ2XMKjUJPMOuA HTTP/1.1" 400 2 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0" (token changes everytime you unlock vault)) ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.25.0 (vault 2.28.1 ) <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Docker in RHEL 8.5 * Clients used: <!-- web vault, desktop, Android, iOS, etc. (if applicable) --> Web: Mozilla / Chrome / Brave (over Ubuntu 22.04) * Reverse proxy and version: <!-- if applicable --> True * MySQL/MariaDB or PostgreSQL version: <!-- if applicable --> mysql Ver 15.1 Distrib 10.4.22-MariaDB, for Linux (x86_64) using EditLine wrapper * Other relevant details: nginx version: nginx/1.16.1 ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> When Vault is locked, after validating master pass, I can work whith Vaultwarden, but I notice that apears token / error 400 in NGINX's access.log ### Expected behaviour <!-- Tell us what you expected to happen --> I understand that kind of request are errors ### Actual behaviour <!-- Tell us what actually happened --> ### Troubleshooting data <!-- Share any log files, screenshots, or other relevant troubleshooting data -->

OVERLORD closed this issue 2025-10-09 17:04:06 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

test_dylint

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

bug

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1110