Session expiring immediately on login #1184

New Issue

Closed

opened 2025-10-09 17:07:05 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2025-10-09 17:07:05 +03:00

Owner

Copy Link

Originally created by @jacklenox on GitHub.

Subject of the issue

I am having the exact issue described in #1177. I'm definitely running the latest version of Vaultwarden and have just migrated my data. As far as I can see, the Docker container is running on the same timezone as my computer, and they're both in sync.

Deployment environment

It's not clear to me how I access the Diagnostics tab without being able to log in. I see a lot of discussion of accessing: /admin/diagnostics, I can't seem to access this. I'm trying to reach it via: http://localhost:8008/#/admin/diagnostics

I'm clearly misunderstanding something here.

• vaultwarden version: 1.24.0

• Install method: sudo docker run -d --name vaultwarden -v ~/.vw-data:/data/ -p 8008:80 vaultwarden/server:latest

• Clients used: web vault

• Reverse proxy and version:

• MySQL/MariaDB or PostgreSQL version:

• Other relevant details:

Steps to reproduce

Try logging in once server is running.

Expected behaviour

Successful login.

Actual behaviour

"Logged out. Your login session has expired."

Troubleshooting data

[2022-03-10 10:58:58.696][request][INFO] POST /api/accounts/prelogin
[2022-03-10 10:58:58.697][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK
[2022-03-10 10:58:58.707][request][INFO] POST /identity/connect/token
[2022-03-10 10:58:58.752][vaultwarden::api::identity][INFO] User jacklenox@fastmail.com logged in successfully. IP: 172.17.0.1
[2022-03-10 10:58:58.752][response][INFO] POST /identity/connect/token (login) => 200 OK
[2022-03-10 10:58:58.817][request][INFO] POST /identity/connect/token
[2022-03-10 10:58:58.822][response][INFO] POST /identity/connect/token (login) => 200 OK
[2022-03-10 10:58:58.834][request][INFO] GET /api/sync?excludeDomains=true
[2022-03-10 10:58:58.835][auth][ERROR] Unauthorized Error: Invalid claim
[2022-03-10 10:58:58.835][response][INFO] GET /api/sync?<data..> (sync) => 401 Unauthorized

Originally created by @jacklenox on GitHub. <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue I am having the exact issue described in #1177. I'm definitely running the latest version of Vaultwarden and have just migrated my data. As far as I can see, the Docker container is running on the same timezone as my computer, and they're both in sync. ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> It's not clear to me how I access the Diagnostics tab without being able to log in. I see a lot of discussion of accessing: `/admin/diagnostics`, I can't seem to access this. I'm trying to reach it via: http://localhost:8008/#/admin/diagnostics I'm clearly misunderstanding something here. <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.24.0 <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: `sudo docker run -d --name vaultwarden -v ~/.vw-data:/data/ -p 8008:80 vaultwarden/server:latest` * Clients used: <!-- web vault, desktop, Android, iOS, etc. (if applicable) --> web vault * Reverse proxy and version: <!-- if applicable --> * MySQL/MariaDB or PostgreSQL version: <!-- if applicable --> * Other relevant details: ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> Try logging in once server is running. ### Expected behaviour <!-- Tell us what you expected to happen --> Successful login. ### Actual behaviour <!-- Tell us what actually happened --> "Logged out. Your login session has expired." ### Troubleshooting data <!-- Share any log files, screenshots, or other relevant troubleshooting data --> ``` [2022-03-10 10:58:58.696][request][INFO] POST /api/accounts/prelogin [2022-03-10 10:58:58.697][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK [2022-03-10 10:58:58.707][request][INFO] POST /identity/connect/token [2022-03-10 10:58:58.752][vaultwarden::api::identity][INFO] User jacklenox@fastmail.com logged in successfully. IP: 172.17.0.1 [2022-03-10 10:58:58.752][response][INFO] POST /identity/connect/token (login) => 200 OK [2022-03-10 10:58:58.817][request][INFO] POST /identity/connect/token [2022-03-10 10:58:58.822][response][INFO] POST /identity/connect/token (login) => 200 OK [2022-03-10 10:58:58.834][request][INFO] GET /api/sync?excludeDomains=true [2022-03-10 10:58:58.835][auth][ERROR] Unauthorized Error: Invalid claim [2022-03-10 10:58:58.835][response][INFO] GET /api/sync?<data..> (sync) => 401 Unauthorized ```

OVERLORD closed this issue 2025-10-09 17:07:06 +03:00

OVERLORD commented 2025-10-09 17:07:07 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub:

You should go to http://localhost:8080/admin/diagnostics, so without the /#/ part, because that is used by the web-vault it self.
Also, I'm not sure how and what you exactly migrated, but if you generated new rsa files which are used for the generation of the JWT, then it probably is an issue with that.

But first try to get the support string.

@BlackDex commented on GitHub: You should go to http://localhost:8080/admin/diagnostics, so without the `/#/` part, because that is used by the web-vault it self. Also, I'm not sure how and what you exactly migrated, but if you generated new rsa files which are used for the generation of the JWT, then it probably is an issue with that. But first try to get the support string.

OVERLORD referenced this issue 2025-10-09 17:17:51 +03:00

Update to 1.18.0 Fails #1514

OVERLORD referenced this issue 2025-10-09 17:56:01 +03:00

[META] Feature Requests #2294

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

test_dylint

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

bug

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1184