Login session expired with account switching #1214

New Issue

Closed

opened 2026-02-05 00:17:53 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2026-02-05 00:17:53 +03:00

Owner

Copy Link

Originally created by @cksapp on GitHub (Feb 11, 2022).

Low priority issue, noticed a slight issue with the newest release of the Bitwarden Desktop app 1.31.0

When trying to use the new Account Switching feature, you are able to login to one account with Vaultwarden as normal.

After login to another account with the same VW server, the first initial account logged in will time out.

Latest release of the desktop app reinstalled, and Vaultwarden server upgraded to latest 1.24.0

Originally created by @cksapp on GitHub (Feb 11, 2022). # Low priority issue, noticed a slight issue with the newest release of the Bitwarden Desktop app [1.31.0](https://github.com/bitwarden/desktop/releases/tag/v1.31.0) When trying to use the new [Account Switching](https://bitwarden.com/help/account-switching/) feature, you are able to login to one account with Vaultwarden as normal.  After login to another account with the same VW server, the first initial account logged in will time out.  Latest release of the desktop app reinstalled, and Vaultwarden server upgraded to latest 1.24.0

OVERLORD added the enhancementbugfuture Vault labels 2026-02-05 00:17:53 +03:00

OVERLORD closed this issue 2026-02-05 00:17:54 +03:00

OVERLORD commented 2026-02-05 00:17:59 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Feb 11, 2022):

Confirmed. It looks like it is trying to access the token, [INFO] (login) POST /identity/connect/token, but not allowed.

@BlackDex commented on GitHub (Feb 11, 2022): Confirmed. It looks like it is trying to access the token, `[INFO] (login) POST /identity/connect/token`, but not allowed.

OVERLORD commented 2026-02-05 00:18:05 +03:00

Author

Owner

Copy Link

@cksapp commented on GitHub (Feb 11, 2022):

Thanks for the info, pretty interesting to know.
I will note it seems this is even less of a priority issue as upstream had several major issues with this release and have rolled back to 1.30 as latest. Who's to say what changes may be made, my guess not much would be changed but best not to even worry about it until this is fully patched and a new public release is available.

@cksapp commented on GitHub (Feb 11, 2022): Thanks for the info, pretty interesting to know. I will note it seems this is even _less_ of a priority issue as upstream had several major issues with this release and have rolled back to [1.30](https://github.com/bitwarden/desktop/releases/tag/v1.30.0) as latest. Who's to say what changes may be made, my guess not much would be changed but best not to even worry about it until this is fully patched and a new public release is available.

OVERLORD commented 2026-02-05 00:18:12 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Feb 24, 2022):

I digged a little bit into this. And it looks like we currently only have a uniqueness on the device-id.
This in turn makes it that we overwrite this when a new user logs-in, which effectively deletes there refresh token.
To change this we need to change the whole code regarding the device table to match on both device-id and user-id on all fronts.

This will take some time and needs some good testing. But it is one the list now :).
Thanks for the report.

@BlackDex commented on GitHub (Feb 24, 2022): I digged a little bit into this. And it looks like we currently only have a uniqueness on the device-id. This in turn makes it that we overwrite this when a new user logs-in, which effectively deletes there refresh token. To change this we need to change the whole code regarding the device table to match on both device-id and user-id on all fronts. This will take some time and needs some good testing. But it is one the list now :). Thanks for the report.

OVERLORD commented 2026-02-05 00:18:13 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Mar 3, 2022):

Small update, i think i have a working patch. I just need some time to do some final checking :)

@BlackDex commented on GitHub (Mar 3, 2022): Small update, i think i have a working patch. I just need some time to do some final checking :)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label bug enhancement future Vault

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1214