Windows 10 Desktop app FIDO2 Webauthn stuck on "Loading" #1263

New Issue

Closed

opened 2025-10-09 17:09:26 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2025-10-09 17:09:26 +03:00

Owner

Copy Link

Originally created by @timespacedecay on GitHub.

I’m on the testing build of VaultWarden.

When trying to use FIDO2 WebAuthn login on the Bitwarden desktop app on Windows 10, the app displays “Loading” and never progresses. The following occurs in the vaultwarden logs:

[2021-10-26 10:07:37.321][request][INFO] POST /api/accounts/prelogin
[2021-10-26 10:07:37.321][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK
[2021-10-26 10:07:37.358][request][INFO] POST /identity/connect/token
[2021-10-26 10:07:37.396][error][ERROR] 2FA token not provided
[2021-10-26 10:07:37.396][response][INFO] POST /identity/connect/token (login) => 400 Bad Request

The mobile apps and browser extensions work as expected with WebAuthn (including the browser extension for Firefox on the same PC as the Desktop app having this issue).

Vaultwarden is hosted on my server at home and only accessible on my local LAN. I followed the HAProxy for pfSense guide to set up the reverse proxy.

DOMAIN variable is set in Unraid Docker for VaultWarden. Domain is also set in admin panel. No trailing / on the domain (https://vault.mylocaldomain.com).

https://vault.mylocaldomain.com/webauthn-mobile-connector.html correctly resolves the WebAuthn image (which is suppose to appear in the desktop app).

I have removed all headers from pfSense HAProxy; same issue. I have tried to connect directly via IP:Port in the desktop app; same issue.

I looked at the official BitWarden GitHub and the desktop app seems to work as expected for them. This seems to be an issue specific to either VaultWarden or with pfSense/HAProxy maybe?

Originally created by @timespacedecay on GitHub. I’m on the testing build of VaultWarden. When trying to use FIDO2 WebAuthn login on the Bitwarden desktop app on Windows 10, the app displays “Loading” and never progresses. The following occurs in the vaultwarden logs: ``` [2021-10-26 10:07:37.321][request][INFO] POST /api/accounts/prelogin [2021-10-26 10:07:37.321][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK [2021-10-26 10:07:37.358][request][INFO] POST /identity/connect/token [2021-10-26 10:07:37.396][error][ERROR] 2FA token not provided [2021-10-26 10:07:37.396][response][INFO] POST /identity/connect/token (login) => 400 Bad Request ``` The mobile apps and browser extensions work as expected with WebAuthn (including the browser extension for Firefox on the same PC as the Desktop app having this issue). Vaultwarden is hosted on my server at home and only accessible on my local LAN. I followed the HAProxy for pfSense guide to set up the reverse proxy. DOMAIN variable is set in Unraid Docker for VaultWarden. Domain is also set in admin panel. No trailing / on the domain (https://vault.mylocaldomain.com). https://vault.mylocaldomain.com/webauthn-mobile-connector.html correctly resolves the WebAuthn image (which is suppose to appear in the desktop app). I have removed all headers from pfSense HAProxy; same issue. I have tried to connect directly via IP:Port in the desktop app; same issue. I looked at the official BitWarden GitHub and the desktop app seems to work as expected for them. This seems to be an issue specific to either VaultWarden or with pfSense/HAProxy maybe?

OVERLORD closed this issue 2025-10-09 17:09:27 +03:00

OVERLORD commented 2025-10-09 17:09:29 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub:

Posting this multiple times on different locations isn't going to help you. https://vaultwarden.discourse.group/t/windows-10-desktop-app-and-webauthn-not-working-mobile-browser-extensions-work-fine/1230/3 is pointing to two specific headers which could be the issue. I suggest to double check this and also, provide the support string.

@BlackDex commented on GitHub: Posting this multiple times on different locations isn't going to help you. https://vaultwarden.discourse.group/t/windows-10-desktop-app-and-webauthn-not-working-mobile-browser-extensions-work-fine/1230/3 is pointing to two specific headers which could be the issue. I suggest to double check this and also, provide the support string.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

test_dylint

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

bug

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1263