diff --git a/src/Core/Abstractions/IFido2UserInterface.cs b/src/Core/Abstractions/IFido2UserInterface.cs
index d5707c8c16..7bbec6c0dc 100644
--- a/src/Core/Abstractions/IFido2UserInterface.cs
+++ b/src/Core/Abstractions/IFido2UserInterface.cs
@@ -87,5 +87,12 @@ namespace Bit.Core.Abstractions
         /// <param name="confirmNewCredentialParams">The parameters to use when asking the user to confirm the creation of a new credential.</param>
         /// <returns>The ID of the cipher where the new credential should be saved.</returns>
         Task<Fido2ConfirmNewCredentialResult> ConfirmNewCredentialAsync(Fido2ConfirmNewCredentialParams confirmNewCredentialParams);
+
+        /// <summary>
+        /// Make sure that the vault is unlocked.
+        /// This should open a window and ask the user to login or unlock the vault if necessary.
+        /// </summary>
+        /// <returns>When vault has been unlocked.</returns>
+        Task EnsureUnlockedVaultAsync();
     }
 }
diff --git a/src/Core/Services/Fido2AuthenticatorService.cs b/src/Core/Services/Fido2AuthenticatorService.cs
index 3c5f1a8fea..a3e60903aa 100644
--- a/src/Core/Services/Fido2AuthenticatorService.cs
+++ b/src/Core/Services/Fido2AuthenticatorService.cs
@@ -24,7 +24,7 @@ namespace Bit.Core.Services
                 throw new NotSupportedError();
             }
 
-            // await _userInterface.EnsureUnlockedVault();
+            await _userInterface.EnsureUnlockedVaultAsync();
             await _syncService.FullSyncAsync(false);
 
             var existingCipherIds = await FindExcludedCredentialsAsync(
@@ -105,8 +105,7 @@ namespace Bit.Core.Services
         {
             List<CipherView> cipherOptions;
 
-            // TODO: Unlock vault somehow
-            // await userInterfaceSession.ensureUnlockedVault();
+            await _userInterface.EnsureUnlockedVaultAsync();
             await _syncService.FullSyncAsync(false);
 
             if (assertionParams.AllowCredentialDescriptorList?.Length > 0) {