mirror of
https://github.com/bitwarden/android.git
synced 2026-05-06 15:58:22 -05:00
Open
opened 2026-04-15 01:00:55 -05:00 by GiteaMirror
·
21 comments
No Branch/Tag Specified
main
new-item-types/PM-32810_bank-account-discovery
pm-34038/card-scanner-qa-fixes
beta-for-qa
new-item-types/PM-32810_bank-account
target-sdk-37
PM-33982/build-device-screen
vvolkgang/update-jira-release-notes
new-item-types/PM-34123_new-item-menu
new-item-types/PM-32806_passport
new-item-types/PM-32808_drivers-license
BWA-99/show-next-totp
BWA-99/add-preview-next-totp-code-setting
renovate/glidecompose
chore/improve-android-ui-verification-skill
sync-min-sdk
release/2026.4-rc51
fix/security-sast-22741894-bvwj
related-origin-passkey-creation
release/2026.4-rc50
platform/android-breaking-change-detection
innovation-sprint-2026-send-folder
release/2026.3-rc49
PM-34193-vault-lockout
android-collections
llm/add-resolving-sdk-updates-skill
QA-1523/sanity-test-saucelabs
release/2026.3-rc48
PM-26577-app-links-support
PM-26896-autofill-fix
release/2026.2-rc47
pr-6572
release/2026.2-rc46
release/2026.1-rc45
PM-30644/added-logs-for-debug
PM-30644/quicktile-nav-not-showing-migration
minor-gradle-updates
release/2026.1-rc42
release/2026.1-rc44
release/2026.1-rc43
PM-28834/set-landscape-on-horizonos-devices
PM-28468/validate-and-navigate-to-vault-migration
PM-20026/force-ltr-passwords-and-codes
release/2025.12-rc41
cmcg/testCoverage
PM-29014/talkback-support-for-passwords
release/2025.12-rc40
BRE-1305/publish_test
accept-user-certs
autofill-permissions
release/2025.11-rc39
PM-22479/check-all-certificates-validate-asset-links
release/2025.10-rc38
agalles/android-latest
retro-agent
PM-27001/skip-account-selection-only-one-exists-cxp
release/2025.10-rc37
agalles/test-1118
release/2025.10-rc36
PM-20593-token-refresh
QA-1126b/adding-native-sanity-test
release/2025.9-rc35
pm-25933/sdk-update-password
release/2025.9-rc34
release/2025.8-rc33
agalles/20250821-release
debug-release-issues
pm-24249-allow-automated-prs-for-sdk-updates
release/2025.8-rc32
release/WORKFLOW-TEST-2025.8-rc28
agalles/20250807release
release/2025.07-rc25
release/hotfix-v2025.7.0-bwa
pm-23311/export-vault-policy-bypass
release/2025.07-rc24
authenticator-pm-sync-flags-issue
release/hotfix-v2025.6.0-bwpm
release/2025.06-rc21
agalles/automate-android-fastlane-patch
release/2025.05-rc20
release/2025.04-rc19
languages/basque
release/2025.03-rc19
update-readme
qrcode/feature
innovation/archive/pm-19153-archive-items
qrcode/2-ui-fields
qrcode/1-page
hold-on-biometric-prompt-alternative
release-notes-process
release/2025.02-rc16
bwa-monorepo
PM-8223/new-device-verification-ux-improvements
pm-18451/exempt-from-policies
test-bwa
release/2025.01-rc15
release/2025.01-rc14
release/2024.12-rc13
pm-16670/sync-leave-notice
821
PM-16695/backport-lean-more-new-device-verification
release/hotfix-v2024.11.7
release/2024.11-rc1
pm-11304/collection-add-item-button
PM-14241/disabling-logs-app-crash
poc/offline-editing
new-version-calc
pm-11649/expired-link-services
pm-6702/add-feature-flag
pm-6702/email-verification-feature
pm-9933/marketing-copy-update
pm-6702/registration-flows
update-templates
pm-6701/email-verification-selfhost-registration
v2026.4.0-bwa
v2026.4.0-bwpm
v2026.3.1-bwa
v2026.3.1-bwpm
v2026.3.0-bwpm
v2026.3.0-bwa
v2026.2.1-bwpm
v2026.2.1-bwa
v2026.2.0-bwpm
v2026.2.0-bwa
v2026.1.1-bwa
v2026.1.1-bwpm
temp-test
v2026.1.0-bwpm
v2026.1.0-bwa
v2025.12.1-bwa
v2025.12.1-bwpm
v2025.12.0-bwa
v2025.12.0-bwpm
v2025.11.1-bwpm
v2025.11.1-bwa
v2025.11.0-bwpm
v2025.11.0-bwa
v2025.10.1-bwa
v2025.10.1-bwpm
v2025.10.0-bwa
v2025.10.0-bwpm
v2025.9.1-bwa
v2025.9.1-bwpm
v2025.9.0-bwa
v2025.9.0-bwpm
v2025.8.1-bwa
v2025.8.1-bwpm
v2025.8.0-bwa
v2025.8.0-bwpm
v2025.7.2-bwa
v2025.7.2-bwpm
v2025.7.1-bwa
v2025.7.1-bwpm
v2025.7.0-bwa
v2025.7.0-bwpm
v2025.6.1-bwpm
v2025.6.0-bwa
v2025.6.0-bwpm
v2025.1.0-bwa
v2025.5.0-bwa
v2025.5.0-bwpm
v2025.5.999
2025.4.0
v2025.4.0
untagged-4731eaadac73f3dfbbb8
v2025.3.0
v2025.2.0
untagged-815a165c5d70ffe75bc7
v2025.1.2
v2025.1.1
v2025.1.0
v2024.12.0
untagged-5a76b6392a4c8998c63a
v2024.11.7
v2024.11.6
v2024.11.5
v2024.11.4
v2024.11.3
v2024.11.2
v2024.11.1
v2024.11.0
v2024.10.2
v2024.10.1
v2024.10.0
v2024.9.0
v2024.8.1
v2024.8.0
v2024.7.3
v2024.7.2
v2024.7.1
v2024.7.0
v2024.6.1
v2024.6.0
v2024.5.1
v2024.4.1
v2024.4.2
v2024.4.0
v2024.3.3
v2024.3.1
v2024.3.0
v2024.2.1
v2024.2.0
v2024.1.1
v2024.1.0
v2023.12.0
v2023.10.0
v2023.9.2
maui-single-project-android
v2023.9.1
v2023.9.0
v2023.8.0
v2023.7.0
v2023.5.0
v2023.4.0
v2023.3.2
v2023.3.1
v2023.3.0
v2023.2.0
v2023.1.0
v2022.11.0
v2022.10.0
v2022.9.1
v2022.9.0
v2022.8.0
v2022.6.2
v2022.6.1
v2022.6.0
v2022.05.0
v2.18.0
v2.17.0
v2.16.4
v2.16.3
v2.16.2
v2.16.1
v2.15.0
v2.14.2
v2.14.1
v2.14.0
v2.13.0
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.0
v2.9.1
v2.9.0
v2.8.2
v2.8.1
v2.8.0
v2.7.2
v2.7.0
v2.6.1
v2.6.0
v2.5.6
v.2.5.5
v2.5.5
v2.5.4
v2.5.3
v2.5.2
v2.5.1
v2.5.0
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.1
v2.3.0
v2.2.8
v2.2.7
v2.2.6
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.0
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.22.1
v1.22.0
v1.21.0
v1.20.0
v1.19.0
v1.18.1
v1.18.0
v1.17.0
v1.16.0
v1.15.2
v1.15.1
v1.15.0
v1.14.4
v1.14.1
v1.14.0
v1.13.0
v1.12.2
v1.12.1
v1.12.0
v1.11.1
v1.11.0
v1.10.0
v1.9.0
v1.8.1
v1.8.0
v1.7.0
v1.6.5
v1.6.1
v1.6.0
v1.5.1
v1.5.0
v1.4.4
v1.4.3
v1.4.0
v1.3.0
v1.2.1
v1.2.0
v1.1.0
v1.0.0
v0.0.6
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/android#14858
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @Kemeros on GitHub (May 11, 2025).
Original GitHub issue: https://github.com/bitwarden/android/issues/5168
Origin
Native Application (non-browser app)
Web URL or App name
webauthn.io and amazon.ca
Passkey Action
Build Information
Android 15
BP1A.250505.005
Pixel 9
Additional Information
I registered with Bitwarden as my autofill provider.
Using Firefox Beta 139 and tested with Chrome 136. Same result.
Also strangely, webauthn.io calls on Bitwarden mobile correctly, but Amazon brings up Android's native passkey menu instead of Bitwarden.
Amazon:
Webauthn.io:
Not sure what's wrong.
Issue Tracking Info
@S-Kakar commented on GitHub (May 11, 2025):
Thank you for your report! We've added this to our internal board for review.
ID: PM-21479
@SaintPatrck commented on GitHub (May 13, 2025):
@Kemeros what version of Bitwarden are you experiencing this on?
@Kemeros commented on GitHub (May 13, 2025):
@SaintPatrck
Sorry i forgot to include it. Here you go.
Version: 2025.4.0 (20100)
📱 google Pixel 9 Pro 🤖 15@35 📦 prod
🧱 commit: bitwarden/android/release/2025.04-rc19@bee09de972c3870de0d54a0067996be473ec55c7
💻 build source: bitwarden/android/actions/runs/14536896217/attempts/1
@Kemeros commented on GitHub (Jun 2, 2025):
Same result with the new version.
Version: 2025.5.0 (20269)
📱 google Pixel 9 Pro 🤖 15@35 📦 prod
🧱 commit: bitwarden/android/release/2025.05-rc20@1e665db8aeb92989bdc7e312506cddd4887cde8e
💻 build source: bitwarden/android/actions/runs/15300207138/attempts/1
@Kemeros commented on GitHub (Jul 2, 2025):
Same thing with new version and latest Firefox beta
Version: 2025.6.1 (20398)
📱 google Pixel 9 Pro 🤖 16@36 📦 prod
🧱 commit: bitwarden/android/release/hotfix-v2025.6.0-bwpm@e8878d321546a846909c70c00cdf8d7071f0ecf0
💻 build source: bitwarden/android/actions/runs/15984517798/attempts/1
@Kemeros commented on GitHub (Jul 8, 2025):
I tried with the web extension on my PC on Amazon.ca:
Bitwarden's web extension gets recognized as "Other" this time.
It's hard to tell if this is a problem with the way websites implement passkeys or if Bitwarden is missing something?
@Kemeros commented on GitHub (Jul 29, 2025):
@SaintPatrck
I noticed something in the following PR:
https://github.com/bitwarden/android/pull/5601
In the video, you register in Webauthn.io with Bitwarden but then authenticate with Google Password Manager.
Am i confusing how all of this work? I thought Bitwarden becomes the provider and should be the one to show up?
@SaintPatrck commented on GitHub (Jul 29, 2025):
Hi @Kemeros
I know it's a bit confusing because the Google Password Manager logo is displayed, but Bitwarden is providing options and performing authentication when those options are selected.
The logo displayed during authentication is controlled by Chrome and we originally reported it to Google as a bug, here: https://issuetracker.google.com/issues/430400730. They informed us of Chrome's design choice and subsequently opened a change request with Chrome on our behalf.
@Kemeros commented on GitHub (Jul 29, 2025):
@SaintPatrck
Forgot to say hi, how rude of me. Hello!
Ah it's a chrome thing i see. Thank you for the clarification. It explains why i see a different menu on firefox.
You saying that made me realize i haven't tried again with chrome with the new versions and... Well... Unlike Firefox where the problems are the same, there are new behaviors in Chrome.
Unlike you i see Bitwarden's logo and not Chrome's (strange). I can register and authenticate on webauthn.io correctly. Also new, webauthn.io shows Bitwarden as the provider instead of iCloud Keychain like Firefox currently. Passkeys.io registers with Bitwarden correctly... But the website gets a timed out error so the passkey exists only in my vault so the authentication fails as the website didn't register me correctly. Same behavior as passkeys.io with Amazon.ca.
So i realize... Firefox is partly a problem... But Bitwarden and/or the websites also don't agree with each other. Only webauthn.io seems more reliable.
I guess passkeys are more bleeding edge than i thought. Will keep trying with new versions. Let me know if you need me to do a test that would help.
Versions of everything during my tests today:
Pixel 9 PRO
Android 16 BP2A.250705.008
Bitwarden Version: 2025.6.1 (20398)
Firefox Beta 142.0b3 (Build #2016104751)
Chrome 138.0.7204.168
@Kemeros commented on GitHub (Aug 27, 2025):
@SaintPatrck
New behaviors with the latest versions
Now the Bitwarden provider is called for passkeys in all the following scenarios. No more google password manager pop up. Awesome. However, the iCloud keychain is still a thing on Firefox. A few failures on Chrome as well.
Amazon.ca
Firefox = Success but listed as iCloud Keychain ⚠️
Chrome = Error ❌
Webauthn.io
Firefox = Success but listed as iCloud Keychain ⚠️
Chrome = Success and listed as Bitwarden ✅
Passkeys.io
Firefox = Janky but success
Chrome = Error ❌
Versions:
Pixel 9 Pro
Android 16 BP2A.250805.005
Bitwarden 2025.8.0 (20577)
Firefox 143.0b4
Chrome 139.0.7258.143
@Kemeros commented on GitHub (Nov 24, 2025):
Still listed as iCloud Keychain instead of Bitwarden in Amazon and Webauthn.io
Firefox: 146.0b7 (Build #2016128119)
Bitwarden:
Version: 2025.11.0 (20967)
📱 google Pixel 9 Pro 🤖 16@36 📦 prod
🧱 commit: bitwarden/android/release/2025.10-rc38@6d71f0c5d66a466a20e4636be438609d2703063c
💻 build source: bitwarden/android/actions/runs/19309927902/attempts/1
🦀 SDK: 1.0.0-3436-2a00b727
🌩 Server: 2025.11.0 @ US
@Kemeros commented on GitHub (Dec 9, 2025):
Version: 2025.11.1 (20994)
📱 google Pixel 9 Pro 🤖 16@36 📦 prod
🧱 commit: bitwarden/android/release/2025.11-rc39@63c4e1fe9314d2b2f2c0989b5bb8c265b3cbc57e
💻 build source: bitwarden/android/actions/runs/19583271293/attempts/2
🦀 SDK: 1.0.0-3436-2a00b727
🌩 Server: 2025.11.1 @ US
Still iCloud Keychain
Btw. Any chance you could remove the "Bitwarden 2025-26" license at the top of the version string when we copy the version from the app? It's superfluous no?
@pamperer562580892423 commented on GitHub (Dec 10, 2025):
I now was curious about this... and I get the same result with Firefox on webauthn.io. What I found also interesting: it says "of unknown discoverability":
© Bitwarden Inc. 2015-2025
Version: 2025.11.1 (20994)
📱 Fairphone FP5 🤖 15@35 📦 prod
🧱 commit: bitwarden/android/release/2025.11-rc39@63c4e1fe9314d2b2f2c0989b5bb8c265b3cbc57e
💻 build source: bitwarden/android/actions/runs/19583271293/attempts/2
🦀 SDK: 1.0.0-3436-2a00b727
🌩 Server: 2025.11.1 @ EU
@Kemeros commented on GitHub (Dec 10, 2025):
Oh you're right. It changed from Synced Passkey to unkown discoverability.
Not sure why that translate to iCloud Keychain instead unknown or something like that.
@pamperer562580892423 commented on GitHub (Dec 10, 2025):
I would guess that has more to do with the AAGUID - it's either being just zeros... or those zeros translate to something like "unknown/unreadable AAGUID"?!
@Kemeros commented on GitHub (Dec 10, 2025):
I guess so. Seems to get the right AAGUID with Chrome but not Firefox.
@Kemeros commented on GitHub (Dec 10, 2025):
Some people had a similar problem with Windows 11(Not sure it was with Bitwarden but still)
https://www.reddit.com/r/webauthn/comments/1g15k5x/how_to_get_the_correct_aaguid_from_windows_11/
Using Direct Attestaion does not fix it for me in Firefox on Android
@Kemeros commented on GitHub (Dec 12, 2025):
There is a year old bugzilla ticket that seems to be the same issue. The person is using google password mamager with Firefox on MacOS.
https://bugzilla.mozilla.org/show_bug.cgi?id=1935842
I added comments and a screenshot to the ticket.
It might be a Firefox problem after all.
@Kemeros commented on GitHub (Mar 28, 2026):
@SaintPatrck
Almost a year later, this is still an issue on Android with the latest Firefox and Bitwarden clients.
Any chance you guys can coordonate with Mozilla to fix this?
I love passkeys but bugs like this make them look like a feature still in beta stage and unreliable.
@abergs commented on GitHub (Apr 7, 2026):
@Kemeros I agree that these kind of quirks are very annoying. Thanks for being persistent.
I do believe it's a firefox issue and that unfortunately not something we're able to fix. The only final confirmation on that suspication would be to verify that google password manager runs into the same problem when used from firefox.
@Kemeros commented on GitHub (Apr 7, 2026):
@abergs
Good test idea. You are correct. With google password manager i get the same:
Do you guys have any contacts at Mozilla? The bugzilla ticket mentioned higher has no engement. It's over a year old. Tagging people or requesting info triggered a classification change and... That's it.