mirror of
https://github.com/bitwarden/android.git
synced 2026-05-06 07:48:22 -05:00
Closed
opened 2026-04-16 21:52:28 -05:00 by GiteaMirror
·
30 comments
No Branch/Tag Specified
main
sdlc/sdk-update
new-item-types/PM-32810_bank-account-view
new-item-types/PM-32810_bank-account
beta-for-qa
BWA-253/not-displaying-totp-coded-with-empty-key
target-sdk-37
vvolkgang/renovate-remove-group
pm-34038/card-scanner-qa-fixes
PM-33982/build-device-screen
PM-30625/filter-out-empty-totp-vault-count
vvolkgang/update-jira-release-notes
new-item-types/PM-34123_new-item-menu
new-item-types/PM-32806_passport
new-item-types/PM-32808_drivers-license
BWA-99/show-next-totp
BWA-99/add-preview-next-totp-code-setting
renovate/glidecompose
chore/improve-android-ui-verification-skill
sync-min-sdk
release/2026.4-rc51
fix/security-sast-22741894-bvwj
related-origin-passkey-creation
release/2026.4-rc50
platform/android-breaking-change-detection
innovation-sprint-2026-send-folder
release/2026.3-rc49
PM-34193-vault-lockout
android-collections
llm/add-resolving-sdk-updates-skill
QA-1523/sanity-test-saucelabs
release/2026.3-rc48
PM-26577-app-links-support
PM-26896-autofill-fix
release/2026.2-rc47
pr-6572
release/2026.2-rc46
release/2026.1-rc45
PM-30644/added-logs-for-debug
PM-30644/quicktile-nav-not-showing-migration
minor-gradle-updates
release/2026.1-rc42
release/2026.1-rc44
release/2026.1-rc43
PM-28834/set-landscape-on-horizonos-devices
PM-28468/validate-and-navigate-to-vault-migration
PM-20026/force-ltr-passwords-and-codes
release/2025.12-rc41
cmcg/testCoverage
PM-29014/talkback-support-for-passwords
release/2025.12-rc40
BRE-1305/publish_test
accept-user-certs
autofill-permissions
release/2025.11-rc39
PM-22479/check-all-certificates-validate-asset-links
release/2025.10-rc38
agalles/android-latest
retro-agent
PM-27001/skip-account-selection-only-one-exists-cxp
release/2025.10-rc37
agalles/test-1118
release/2025.10-rc36
PM-20593-token-refresh
QA-1126b/adding-native-sanity-test
release/2025.9-rc35
pm-25933/sdk-update-password
release/2025.9-rc34
release/2025.8-rc33
agalles/20250821-release
debug-release-issues
pm-24249-allow-automated-prs-for-sdk-updates
release/2025.8-rc32
release/WORKFLOW-TEST-2025.8-rc28
agalles/20250807release
release/2025.07-rc25
release/hotfix-v2025.7.0-bwa
pm-23311/export-vault-policy-bypass
release/2025.07-rc24
authenticator-pm-sync-flags-issue
release/hotfix-v2025.6.0-bwpm
release/2025.06-rc21
agalles/automate-android-fastlane-patch
release/2025.05-rc20
release/2025.04-rc19
languages/basque
release/2025.03-rc19
update-readme
qrcode/feature
innovation/archive/pm-19153-archive-items
qrcode/2-ui-fields
qrcode/1-page
hold-on-biometric-prompt-alternative
release-notes-process
release/2025.02-rc16
bwa-monorepo
PM-8223/new-device-verification-ux-improvements
pm-18451/exempt-from-policies
test-bwa
release/2025.01-rc15
release/2025.01-rc14
release/2024.12-rc13
pm-16670/sync-leave-notice
821
PM-16695/backport-lean-more-new-device-verification
release/hotfix-v2024.11.7
release/2024.11-rc1
pm-11304/collection-add-item-button
PM-14241/disabling-logs-app-crash
poc/offline-editing
new-version-calc
pm-11649/expired-link-services
pm-6702/add-feature-flag
pm-6702/email-verification-feature
pm-9933/marketing-copy-update
pm-6702/registration-flows
update-templates
pm-6701/email-verification-selfhost-registration
v2026.4.0-bwa
v2026.4.0-bwpm
v2026.3.1-bwa
v2026.3.1-bwpm
v2026.3.0-bwpm
v2026.3.0-bwa
v2026.2.1-bwpm
v2026.2.1-bwa
v2026.2.0-bwpm
v2026.2.0-bwa
v2026.1.1-bwa
v2026.1.1-bwpm
temp-test
v2026.1.0-bwpm
v2026.1.0-bwa
v2025.12.1-bwa
v2025.12.1-bwpm
v2025.12.0-bwa
v2025.12.0-bwpm
v2025.11.1-bwpm
v2025.11.1-bwa
v2025.11.0-bwpm
v2025.11.0-bwa
v2025.10.1-bwa
v2025.10.1-bwpm
v2025.10.0-bwa
v2025.10.0-bwpm
v2025.9.1-bwa
v2025.9.1-bwpm
v2025.9.0-bwa
v2025.9.0-bwpm
v2025.8.1-bwa
v2025.8.1-bwpm
v2025.8.0-bwa
v2025.8.0-bwpm
v2025.7.2-bwa
v2025.7.2-bwpm
v2025.7.1-bwa
v2025.7.1-bwpm
v2025.7.0-bwa
v2025.7.0-bwpm
v2025.6.1-bwpm
v2025.6.0-bwa
v2025.6.0-bwpm
v2025.1.0-bwa
v2025.5.0-bwa
v2025.5.0-bwpm
v2025.5.999
2025.4.0
v2025.4.0
untagged-4731eaadac73f3dfbbb8
v2025.3.0
v2025.2.0
untagged-815a165c5d70ffe75bc7
v2025.1.2
v2025.1.1
v2025.1.0
v2024.12.0
untagged-5a76b6392a4c8998c63a
v2024.11.7
v2024.11.6
v2024.11.5
v2024.11.4
v2024.11.3
v2024.11.2
v2024.11.1
v2024.11.0
v2024.10.2
v2024.10.1
v2024.10.0
v2024.9.0
v2024.8.1
v2024.8.0
v2024.7.3
v2024.7.2
v2024.7.1
v2024.7.0
v2024.6.1
v2024.6.0
v2024.5.1
v2024.4.1
v2024.4.2
v2024.4.0
v2024.3.3
v2024.3.1
v2024.3.0
v2024.2.1
v2024.2.0
v2024.1.1
v2024.1.0
v2023.12.0
v2023.10.0
v2023.9.2
maui-single-project-android
v2023.9.1
v2023.9.0
v2023.8.0
v2023.7.0
v2023.5.0
v2023.4.0
v2023.3.2
v2023.3.1
v2023.3.0
v2023.2.0
v2023.1.0
v2022.11.0
v2022.10.0
v2022.9.1
v2022.9.0
v2022.8.0
v2022.6.2
v2022.6.1
v2022.6.0
v2022.05.0
v2.18.0
v2.17.0
v2.16.4
v2.16.3
v2.16.2
v2.16.1
v2.15.0
v2.14.2
v2.14.1
v2.14.0
v2.13.0
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.0
v2.9.1
v2.9.0
v2.8.2
v2.8.1
v2.8.0
v2.7.2
v2.7.0
v2.6.1
v2.6.0
v2.5.6
v.2.5.5
v2.5.5
v2.5.4
v2.5.3
v2.5.2
v2.5.1
v2.5.0
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.1
v2.3.0
v2.2.8
v2.2.7
v2.2.6
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.0
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.22.1
v1.22.0
v1.21.0
v1.20.0
v1.19.0
v1.18.1
v1.18.0
v1.17.0
v1.16.0
v1.15.2
v1.15.1
v1.15.0
v1.14.4
v1.14.1
v1.14.0
v1.13.0
v1.12.2
v1.12.1
v1.12.0
v1.11.1
v1.11.0
v1.10.0
v1.9.0
v1.8.1
v1.8.0
v1.7.0
v1.6.5
v1.6.1
v1.6.0
v1.5.1
v1.5.0
v1.4.4
v1.4.3
v1.4.0
v1.3.0
v1.2.1
v1.2.0
v1.1.0
v1.0.0
v0.0.6
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/android#21402
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @androidacy-user on GitHub (Jan 24, 2025).
Original GitHub issue: https://github.com/bitwarden/android/issues/4620
Steps To Reproduce
Expected Result
Passkeys work, regardless of Google's or your blessing of the browser.
Actual Result
"Passkey operation failed because browser isn't privileged"
Screenshots or Videos
No response
Additional Context
I shouldn't have to double check if my password manager supports X feature in Y browser before using it. Almost every browser is chromium based, with a handful being Firefox based, so there's no real reason for random browsers to be unable to use passkeys (which wholeheartedly defeats the purpose of having passkeys in the first place!)
Build Version
version 2025.1.0 com.x8bit.bitwarden
What server are you connecting to?
N/A
Self-host Server Version
No response
Environment Details
Pixel running android 15, issue reproducible on any non major browser (i.e., anything besides edge, chrome, Firefox, brave, etc that is either newer or has a smaller user base)
Issue Tracking Info
@bitwarden-bot commented on GitHub (Jan 24, 2025):
Thank you for your report! We've added this to our internal board for review.
ID: PM-17493
@abergs commented on GitHub (Jan 24, 2025):
Thanks @androidacy-user, we are aware of this and we maintain a community list to allow lesser known but vetted browsers: https://github.com/bitwarden/android/blob/main/app/src/main/assets/fido2_privileged_community.json
Once you make a PR, adding a browser there, it would be included in the next release.
We are however looking into improving this even further, is that something you would be interested in?
@lucasmz-dev commented on GitHub (Jan 25, 2025):
If you list them, I can get them added.
@androidacy-user commented on GitHub (Jan 29, 2025):
then why is a browser in that list not working (quetta)? do you genuinely think it's reasonable for user(s) to have to validate against a list (that is linked nowhere in the app!) before they switch browsers?
or do you think it's pretty reasonable to have my password manager (that I use to make my life easier, not harder) to at least allow me to "trust" a browser, so that my logins "just work", instead? (not even going to mention non whitelisted browsers aren't even detected as browsers, and bitwarden tries to fill logins for the app instead of the website).
idk what the perfect solution is but this is not it
@lucasmz-dev commented on GitHub (Jan 29, 2025):
most likely an update with that commit hasn't come out yet
try getting the latest release from github
@gabeweb commented on GitHub (Apr 28, 2025):
I'm not sure if all lesser-known Android browsers haven't been recognized by Bitwarden to use passkeys, but it's strange that Firefox Nightly still has problems with Bitwarden
On the other hand, Vivaldi Snapshot (for Android) works very well with Bitwarden when using passkeys.
So, I hope Firefox Nightly will be whitelisted in a future not so far.
@SaintPatrck commented on GitHub (Apr 28, 2025):
@gabeweb Firefox nightly was whitelisted in #5045. It will be in our next release.
As a more general update, we will be introducing the ability to individually manage trusted browsers in an upcoming release (see #4862 and #4898). This means there will no longer be a need to maintain a "community" privileged app list. When a request is received from an untrusted source, users will be given the option to trust it and continue, or reject the request.
@androidacy-user commented on GitHub (Apr 28, 2025):
Highly appreciated :)
I think that will resolve the issue for both sides. I'm not sure if it's implemented in the current PRs but a checkbox to remember the choice would be even more appreciated!
@SaintPatrck commented on GitHub (Apr 28, 2025):
The linked PR's will remember the privileged app if you chose to trust it. There are also screens in Settings that will allow you to view and remove applications you've previously chosen to trust. The community list we maintain and the Google list will be continue to be read-only.
@gabeweb commented on GitHub (Apr 28, 2025):
Thank you for the reply and the good news! 🙌🏻
@Wizardling commented on GitHub (May 28, 2025):
For me on Android, Bitwarden isn't recognised by github.com in Firefox beta, as having passkey support. It used to work. But no longer does. Honestly passkeys are a bad joke, at this point - more trouble than they're worth thanks to absurdly random support.
@maz-saify commented on GitHub (Aug 14, 2025):
I can confirm I am facing the same issue in Firefox Nightly. When passkeys are prompted, it shows Android's native popup instead of Bitwarden's popup.
@lucasmz-dev commented on GitHub (Aug 14, 2025):
@maz-saify what do you mean by that? Android doesn't support passkeys just raw. I assume you're talking about Google Play Services'.
@maz-saify commented on GitHub (Aug 14, 2025):
@lucasmz-dev Instead of bitwarden's UI, I get native android passkey prompt. See screenshot.
instead of
@holocronweaver commented on GitHub (Sep 1, 2025):
I have the same issue as @maz-saify on Firefox 142.0.1. Bitwarden never shows up as a choice for passkeys, instead I get the same Google passkey service. Bitwarden is set as my autofill service, so not sure why Google is showing up at all.
Attaching flight logs while trying to log into Amazon using passkey in case they help.
bitwarden_flight_recorder7781933128550132317.zip
Version: 2025.8.0 (20577)
📱 google Pixel 8 Pro 🤖 16@36 📦 prod
🧱 commit: bitwarden/android/release/2025.8-rc32@1c525b9dfc588105e1fd8f3ad2d4196803c19cd7
💻 build source: bitwarden/android/actions/runs/16834718954/attempts/1
🦀 SDK: 1.0.0-2450-9fe3aeda
🌩 Server: 2025.7.1 @ US
@holocronweaver commented on GitHub (Sep 1, 2025):
I was able to solve the issue by resetting Bitwarden as the default autofill provider.
I did this by going into: settings - passwords, passkeys and accounts - preferred service - change - select Bitwarden (even though it was already selected) - accept the change prompt - done!
I noticed that google autofill was still disabled entirely, even as a secondary source. Maybe this is a bug introduced by a recent Android update or Bitwarden update?
Either way there is still a bug here related to autofill preferred service not being respected, just not sure whether Android, Bitwarden or Google autofill is to blame.
@Kimiblock commented on GitHub (Sep 12, 2025):
I still can't use Cromite to sign in to google.com using passkey. Though Fennec works.
@lucasmz-dev commented on GitHub (Sep 12, 2025):
@Kimiblock that one is a bug in Cromite. It doesn't ship the proprietary libs required for it to work, and doesn't ship microG's either (unlike Fennec)
@Flat commented on GitHub (Sep 16, 2025):
As both of these were closed without merge, is there still a plan to enable users to trust browsers?
@SaintPatrck commented on GitHub (Sep 16, 2025):
Hi @Flat,
Privileged app management was completed in different PR's. It was release and enabled in 2025.7.0. This ticket must have been overlooked.
Under Settings > Autofill you should see "Privileged apps" below "Passkey management" once Autofill is enabled. From there you can view trusted apps and by whom they are trusted. Additionally, when an untrusted browser initiates a passkey operation you will be prompted to trust the browser or cancel the operation.
@Flat commented on GitHub (Sep 16, 2025):
Thank you for the info. I had Bitwarden beta installed that had not received any updates since November 2024 apparently.
@Kimiblock commented on GitHub (Sep 17, 2025):
@lucasmz-dev Thanks for the info
@abergs commented on GitHub (Sep 17, 2025):
I think we can go ahead and close this issue thanks to @SaintPatrck. Reopen if I'm wrong.
@belatedly commented on GitHub (Sep 29, 2025):
I am on the newest version of the Bitwarden Android app using the newest version of Waterfox and I am getting the same "Passkey operation failed because browser isn't privileged" error. I found this issue by searching DDG for that error message. Is the new setting not in the play store version of the app yet?
@Flat commented on GitHub (Sep 29, 2025):
It is in the Play Store version, you may want to double check to make sure you do not have the beta version installed which is no longer receiving updates. That was the issue that I had.
@belatedly commented on GitHub (Sep 29, 2025):
I am not on the beta app, it's the standard app with a September update. I am using Bitwarden self-hosted, is there a specific version required on that end? I uninstalled and reinstalled the app and still don't have the option
@Flat commented on GitHub (Sep 29, 2025):
That is the same version I am on. It should be under Settings->Autofill->Privileged Apps, right under Passkey Management
@belatedly commented on GitHub (Sep 29, 2025):
@SaintPatrck commented on GitHub (Sep 29, 2025):
Hi @belatedly,
When self-hosting, features that are controlled by server-side feature flags (such as this one) are not available until the flag has been removed. In the case of privileged app management, it was removed in #5914 meaning the functionality will be available for self-hosted users in an upcoming release.
@belatedly commented on GitHub (Sep 29, 2025):
Thank you for confirming!