[GH-ISSUE #6775] [PM-34827] Passkey service does not fall-through when logged out. #50591

New Issue

Open

opened 2026-05-01 13:43:21 -05:00 by GiteaMirror · 4 comments

GiteaMirror commented 2026-05-01 13:43:21 -05:00

Owner

Copy Link

Originally created by @craftxbox on GitHub (Apr 9, 2026).
Original GitHub issue: https://github.com/bitwarden/android/issues/6775

Origin

Web (Browser)

Web URL or App name

Not applicable

Passkey Action

• Creating new passkey (Registration)
• Signing in (Authentication)

Build Information

Installed via Play store,
LineageOS 22.1 with MindTheGapps

Build Info

© Bitwarden Inc. 2015-2026

Version: 2026.3.1 (21415)
📱 google Pixel 3 🤖 15@35 📦 prod
🧱 commit: bitwarden/android/release/2026.3-rc49@c2ef20e1ed74a9cba60b19d5849af168629d3756
💻 build source: bitwarden/android/actions/runs/23660459640/attempts/1
🦀 SDK: 2.0.0-5676-14521973
🌩 Server: Vaultwarden 2025.12.0

Additional Information

When Bitwarden is selected in android settings as the only auto fill provider, and an account is not yet signed in, Fido2 requests fail entirely systemwide as it appears Bitwarden does not attempt to invoke the system passkey UI as a fallback.

Note

If it is involving the system ui, perhaps this is a LineageOS bug, however, I didnt see anything relevant in logcat at all to suggest this.

Flight Recorder

Bitwarden Android - Password Manager
Log Start Time: 2026-04-09 09:27:47:583
Log Duration: 1h
App Version: 2026.3.1 (21415)
Build: release/standard
SDK Version: 🦀 2.0.0-5676-14521973
CI Build Info: 🧱 commit: bitwarden/android/release/2026.3-rc49@c2ef20e1ed74a9cba60b19d5849af168629d3756
💻 build source: bitwarden/android/actions/runs/23660459640/attempts/1
Device: 📱 google Pixel 3 🤖 15@35 📦 prod
🌩 Server: Vaultwarden 2025.12.0
Fingerprint: google/blueline/blueline:12/SP1A.210812.016.C2/8618562:user/release-keys
2026-04-09 09:27:47:596 – DEBUG – lc7 – RootNavScreen destination changed: com.x8bit.bitwarden.ui.platform.feature.settings.about.SettingsAboutRoute.PreAuth in com.x8bit.bitwarden.ui.auth.feature.auth.AuthGraphRoute
2026-04-09 09:27:51:357 – DEBUG – AppStateManagerImpl$AppForegroundObserver – App is backgrounded
2026-04-09 09:28:04:100 – WARNING – BitwardenCredentialProviderService – No active user. Cannot get credentials.
2026-04-09 09:28:04:100 – DEBUG – BitwardenCredentialProviderService – Get credential request received.
2026-04-09 09:28:13:294 – WARNING – BitwardenCredentialProviderService – No active user. Cannot get credentials.
2026-04-09 09:28:13:294 – DEBUG – BitwardenCredentialProviderService – Get credential request received.
2026-04-09 09:28:19:487 – DEBUG – ae – Network status change: Wifi(strength=FAIR)
2026-04-09 09:28:20:001 – DEBUG – AppStateManagerImpl$AppForegroundObserver – App is foregrounded

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

Originally created by @craftxbox on GitHub (Apr 9, 2026). Original GitHub issue: https://github.com/bitwarden/android/issues/6775 ### Origin Web (Browser) ### Web URL or App name Not applicable ### Passkey Action - [x] Creating new passkey (Registration) - [x] Signing in (Authentication) ### Build Information Installed via Play store, LineageOS 22.1 with MindTheGapps <details> <summary>Build Info</summary> © Bitwarden Inc. 2015-2026 Version: 2026.3.1 (21415) 📱 google Pixel 3 🤖 15@35 📦 prod 🧱 commit: bitwarden/android/release/2026.3-rc49@c2ef20e1ed74a9cba60b19d5849af168629d3756 💻 build source: bitwarden/android/actions/runs/23660459640/attempts/1 🦀 SDK: 2.0.0-5676-14521973 🌩 Server: Vaultwarden 2025.12.0 </details> ### Additional Information When Bitwarden is selected in android settings as the *only* auto fill provider, and an account is not yet signed in, Fido2 requests fail entirely **systemwide** as it appears Bitwarden does not attempt to invoke the system passkey UI as a fallback. > [!NOTE] > If it is involving the system ui, perhaps this is a LineageOS bug, however, I didnt see anything relevant in logcat at all to suggest this. <details> <summary>Flight Recorder</summary> ``` Bitwarden Android - Password Manager Log Start Time: 2026-04-09 09:27:47:583 Log Duration: 1h App Version: 2026.3.1 (21415) Build: release/standard SDK Version: 🦀 2.0.0-5676-14521973 CI Build Info: 🧱 commit: bitwarden/android/release/2026.3-rc49@c2ef20e1ed74a9cba60b19d5849af168629d3756 💻 build source: bitwarden/android/actions/runs/23660459640/attempts/1 Device: 📱 google Pixel 3 🤖 15@35 📦 prod 🌩 Server: Vaultwarden 2025.12.0 Fingerprint: google/blueline/blueline:12/SP1A.210812.016.C2/8618562:user/release-keys 2026-04-09 09:27:47:596 – DEBUG – lc7 – RootNavScreen destination changed: com.x8bit.bitwarden.ui.platform.feature.settings.about.SettingsAboutRoute.PreAuth in com.x8bit.bitwarden.ui.auth.feature.auth.AuthGraphRoute 2026-04-09 09:27:51:357 – DEBUG – AppStateManagerImpl$AppForegroundObserver – App is backgrounded 2026-04-09 09:28:04:100 – WARNING – BitwardenCredentialProviderService – No active user. Cannot get credentials. 2026-04-09 09:28:04:100 – DEBUG – BitwardenCredentialProviderService – Get credential request received. 2026-04-09 09:28:13:294 – WARNING – BitwardenCredentialProviderService – No active user. Cannot get credentials. 2026-04-09 09:28:13:294 – DEBUG – BitwardenCredentialProviderService – Get credential request received. 2026-04-09 09:28:19:487 – DEBUG – ae – Network status change: Wifi(strength=FAIR) 2026-04-09 09:28:20:001 – DEBUG – AppStateManagerImpl$AppForegroundObserver – App is foregrounded ``` </details> ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

GiteaMirror added the bug-passkeyapp:password-manager labels 2026-05-01 13:43:21 -05:00

GiteaMirror commented 2026-05-01 13:43:24 -05:00

Author

Owner

Copy Link

@bitwarden-bot commented on GitHub (Apr 9, 2026):

Thank you for your report! We've added this to our internal board for review.
ID: PM-34827

<!-- gh-comment-id:4214186664 --> @bitwarden-bot commented on GitHub (Apr 9, 2026): Thank you for your report! We've added this to our internal board for review. ID: [PM-34827](https://bitwarden.atlassian.net/browse/PM-34827) [PM-34827]: https://bitwarden.atlassian.net/browse/PM-34827?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

GiteaMirror commented 2026-05-01 13:43:27 -05:00

Author

Owner

Copy Link

@pamperer562580892423 commented on GitHub (Apr 9, 2026):

Another user here.

When Bitwarden is selected in android settings as the only auto fill provider, and an account is not yet signed in, Fido2 requests fail entirely systemwide as it appears Bitwarden does not attempt to invoke the system passkey UI as a fallback.

Isn't that kind of expected, when you only select Bitwarden in the Android settings?!

Did you try to add Google as "Additional Service"?

<!-- gh-comment-id:4214290717 --> @pamperer562580892423 commented on GitHub (Apr 9, 2026): Another user here. > When Bitwarden is selected in android settings as the _only_ auto fill provider, and an account is not yet signed in, Fido2 requests fail entirely systemwide as it appears Bitwarden does not attempt to invoke the system passkey UI as a fallback. Isn't that kind of expected, when you **only** select Bitwarden in the Android settings?! Did you try to add Google as "Additional Service"? <img width="400" height="515" alt="Image" src="https://github.com/user-attachments/assets/e49da865-6777-4072-a40f-5e319518a56b" />

GiteaMirror commented 2026-05-01 13:43:29 -05:00

Author

Owner

Copy Link

@craftxbox commented on GitHub (Apr 9, 2026):

I did add Google as a secondary as a workaround. The annoying part about that is it always attempts to "upsell" you on adding passkeys to it, and interrupts the system ui with another tap even if it has no passkey itself.

This is not expected because the system ui is supposed to be perfectly fine for handling NFC/USB/remote tokens (I use a yubikey), which is not within the purview of the Google auto fill service!

<!-- gh-comment-id:4214402175 --> @craftxbox commented on GitHub (Apr 9, 2026): I did add Google as a secondary as a workaround. The annoying part about that is it always attempts to "upsell" you on adding passkeys to it, and interrupts the system ui with another tap even if it has no passkey itself. This is *not* expected because the system ui is supposed to be perfectly fine for handling NFC/USB/remote tokens (I use a yubikey), which is not within the purview of the Google auto fill service!

GiteaMirror commented 2026-05-01 13:43:30 -05:00

Author

Owner

Copy Link

@cbbit commented on GitHub (Apr 10, 2026):

Hi there,

This report has been escalated for further investigation. If you have more information that can help us, please add it below.

Thanks!

<!-- gh-comment-id:4224284511 --> @cbbit commented on GitHub (Apr 10, 2026): Hi there, This report has been escalated for further investigation. If you have more information that can help us, please add it below. Thanks!

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

sdlc/sdk-update

new-item-types/PM-32810_bank-account-view

new-item-types/PM-32810_bank-account

beta-for-qa

BWA-253/not-displaying-totp-coded-with-empty-key

target-sdk-37

vvolkgang/renovate-remove-group

pm-34038/card-scanner-qa-fixes

PM-33982/build-device-screen

PM-30625/filter-out-empty-totp-vault-count

vvolkgang/update-jira-release-notes

new-item-types/PM-34123_new-item-menu

new-item-types/PM-32806_passport

new-item-types/PM-32808_drivers-license

BWA-99/show-next-totp

BWA-99/add-preview-next-totp-code-setting

renovate/glidecompose

chore/improve-android-ui-verification-skill

sync-min-sdk

release/2026.4-rc51

fix/security-sast-22741894-bvwj

related-origin-passkey-creation

release/2026.4-rc50

platform/android-breaking-change-detection

innovation-sprint-2026-send-folder

release/2026.3-rc49

PM-34193-vault-lockout

android-collections

llm/add-resolving-sdk-updates-skill

QA-1523/sanity-test-saucelabs

release/2026.3-rc48

PM-26577-app-links-support

PM-26896-autofill-fix

release/2026.2-rc47

pr-6572

release/2026.2-rc46

release/2026.1-rc45

PM-30644/added-logs-for-debug

PM-30644/quicktile-nav-not-showing-migration

minor-gradle-updates

release/2026.1-rc42

release/2026.1-rc44

release/2026.1-rc43

PM-28834/set-landscape-on-horizonos-devices

PM-28468/validate-and-navigate-to-vault-migration

PM-20026/force-ltr-passwords-and-codes

release/2025.12-rc41

cmcg/testCoverage

PM-29014/talkback-support-for-passwords

release/2025.12-rc40

BRE-1305/publish_test

accept-user-certs

autofill-permissions

release/2025.11-rc39

PM-22479/check-all-certificates-validate-asset-links

release/2025.10-rc38

agalles/android-latest

retro-agent

PM-27001/skip-account-selection-only-one-exists-cxp

release/2025.10-rc37

agalles/test-1118

release/2025.10-rc36

PM-20593-token-refresh

QA-1126b/adding-native-sanity-test

release/2025.9-rc35

pm-25933/sdk-update-password

release/2025.9-rc34

release/2025.8-rc33

agalles/20250821-release

debug-release-issues

pm-24249-allow-automated-prs-for-sdk-updates

release/2025.8-rc32

release/WORKFLOW-TEST-2025.8-rc28

agalles/20250807release

release/2025.07-rc25

release/hotfix-v2025.7.0-bwa

pm-23311/export-vault-policy-bypass

release/2025.07-rc24

authenticator-pm-sync-flags-issue

release/hotfix-v2025.6.0-bwpm

release/2025.06-rc21

agalles/automate-android-fastlane-patch

release/2025.05-rc20

release/2025.04-rc19

languages/basque

release/2025.03-rc19

update-readme

qrcode/feature

innovation/archive/pm-19153-archive-items

qrcode/2-ui-fields

qrcode/1-page

hold-on-biometric-prompt-alternative

release-notes-process

release/2025.02-rc16

bwa-monorepo

PM-8223/new-device-verification-ux-improvements

pm-18451/exempt-from-policies

test-bwa

release/2025.01-rc15

release/2025.01-rc14

release/2024.12-rc13

pm-16670/sync-leave-notice

821

PM-16695/backport-lean-more-new-device-verification

release/hotfix-v2024.11.7

release/2024.11-rc1

pm-11304/collection-add-item-button

PM-14241/disabling-logs-app-crash

poc/offline-editing

new-version-calc

pm-11649/expired-link-services

pm-6702/add-feature-flag

pm-6702/email-verification-feature

pm-9933/marketing-copy-update

pm-6702/registration-flows

update-templates

pm-6701/email-verification-selfhost-registration

v2026.4.0-bwa

v2026.4.0-bwpm

v2026.3.1-bwa

v2026.3.1-bwpm

v2026.3.0-bwpm

v2026.3.0-bwa

v2026.2.1-bwpm

v2026.2.1-bwa

v2026.2.0-bwpm

v2026.2.0-bwa

v2026.1.1-bwa

v2026.1.1-bwpm

temp-test

v2026.1.0-bwpm

v2026.1.0-bwa

v2025.12.1-bwa

v2025.12.1-bwpm

v2025.12.0-bwa

v2025.12.0-bwpm

v2025.11.1-bwpm

v2025.11.1-bwa

v2025.11.0-bwpm

v2025.11.0-bwa

v2025.10.1-bwa

v2025.10.1-bwpm

v2025.10.0-bwa

v2025.10.0-bwpm

v2025.9.1-bwa

v2025.9.1-bwpm

v2025.9.0-bwa

v2025.9.0-bwpm

v2025.8.1-bwa

v2025.8.1-bwpm

v2025.8.0-bwa

v2025.8.0-bwpm

v2025.7.2-bwa

v2025.7.2-bwpm

v2025.7.1-bwa

v2025.7.1-bwpm

v2025.7.0-bwa

v2025.7.0-bwpm

v2025.6.1-bwpm

v2025.6.0-bwa

v2025.6.0-bwpm

v2025.1.0-bwa

v2025.5.0-bwa

v2025.5.0-bwpm

v2025.5.999

2025.4.0

v2025.4.0

untagged-4731eaadac73f3dfbbb8

v2025.3.0

v2025.2.0

untagged-815a165c5d70ffe75bc7

v2025.1.2

v2025.1.1

v2025.1.0

v2024.12.0

untagged-5a76b6392a4c8998c63a

v2024.11.7

v2024.11.6

v2024.11.5

v2024.11.4

v2024.11.3

v2024.11.2

v2024.11.1

v2024.11.0

v2024.10.2

v2024.10.1

v2024.10.0

v2024.9.0

v2024.8.1

v2024.8.0

v2024.7.3

v2024.7.2

v2024.7.1

v2024.7.0

v2024.6.1

v2024.6.0

v2024.5.1

v2024.4.1

v2024.4.2

v2024.4.0

v2024.3.3

v2024.3.1

v2024.3.0

v2024.2.1

v2024.2.0

v2024.1.1

v2024.1.0

v2023.12.0

v2023.10.0

v2023.9.2

maui-single-project-android

v2023.9.1

v2023.9.0

v2023.8.0

v2023.7.0

v2023.5.0

v2023.4.0

v2023.3.2

v2023.3.1

v2023.3.0

v2023.2.0

v2023.1.0

v2022.11.0

v2022.10.0

v2022.9.1

v2022.9.0

v2022.8.0

v2022.6.2

v2022.6.1

v2022.6.0

v2022.05.0

v2.18.0

v2.17.0

v2.16.4

v2.16.3

v2.16.2

v2.16.1

v2.15.0

v2.14.2

v2.14.1

v2.14.0

v2.13.0

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.0

v2.9.1

v2.9.0

v2.8.2

v2.8.1

v2.8.0

v2.7.2

v2.7.0

v2.6.1

v2.6.0

v2.5.6

v.2.5.5

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.1

v2.3.0

v2.2.8

v2.2.7

v2.2.6

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.0

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.22.1

v1.22.0

v1.21.0

v1.20.0

v1.19.0

v1.18.1

v1.18.0

v1.17.0

v1.16.0

v1.15.2

v1.15.1

v1.15.0

v1.14.4

v1.14.1

v1.14.0

v1.13.0

v1.12.2

v1.12.1

v1.12.0

v1.11.1

v1.11.0

v1.10.0

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.5

v1.6.1

v1.6.0

v1.5.1

v1.5.0

v1.4.4

v1.4.3

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.1.0

v1.0.0

v0.0.6

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels

app:authenticator

app:password-manager

bug

bug-passkey

customer-support

duplicate

enhancement

good first issue

help wanted

needs-reply

needs-response

pull-request

Mirrored from GitHub Pull Request

question

No Label app:password-manager bug-passkey

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/android#50591