mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-07-17 01:12:27 -05:00
[GH-ISSUE #7208] When using 'Log in with device' two notifications are sent to the device (phone) #30135
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @Bartype on GitHub (May 12, 2026).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/7208
Prerequisites
Vaultwarden Support String
Your environment (Generated via diagnostics page)
Config & Details (Generated via diagnostics page)
Show Config & Details
Environment settings which are overridden: DOMAIN, ADMIN_TOKEN
Config:
Vaultwarden Build Version
v1.36.0
Deployment method
Official Container Image
Custom deployment method
vaultwarden "log in with a device" notification is sent two times to mobile device, the second one always immediately after the first one is confirmed, with the same fingerprint phase as the first one. When i deny the notification, there is no second notification.
When i used this option with bitwarden there was just one notification.
Reverse Proxy
NPMplus 2026-04-21-r2
Host/Server Operating System
NAS/SAN
Operating System Version
Qnap QuTS hero h5.2.9.3410 (2026-02-14)
Clients
Android
Client Version
Samsun Galaxy S21, Android 15
Steps To Reproduce
Expected Result
Only one notification is needed.
Actual Result
There are always two notifications send. The second one immidiatley after the first one is approved. When i deny the first notification, there is NO second notification.
When i deny the second notification, the mobile app just displays an error. The already approved session stays approved despite this error.
Logs
Screenshots or Videos
No response
Additional Context
No response
@BlackDex commented on GitHub (May 12, 2026):
Closing this as a duplicate of #6788
The problem is the clients which seem to think they need to handle the auth success response too.