Error decoding JWT #4400

Closed
opened 2026-03-07 19:43:55 -06:00 by GiteaMirror · 5 comments
Owner

Originally created by @talan-z on GitHub (Jul 26, 2020).

Hello!
I have below issue. Hopefully there is an easy fix!

Subject of the issue

I created a new organization and invited a friend to join. Upon clicking the link, filling up the new account information, and submitting, the following appears on the webpage: Error decoding JWT.

Your environment

  • Bitwarden_rs version: 1.16.0
  • Install method: docker
  • Clients used: Webpage
  • Reverse proxy and version: caddy v1.0.5
  • Version of mysql/postgresql: n/a
  • Other relevant information:

Relevant logs

bitwarden_1 | [2020-07-26 14:12:36][request][INFO] GET /api/organizations/a52078e7-0de5-455c-93f9-872937062640/policies/token?token=eyJ0eXAiOiJKV1QiLCJhbGci
bitwarden_1 | [2020-07-26 14:12:36][error][ERROR] Error decoding JWT.
bitwarden_1 | [CAUSE] Error(
bitwarden_1 | ExpiredSignature,
bitwarden_1 | )
bitwarden_1 | [2020-07-26 14:12:36][response][INFO] GET /api/organizations/<org_id>/policies/token? (list_policies_token) => 400 Bad Request
bitwarden_1 | [2020-07-26 14:12:50][request][INFO] POST /api/accounts/register
bitwarden_1 | [2020-07-26 14:12:50][error][ERROR] Error decoding JWT.
bitwarden_1 | [CAUSE] Error(
bitwarden_1 | ExpiredSignature,
bitwarden_1 | )
bitwarden_1 | [2020-07-26 14:12:50][response][INFO] POST /api/accounts/register (register) => 400 Bad Request

Thank you,
Philipp

Originally created by @talan-z on GitHub (Jul 26, 2020). Hello! I have below issue. Hopefully there is an easy fix! ### Subject of the issue I created a new organization and invited a friend to join. Upon clicking the link, filling up the new account information, and submitting, the following appears on the webpage: Error decoding JWT. ### Your environment * Bitwarden_rs version: 1.16.0 * Install method: docker * Clients used: Webpage * Reverse proxy and version: caddy v1.0.5 * Version of mysql/postgresql: n/a * Other relevant information: ### Relevant logs bitwarden_1 | [2020-07-26 14:12:36][request][INFO] GET /api/organizations/a52078e7-0de5-455c-93f9-872937062640/policies/token?token=eyJ0eXAiOiJKV1QiLCJhbGci bitwarden_1 | [2020-07-26 14:12:36][error][ERROR] Error decoding JWT. bitwarden_1 | [CAUSE] Error( bitwarden_1 | ExpiredSignature, bitwarden_1 | ) bitwarden_1 | [2020-07-26 14:12:36][response][INFO] GET /api/organizations/<org_id>/policies/token?<token> (list_policies_token) => 400 Bad Request bitwarden_1 | [2020-07-26 14:12:50][request][INFO] POST /api/accounts/register bitwarden_1 | [2020-07-26 14:12:50][error][ERROR] Error decoding JWT. bitwarden_1 | [CAUSE] Error( bitwarden_1 | ExpiredSignature, bitwarden_1 | ) bitwarden_1 | [2020-07-26 14:12:50][response][INFO] POST /api/accounts/register (register) => 400 Bad Request Thank you, Philipp
GiteaMirror added the enhancementlow priority labels 2026-03-07 19:43:55 -06:00
Author
Owner

@dani-garcia commented on GitHub (Jul 26, 2020):

The emails expire after five days I think, did he open the link after that time has passed?

@dani-garcia commented on GitHub (Jul 26, 2020): The emails expire after five days I think, did he open the link after that time has passed?
Author
Owner

@BlackDex commented on GitHub (Oct 9, 2020):

Closing this long open issue. Please feel free to reopen if it is still not resolved 😄.

@BlackDex commented on GitHub (Oct 9, 2020): Closing this long open issue. Please feel free to reopen if it is still not resolved 😄.
Author
Owner

@ItsShadowCone commented on GitHub (Apr 26, 2021):

As of currently, this is still the case. Also the email does not say anything about the five day limit.

We should provide a different error message if token decoding fails due to expiration, especially for invite links.

@ItsShadowCone commented on GitHub (Apr 26, 2021): As of currently, this is still the case. Also the email does not say anything about the five day limit. We should provide a different error message if token decoding fails due to expiration, especially for invite links.
Author
Owner

@BlackDex commented on GitHub (Apr 26, 2021):

Well, the fefault value is 5 for upstream (although you can configure it there if self-hosted).
But it also does not mention this limit anywhere as far i can remember.

Though, we maybe can try to change the message maybe.

@BlackDex commented on GitHub (Apr 26, 2021): Well, the fefault value is 5 for upstream (although you can configure it there if self-hosted). But it also does not mention this limit anywhere as far i can remember. Though, we maybe can try to change the message maybe.
Author
Owner

@BlackDex commented on GitHub (Jun 21, 2021):

I'm going to close this again, as we want to try and keep as close as possible to upstream.
If someone really want's to implement something regarding this we may accept a well written PR.

But in my opinion, it will only add more complexity since all tokens use the same decoding function.

@BlackDex commented on GitHub (Jun 21, 2021): I'm going to close this again, as we want to try and keep as close as possible to upstream. If someone really want's to implement something regarding this we may accept a well written PR. But in my opinion, it will only add more complexity since all tokens use the same decoding function.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#4400