Error decoding JWT immediately after login #1327

New Issue

MrUnknownDE · 2026-04-06T01:45:56+02:00

MrUnknownDE commented

2026-04-06 01:45:56 +02:00

Originally created by @hzliu on 12/5/2023

vaultwarden version: 1.30.1
Install method: docker image
Clients used: web vault / android client
Reverse proxy and version: nginx 1.14.1

use sqlite

the server log followed:

/--------------------------------------------------------------------
| Starting Vaultwarden |

Version 1.30.1

This is an unofficial Bitwarden implementation, DO NOT use the

official channels to report bugs/features, regardless of client.

Send usage/configuration questions or feature requests to:

https://github.com/dani-garcia/vaultwarden/discussions or

https://vaultwarden.discourse.group/

Report suspected bugs/issues in the software itself at:

https://github.com/dani-garcia/vaultwarden/issues/new

--------------------------------------------------------------------/

[2023-12-05 01:30:34.734][start][INFO] Rocket has launched from http://0.0.0.0:80
[2023-12-05 01:31:49.424][request][INFO] GET /api/devices/knowndevice
[2023-12-05 01:31:49.748][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2023-12-05 01:31:54.103][request][INFO] POST /identity/accounts/prelogin
[2023-12-05 01:31:54.112][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2023-12-05 01:31:54.313][request][INFO] POST /identity/connect/token
[2023-12-05 01:31:54.663][error][ERROR] 2FA token not provided
[2023-12-05 01:31:54.664][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2023-12-05 01:32:12.186][request][INFO] POST /identity/connect/token
[2023-12-05 01:32:12.670][vaultwarden::api::identity][INFO] User xxxxx logged in successfully. IP: xxx.xxx.xxx.xxx
[2023-12-05 01:32:12.670][response][INFO] (login) POST /identity/connect/token => 200 OK
[2023-12-05 01:32:12.859][request][INFO] GET /api/config
[2023-12-05 01:32:12.859][response][INFO] (config) GET /api/config => 200 OK
[2023-12-05 01:32:13.023][request][INFO] POST /identity/connect/token
[2023-12-05 01:32:13.054][response][INFO] (login) POST /identity/connect/token => 200 OK
[2023-12-05 01:32:13.231][request][INFO] GET /api/config
[2023-12-05 01:32:13.249][response][INFO] (config) GET /api/config => 200 OK
[2023-12-05 01:32:13.327][request][INFO] GET /api/sync?excludeDomains=true
[2023-12-05 01:32:13.328][vaultwarden::auth][ERROR] Error decoding JWT
[2023-12-05 01:32:13.328][auth][ERROR] Unauthorized Error: Invalid claim
[2023-12-05 01:32:13.328][vaultwarden::api::core::ciphers::_][WARN] Request guard Headers failed: "Invalid claim".
[2023-12-05 01:32:13.328][response][INFO] (sync) GET /api/sync?<data..> => 401 Unauthorized
[2023-12-05 01:32:13.527][request][INFO] GET /api/config
[2023-12-05 01:32:13.527][response][INFO] (config) GET /api/config => 200 OK
[2023-12-05 01:32:13.528][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2023-12-05 01:32:13.528][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from xxx.xxx.xxx.xxx
[2023-12-05 01:32:13.528][vaultwarden::auth][ERROR] Error decoding JWT
[2023-12-05 01:32:13.528][vaultwarden::api::notifications][ERROR] Invalid token
[2023-12-05 01:32:13.528][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 401 Unauthorized
[2023-12-05 01:32:13.725][request][INFO] GET /api/config
[2023-12-05 01:32:13.725][response][INFO] (config) GET /api/config => 200 OK

Other relevant details:

Steps to reproduce

just login with the web vault

*Originally created by @hzliu on 12/5/2023* * vaultwarden version: 1.30.1 * Install method: docker image * Clients used: web vault / android client * Reverse proxy and version: nginx 1.14.1 use sqlite the server log followed: > /--------------------------------------------------------------------\ > | Starting Vaultwarden | > | Version 1.30.1 | > |--------------------------------------------------------------------| > | This is an *unofficial* Bitwarden implementation, DO NOT use the | > | official channels to report bugs/features, regardless of client. | > | Send usage/configuration questions or feature requests to: | > | https://github.com/dani-garcia/vaultwarden/discussions or | > | https://vaultwarden.discourse.group/ | > | Report suspected bugs/issues in the software itself at: | > | https://github.com/dani-garcia/vaultwarden/issues/new | > \--------------------------------------------------------------------/ > > [2023-12-05 01:30:34.734][start][INFO] Rocket has launched from http://0.0.0.0:80 > [2023-12-05 01:31:49.424][request][INFO] GET /api/devices/knowndevice > [2023-12-05 01:31:49.748][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK > [2023-12-05 01:31:54.103][request][INFO] POST /identity/accounts/prelogin > [2023-12-05 01:31:54.112][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK > [2023-12-05 01:31:54.313][request][INFO] POST /identity/connect/token > [2023-12-05 01:31:54.663][error][ERROR] 2FA token not provided > [2023-12-05 01:31:54.664][response][INFO] (login) POST /identity/connect/token => 400 Bad Request > [2023-12-05 01:32:12.186][request][INFO] POST /identity/connect/token > [2023-12-05 01:32:12.670][vaultwarden::api::identity][INFO] User xxxxx logged in successfully. IP: xxx.xxx.xxx.xxx > [2023-12-05 01:32:12.670][response][INFO] (login) POST /identity/connect/token => 200 OK > [2023-12-05 01:32:12.859][request][INFO] GET /api/config > [2023-12-05 01:32:12.859][response][INFO] (config) GET /api/config => 200 OK > [2023-12-05 01:32:13.023][request][INFO] POST /identity/connect/token > [2023-12-05 01:32:13.054][response][INFO] (login) POST /identity/connect/token => 200 OK > [2023-12-05 01:32:13.231][request][INFO] GET /api/config > [2023-12-05 01:32:13.249][response][INFO] (config) GET /api/config => 200 OK > **[2023-12-05 01:32:13.327][request][INFO] GET /api/sync?excludeDomains=true > [2023-12-05 01:32:13.328][vaultwarden::auth][ERROR] Error decoding JWT > [2023-12-05 01:32:13.328][auth][ERROR] Unauthorized Error: Invalid claim** > [2023-12-05 01:32:13.328][vaultwarden::api::core::ciphers::_][WARN] Request guard `Headers` failed: "Invalid claim". > [2023-12-05 01:32:13.328][response][INFO] (sync) GET /api/sync?<data..> => 401 Unauthorized > [2023-12-05 01:32:13.527][request][INFO] GET /api/config > [2023-12-05 01:32:13.527][response][INFO] (config) GET /api/config => 200 OK > [2023-12-05 01:32:13.528][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL > [2023-12-05 01:32:13.528][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from xxx.xxx.xxx.xxx > [2023-12-05 01:32:13.528][vaultwarden::auth][ERROR] Error decoding JWT > [2023-12-05 01:32:13.528][vaultwarden::api::notifications][ERROR] Invalid token > [2023-12-05 01:32:13.528][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 401 Unauthorized > [2023-12-05 01:32:13.725][request][INFO] GET /api/config > [2023-12-05 01:32:13.725][response][INFO] (config) GET /api/config => 200 OK * Other relevant details: ### Steps to reproduce just login with the web vault

MrUnknownDE closed this issue

2026-04-06 01:45:56 +02:00

Sign in to join this conversation.

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#1327