Bitwarden browser extension

seedrick · August 21, 2025, 5:15pm

What type of hardware are you using: Raspberry Pi 3, 4+
What YunoHost version are you running: 12.4.14
What app is this about: Vaultwarden

Describe your issue

Been using Vaultwarden with the Bitwarden apps for years now. Only “issue” I had before is that I couldn’t log in to the vault via browser when also logged in to Yunohost, but that has an easy workaround–use incognito/private browser mode. I think I read somewhere that it’s expected behavior in Yunohost.

The issue I’m seeing since the latest update is that the chromium extensions get 401’s now. Mobile app is still fine from my testing–which was just to fire off a sync. I’m too scared to actually log out to see if it would take a login from the mobile app.

Share relevant logs or error messages

[2025-08-21 12:50:33.146][vaultwarden::api::identity][INFO] User USER@DOMAIN.TLD logged in successfully. IP: XXX.XXX.XXX.XXX
[2025-08-21 12:50:33.146][response][INFO] (login) POST /bitwarden/identity/connect/token => 200 OK
[2025-08-21 12:50:33.146][response][INFO] (login) POST /bitwarden/identity/connect/token => 200 OK
[2025-08-21 12:50:33.433][request][INFO] GET /bitwarden/api/config
[2025-08-21 12:50:33.433][request][INFO] GET /bitwarden/api/config
[2025-08-21 12:50:33.433][response][INFO] (config) GET /bitwarden/api/config => 200 OK
[2025-08-21 12:50:33.433][response][INFO] (config) GET /bitwarden/api/config => 200 OK
[2025-08-21 12:50:33.586][request][INFO] GET /bitwarden/notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2025-08-21 12:50:33.586][request][INFO] GET /bitwarden/notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2025-08-21 12:50:33.586][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from XXX.XXX.XXX.XXX
[2025-08-21 12:50:33.586][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from XXX.XXX.XXX.XXX
[2025-08-21 12:50:33.586][response][INFO] (websockets_hub) GET /bitwarden/notifications/hub?<data..> => 200 OK
[2025-08-21 12:50:33.586][response][INFO] (websockets_hub) GET /bitwarden/notifications/hub?<data..> => 200 OK
[2025-08-21 12:50:33.589][request][INFO] GET /bitwarden/api/config
[2025-08-21 12:50:33.589][request][INFO] GET /bitwarden/api/config
[2025-08-21 12:50:33.589][response][INFO] (config) GET /bitwarden/api/config => 200 OK
[2025-08-21 12:50:33.589][response][INFO] (config) GET /bitwarden/api/config => 200 OK
[2025-08-21 12:50:33.603][request][INFO] GET /bitwarden/api/sync
[2025-08-21 12:50:33.603][request][INFO] GET /bitwarden/api/sync
[2025-08-21 12:50:33.603][vaultwarden::auth][ERROR] Token is invalid
[2025-08-21 12:50:33.603][vaultwarden::auth][ERROR] Token is invalid
[2025-08-21 12:50:33.603][auth][ERROR] Unauthorized Error: Invalid claim
[2025-08-21 12:50:33.603][auth][ERROR] Unauthorized Error: Invalid claim
[2025-08-21 12:50:33.603][vaultwarden::api::core::ciphers::_][WARN] Request guard `Headers` failed: "Invalid claim".
[2025-08-21 12:50:33.603][vaultwarden::api::core::ciphers::_][WARN] Request guard `Headers` failed: "Invalid claim".
[2025-08-21 12:50:33.603][response][INFO] (sync) GET /bitwarden/api/sync?<data..> => 401 Unauthorized
[2025-08-21 12:50:33.603][response][INFO] (sync) GET /bitwarden/api/sync?<data..> => 401 Unauthorized
[2025-08-21 12:50:33.804][vaultwarden::api::notifications][INFO] Closing WS connection from XXX.XXX.XXX.XXX
[2025-08-21 12:50:33.804][vaultwarden::api::notifications][INFO] Closing WS connection from XXX.XXX.XXX.XXX```

andy_0 · August 21, 2025, 6:25pm

If I understand correctly I believe this issue is “old” and there was a workaround for this problem before the maintainer provided a fix. Background was the Yunohost SSO (single sign on) behaviour which was enforced for vaultwarden (Session expires immediately on login · Issue #3 · YunoHost-Apps/vaultwarden_ynh · GitHub).

Maybe you have another problem. Please check that visitors are allowed to visit vaultwarden (Yunohost - Apps - Vaultwarden - Group permissions), and that visitors have permission (same page) for the api..

seedrick · August 21, 2025, 6:40pm

Yes, visitors do have the permission–it’s the only way the mobile app and extension worked before. I did check again to make sure.

The api permission doesn’t seem to be separate anymore, there’s only a single Vaultwarden permission that I could find.

I’ll try removing it entirely and adding it back in a little bit, see if that changes anything.

andy_0 · August 21, 2025, 6:57pm

As a next step I would also suggest to deinstall Vaultwarden and then install it again. Please ensure to create a manual backup of Vaultwarden with Yunohost. To be extra safe I would login to the app and extract your passwords as JSON manually.

OniriCorpe · August 22, 2025, 3:41am

It still is according to the code: vaultwarden_ynh/manifest.toml at master · YunoHost-Apps/vaultwarden_ynh · GitHub
And it is protected against deletion so a miss click can’t have deleted it

You can try to force upgrade the package using this command: sudo yunohost app upgrade vaultwarden --force

system · September 6, 2025, 3:42am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.