[GH-ISSUE #1796] Cannot add second security key #1062

New issue

Closed

opened 2026-03-03 02:05:55 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 02:05:55 +03:00

Owner

Originally created by @fireglow on GitHub (Jun 26, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1796

Subject of the issue

When trying to add a second security key in the Two-step Login FIDO2 WebAuthn UI, an error occurs.

vaultwarden version:
1.21.0-46e0f3c4
Install method:
cargo build --release
Clients used:
- bw_web_builds version: v2.20.4b

Steps to reproduce

Add first security key
Try to add second key

Expected behaviour

The second key is added to the list

Actual behaviour

The UI returns an error ("There was a problem reading the security key. Try again.") immediately after clicking on the "Read Key" button.
The browser console logs
TypeError: CredentialsContainer.create: 'transports' member of PublicKeyCredentialDescriptor can't be converted to a sequence.
The vaultwarden logs only show the expected

[request][INFO] POST /api/two-factor/get-webauthn-challenge
[response][INFO] POST /api/two-factor/get-webauthn-challenge (generate_webauthn_challenge) => 200 OK

Troubleshooting data

Originally created by @fireglow on GitHub (Jun 26, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1796 ### Subject of the issue When trying to add a second security key in the Two-step Login FIDO2 WebAuthn UI, an error occurs. * vaultwarden version: 1.21.0-46e0f3c4 * Install method: `cargo build --release` * Clients used: * bw_web_builds version: v2.20.4b ### Steps to reproduce * Add first security key * Try to add second key ### Expected behaviour The second key is added to the list ### Actual behaviour The UI returns an error ("There was a problem reading the security key. Try again.") immediately after clicking on the "Read Key" button. The browser console logs `TypeError: CredentialsContainer.create: 'transports' member of PublicKeyCredentialDescriptor can't be converted to a sequence.` The vaultwarden logs only show the expected ``` [request][INFO] POST /api/two-factor/get-webauthn-challenge [response][INFO] POST /api/two-factor/get-webauthn-challenge (generate_webauthn_challenge) => 200 OK ``` ### Troubleshooting data  ![Screenshot_2021-06-26_20-39-35](https://user-images.githubusercontent.com/16845/123522627-ab3d8c80-d6be-11eb-8652-3d11632a8c5d.png)

kerem

2026-03-03 02:05:55 +03:00

closed this issue
added the
bug

Third party
labels

kerem commented

2026-03-03 02:05:56 +03:00

Author

Owner

@BlackDex commented on GitHub (Jun 26, 2021):

Confirmed.
There already is a PR to fix this upstream: https://github.com/kanidm/webauthn-rs/pull/80

@BlackDex commented on GitHub (Jun 26, 2021): Confirmed. There already is a PR to fix this upstream: https://github.com/kanidm/webauthn-rs/pull/80

kerem commented

2026-03-03 02:05:56 +03:00

Author

Owner

@BlackDex commented on GitHub (Jun 26, 2021):

The PR has been merged. So we just need to update the commit hash, test it, and merge that on our side.

@BlackDex commented on GitHub (Jun 26, 2021): The PR has been merged. So we just need to update the commit hash, test it, and merge that on our side.

kerem commented

2026-03-03 02:05:56 +03:00

Author

Owner

@fireglow commented on GitHub (Jun 27, 2021):

Can confirm that with the webauthn-rs commit updated to 02a99f534127b30c6f4df7f2d42bc24f76dc4211 in Cargo.toml,
it's possible to add additional security keys.

@fireglow commented on GitHub (Jun 27, 2021): Can confirm that with the webauthn-rs commit updated to 02a99f534127b30c6f4df7f2d42bc24f76dc4211 in Cargo.toml, it's possible to add additional security keys.