Login with Passkey returns Internal Server Error

I just tried to login with a Passkey and configured my Nitrokey 3A Mini in the Security Settings of my forum account. The setup worked, but when I try to login with it, after I touched the touch button, the forum returns an error message:

It would be cool if this would be fixed!

@bodems - Sorry I missed this post until now. I don't have a Passkey setup (I use a Yubikey) so I cannot directly test this. Does it still fail now if you try it? I can check the logs when you attempt it to see if there is anything obvious.

I cannot tell if you filled in your user-name behind the pop-up or not? Is the Passkey supposed to do that too?

I just tried it again. I deleted my Key and configured it again and I still get Internal Server Error. I also tried it with filling out the username in the field and without. When I click on "Login with a Passkey" it directly wants my PIN, there is no popup for filling out my username.

Would it be possible for you to try a different browser other than Firefox (Linux version). I see the error in the logs but it looks like it may be a client incompatibility.

I dug into your issue a bit deeper (not a crypto expert, but have a working knowledge) and it appears that your device is requesting verification using the COSE algorithm EdDSA that from what I can see in the Discourse authenticator code, is not being handled properly - hence the failures you are seeing. Is it possible to use your key as 2FA source here instead.

I have posted a bug report to the Discourse devs regarding this problem.

1 Like

Ok, thanks for the information!