Hello, thanks for you help in diagnoising my issue.
We have been a long time passbolt user, over 4 years and have never had a problem maintaining the system until now.
We upgrade to version 5.2.0 and all appeared well but then realised the chrome extension was not being detected for new sign ups. Everything was working well for all other methods (API & existing users through the extension). Whilst diagnosing we decided to go ahead and upgrade to 5.4.1 as it was the latest, we did so upgraded all meta data using the migration tool.
The current situation is:
The Good:
Existing users can see existing passwords, both own and shared.
Existing users can create and share new passwords from the GUI/Extension and they work fine.
API access through our ansible scripts can read and create passwords.
The Bad:
Any password created using the API cannot be seen in the GUI by anyone, not the owner nor anyone it was shared with.
New users keep getting the “Please install extension from store” page even though its installed.
Now these might be entirely unrelated if so I am happy to split this into 2 seperate issues, but in the off chance they are actually caused by the same root problem I thought I would start here. Any help would be appreciated.
What I have tried
I have checked the logs of both passbolt and chrome and not found anything that points me to errors. I have checked the headers in Chrome to ensure they correctly set CSP which I believe is correct:
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,apikey
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://passbolt.xtremecontrols.co.uk
access-control-expose-headers: X-GPGAuth-Verify-Response
access-control-expose-headers: X-GPGAuth-Progress
access-control-expose-headers: X-GPGAuth-User-Auth-Token
access-control-expose-headers: X-GPGAuth-Authenticated
access-control-expose-headers: X-GPGAuth-Refer
access-control-expose-headers: X-GPGAuth-Debug
access-control-expose-headers: X-GPGAuth-Error
access-control-expose-headers: X-GPGAuth-Pubkey
access-control-expose-headers: X-GPGAuth-Logout-Url
access-control-expose-headers: X-GPGAuth-Version
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 99089eba4c16a690-LHR
content-encoding: zstd
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self'; frame-src 'self' https://*.duosecurity.com; frame-ancestors 'self' chrome-extension: moz-extension:;
content-type: text/html; charset=UTF-8
date: Sat, 18 Oct 2025 14:10:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
referrer-policy: same-origin
referrer-policy: origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3WGp2uyBgUlUegS0X0CxVQwONswRh0hPFMGisyFiyhwiEedP%2BxP4u%2BP%2FLCorHjCFqbHQULLWbR1cW1944gzZnLu97R8tePtXjZ2pjOIbmduCQO7nCfoPWQM3O8mE"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-gpgauth-authenticated: false
x-gpgauth-debug: There is no user associated with this key. No key id set.
x-gpgauth-error: true
x-gpgauth-login-url: /auth/login
x-gpgauth-logout-url: /auth/logout
x-gpgauth-progress: stage0
x-gpgauth-pubkey-url: /auth/verify.json
x-gpgauth-verify-url: /auth/verify
x-gpgauth-version: 1.3.0
x-permitted-cross-domain-policies: all
I have run the health check tool and check all have [PASS] its very large so haven’t posed here/
I have checked the ownership of the passwords that cannot be seen in the GUI:
=== Query 1: Basic Resource Information ===
--------------
SELECT r.id, r.created_by, r.deleted, r.folder_parent_id FROM resources r WHERE r.id = '06d59ecb-6da0-45ff-ae1a-a533d97cb9c7'
--------------
ERROR 1054 (42S22) at line 1: Unknown column 'r.folder_parent_id' in 'SELECT'
=== Query 2: Creator Username ===
id username active
1fc5d236-6142-49e2-8cdc-37acf74baf34 support@xtremecontrols.com 1
=== Query 3: ALL PERMISSIONS (CRITICAL) ===
aro aro_foreign_key type owner
Group 8f4afad7-f1d2-4424-8acd-ef76690f6faa 1 administrators@xtremecontrols.com
User 1fc5d236-6142-49e2-8cdc-37acf74baf34 15 support@xtremecontrols.com
=== Query 4: All Encrypted Secrets ===
user_id username
8f21f705-2579-415c-a80f-28d1a37be886 paul@xtremecontrols.com
f82cc06b-a4a8-4dc1-bea1-60d853b84567 nick@xtremecontrols.co.uk
1fc5d236-6142-49e2-8cdc-37acf74baf34 support@xtremecontrols.com
=== Query 5: Check Folder Relations ===
--------------
SELECT fp.id, fp.name, fp.deleted, u.username FROM folders_relations fr JOIN folders fp ON fr.foreign_id = fp.id JOIN users u ON fp.created_by = u.id WHERE fr.foreign_model = 'Resource' AND fr.foreign_id = '06d59ecb-6da0-45ff-ae1a-a533d97cb9c7'
--------------
ERROR 1054 (42S22) at line 1: Unknown column 'fp.deleted' in 'SELECT'
=== Query 6: Resource Type Information ===
id slug name
dd1f723d-0d1e-513f-8218-4055dc0530d0 v5-default Default resource type
Any hints on what I should be looking for or how I can resolve these 2 issues?