cunnect
December 27, 2025, 11:52pm
1
Hi everyone,
I am facing a strange issue when onboarding users with the Passbolt iOS app.
Problem
When setting up a regular (non-admin) user on an iPhone running iOS 26.2 , the process always fails with:
“Something went wrong”
Buttons: Refresh / Logout
The QR code is scanned successfully, then the setup is canceled.
Important:
The exact same process works perfectly for an admin user .
Environment
Log excerpts (anonymized) GET /rbacs/me.json -> 200
error: rbacs configuration fetching failed!
POST /mobile/transfers/<REDACTED>/<REDACTED>.json
CancellationError: processing canceled
error: mobile transfer processing canceled!
So /rbacs/me.json returns HTTP 200, but the app immediately reports“rbacs configuration fetching failed” and aborts the onboarding.
Server healthcheck Server healthcheck is completely green.
What I already tried
Re-created the affected users
Ensured mobile app setup is enabled
Fixed /etc/passbolt/jwt permissions as recommended
Verified SSL, JWT, GPG, database and metadata – all checks pass
Admin user continues to work, only regular users fail
Has anyone seen this behavior before or has an idea why the iOS app fails only for non-admin users while /rbacs/me.jsonstill returns 200?
Any hints would be highly appreciated.
Thanks in advance,
1 Like
Hi everyone, I’m experiencing the same problem. I tried deleting the account in the iOS app and adding it again, but the error persists.
This has been happening since the last server update to v5.8.0 on the PRO Docker rootless image (around the 24th), using iOS v26.2 and the Passbolt 2.5.0 app. Here are some logs extracted from the app (there’s nothing relevant in Docker):
Passbolt:
Device: iPhone
OS: 26.2
App: 2.5.0
[2025-12-28 16:36:50] [17FC0EEC-A64F-4CD5-9339-2F7EE7D7F951] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:36:58] [7631A99A-1DB4-4FCB-B4CC-6EFBCC501B30] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:37:12] [A932AC53-DAC5-4ABA-80C4-71ABBAF6CE99] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:37:43] [80C48BE0-036B-4637-AD22-8325887785C1] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:38:03] [6F5BCEEE-EBDC-4C1B-8EA3-C916BC84822B] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:38:42] [6885F353-1DA7-4C9D-A3FC-0DA71E13B91B] HTTP 200 /rbacs/me.json
[2025-12-28 16:38:42] …rbacs configuration fetching failed!
[2025-12-28 16:39:02] Fetching server configuration…
[2025-12-28 16:39:02] [A72447B6-C1BF-4915-86E4-71335E20B6FA] HTTP GET /settings.json
[2025-12-28 16:39:02] [A72447B6-C1BF-4915-86E4-71335E20B6FA] HTTP 200 /settings.json
[2025-12-28 16:39:02] …server configuration fetched!
[2025-12-28 16:39:02] Fetching rbacs configuration…
[2025-12-28 16:39:02] [754D4B1F-BC13-44DA-A139-878CF8562130] HTTP GET /rbacs/me.json
[2025-12-28 16:39:02] [754D4B1F-BC13-44DA-A139-878CF8562130] HTTP 200 /rbacs/me.json
[2025-12-28 16:39:02] …rbacs configuration fetching failed!
[2025-12-28 16:39:17] Closing session…
[2025-12-28 16:39:17] [8EA2A648-C1FF-4BD4-B370-4A2F55984B45] HTTP POST /auth/jwt/logout.json
[2025-12-28 16:39:17] [8EA2A648-C1FF-4BD4-B370-4A2F55984B45] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:39:17] Verifying data integrity…
[2025-12-28 16:39:17] …data integrity verification finished
[2025-12-28 16:39:17] [D8A3E95C-EE01-4935-992F-10F80C3A6748] HTTP GET /lookup
[2025-12-28 16:39:17] [D8A3E95C-EE01-4935-992F-10F80C3A6748] HTTP 200 /lookup
[2025-12-28 16:39:17] [AC672913-7191-45EC-AF24-65D9418470B0] HTTP GET /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:39:17] [941E6BCB-4EDC-416A-92D3-F02E9E9B88BF] HTTP GET /avatars/view/eca85183-8293-4d08-b188-62727f5d318b/medium.jpg
[2025-12-28 16:39:17] [AC672913-7191-45EC-AF24-65D9418470B0] HTTP 200 /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:39:17] [941E6BCB-4EDC-416A-92D3-F02E9E9B88BF] HTTP 200 /avatars/view/eca85183-8293-4d08-b188-62727f5d318b/medium.jpg
[2025-12-28 16:39:42] Beginning importing account kit…
[2025-12-28 16:40:44] [622A600D-7A0B-4E1D-88E1-34AE68079C96] HTTP GET /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:40:44] [622A600D-7A0B-4E1D-88E1-34AE68079C96] HTTP 200 /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:40:53] Beginning authorization…
[2025-12-28 16:40:53] …creating new access token…
[2025-12-28 16:40:53] …fetching server public PGP key…
[2025-12-28 16:40:53] …fetching server public RSA key…
[2025-12-28 16:40:53] [58002896-2D35-490B-8465-D6A612D5EECA] HTTP GET /auth/jwt/rsa.json
[2025-12-28 16:40:53] [FE4EA9F9-030D-4E8D-BCDE-43CE041A996A] HTTP GET /auth/verify.json
[2025-12-28 16:40:53] [58002896-2D35-490B-8465-D6A612D5EECA] HTTP 200 /auth/jwt/rsa.json
[2025-12-28 16:40:53] [FE4EA9F9-030D-4E8D-BCDE-43CE041A996A] HTTP 200 /auth/verify.json
[2025-12-28 16:40:53] Local timestamp: 1766940053
[2025-12-28 16:40:53] Server timestamp: 1766940053
[2025-12-28 16:40:53] Using time diff for session: 0
[2025-12-28 16:40:53] …verifying server public PGP key…
[2025-12-28 16:40:53] …preparing authorization challenge…
[2025-12-28 16:40:54] [F5686471-23C1-4086-8F13-3F8CC2A14012] HTTP POST /auth/jwt/login.json
[2025-12-28 16:40:54] [F5686471-23C1-4086-8F13-3F8CC2A14012] HTTP 200 /auth/jwt/login.json
[2025-12-28 16:40:54] Session created…
[2025-12-28 16:40:54] …authorization succeeded!
[2025-12-28 16:40:54] Verifying data integrity…
[2025-12-28 16:40:54] …data integrity verification finished
[2025-12-28 16:40:54] Fetching server configuration…
[2025-12-28 16:40:54] [721E4FE6-A5EA-441E-8E19-8C4AD7B6444B] HTTP GET /settings.json
[2025-12-28 16:40:54] [721E4FE6-A5EA-441E-8E19-8C4AD7B6444B] HTTP 200 /settings.json
[2025-12-28 16:40:54] …server configuration fetched!
[2025-12-28 16:40:54] Fetching rbacs configuration…
[2025-12-28 16:40:54] [851F9768-3D6D-4B7B-AB21-F20683DAC154] HTTP GET /rbacs/me.json
[2025-12-28 16:40:54] [851F9768-3D6D-4B7B-AB21-F20683DAC154] HTTP 200 /rbacs/me.json
[2025-12-28 16:40:54] …rbacs configuration fetching failed!
[2025-12-28 16:40:55] [8A0CAF95-E8D8-4A8F-B9C5-6F86692FCF1A] HTTP GET /lookup
[2025-12-28 16:40:55] [8A0CAF95-E8D8-4A8F-B9C5-6F86692FCF1A] HTTP 200 /lookup
[2025-12-28 16:40:56] Fetching server configuration…
[2025-12-28 16:40:56] [74791080-6214-41A0-A87E-89676B906A77] HTTP GET /settings.json
[2025-12-28 16:40:57] [74791080-6214-41A0-A87E-89676B906A77] HTTP 200 /settings.json
[2025-12-28 16:40:57] …server configuration fetched!
[2025-12-28 16:40:57] Fetching rbacs configuration…
[2025-12-28 16:40:57] [33941063-9DAF-4A87-BF2C-8477AE8E4B82] HTTP GET /rbacs/me.json
[2025-12-28 16:40:57] [33941063-9DAF-4A87-BF2C-8477AE8E4B82] HTTP 200 /rbacs/me.json
[2025-12-28 16:40:57] …rbacs configuration fetching failed!
[2025-12-28 16:41:01] Closing session…
[2025-12-28 16:41:01] [778D7D41-5061-4384-B959-5AA7245A622D] HTTP POST /auth/jwt/logout.json
[2025-12-28 16:41:01] [778D7D41-5061-4384-B959-5AA7245A622D] CancellationError
DiagnosticsContext:
•Cancelled Commons/Cancelled.swift:35
⮑ “path”: 35
⮑ “file”: Commons/Cancelled.swift
[2025-12-28 16:41:01] Verifying data integrity…
[2025-12-28 16:41:01] …data integrity verification finished
[2025-12-28 16:41:02] [FEAA91B9-DC27-4B59-8028-338AEB976CD2] HTTP GET /lookup
[2025-12-28 16:41:02] [FEAA91B9-DC27-4B59-8028-338AEB976CD2] HTTP 200 /lookup
[2025-12-28 16:41:02] [061F6571-8EBA-480D-9E36-645588D7268B] HTTP GET /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:41:02] [A849B656-405D-4652-9C35-F7AB834A319E] HTTP GET /avatars/view/eca85183-8293-4d08-b188-62727f5d318b/medium.jpg
[2025-12-28 16:41:02] [061F6571-8EBA-480D-9E36-645588D7268B] HTTP 200 /avatars/view/251f47a6-7a63-4a2f-8d66-bff2ca920385/medium.jpg
[2025-12-28 16:41:02] [A849B656-405D-4652-9C35-F7AB834A319E] HTTP 200 /avatars/view/eca85183-8293-4d08-b188-62727f5d318b/medium.jpg
[2025-12-28 16:41:02] Beginning importing account kit…
I tested it on Android and the Chrome extension (using the Brave browser), and it seems to work as usual
EDIT: I’ve run some tests and found that this only happens to regular users. Administrators can log in normally. If you promote a user to administrator, it can log in, but if it’s demoted to regular user, the error appears.
1 Like
gyaresu
December 29, 2025, 1:49am
3
Thanks folks.
I’ve reproduced this bug and have created task PB-47757
I’m in Australia so I won’t have an update for you until I can discuss it with colleagues in Luxembourg when they come online.
Sorry for the hassle.
I’ll update this thread when I know more.
Cheers
1 Like
remy
December 29, 2025, 2:25pm
4
3 Likes
gyaresu
December 30, 2025, 8:05am
5
Hey folks.
I’ve tested and can confirm iOS 2.5.1 passbolt app from the Apple store is working as expected now.
Thanks for your patience and sorry for the hassle.
Cheers
2 Likes
cunnect
December 30, 2025, 10:47am
6
Hi Passbolt team,
I just wanted to say thank you very much for the incredibly fast response and for implementing a fix in the iOS app so quickly.
This level of support is really impressive – the issue is now resolved on our side and onboarding works again for regular users as expected.
Much appreciated!
Best regards,
3 Likes
