Mobile app not allowing login

Checklist
[x ] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[ x] I provide a copy of my logs and healthcheck
[ x] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue

Hello, I am currently running Passbolt CE 4.3.0, and 1.15.0 of the iOS mobile app. I can log into the web UI just fine, however when trying to authenticate into the mobile app, immediately after entering a password and hitting “Sign In” it returns to the password prompt and I get the following error:

Passbolt:
Device: iPhone
OS: 17.0
App: 1.15.0

[2023-10-05 7:23:18 pm] Initializing the app…
[2023-10-05 7:23:18 pm] …app initialization completed!
[2023-10-05 7:23:18 pm] Verifying data integrity…
[2023-10-05 7:23:18 pm] …data integrity verification finished
[2023-10-05 7:23:18 pm] Fetching server configuration…
[2023-10-05 7:23:18 pm] …server configuration fetching skipped!
[2023-10-05 7:23:19 pm] [4462723A-D9CD-467B-BC9B-15937DCFCCAD] HTTP GET /lookup
[2023-10-05 7:23:19 pm] [4462723A-D9CD-467B-BC9B-15937DCFCCAD] HTTP 200 /lookup
[2023-10-05 7:23:19 pm] [5E6F6BAB-8A15-4F68-AD62-67201D1B144B] HTTP GET /avatars/view/b5ef5f01-0781-413e-b773-2431ddff7b93/medium.jpg
[2023-10-05 7:23:20 pm] [5E6F6BAB-8A15-4F68-AD62-67201D1B144B] HTTP 200 /avatars/view/b5ef5f01-0781-413e-b773-2431ddff7b93/medium.jpg
[2023-10-05 7:23:30 pm] Beginning authorization…
[2023-10-05 7:23:31 pm] …creating new access token…
[2023-10-05 7:23:31 pm] …fetching server public PGP key…
[2023-10-05 7:23:31 pm] …fetching server public RSA key…
[2023-10-05 7:23:31 pm] [9F84091F-BB55-41D6-BC81-A6A61A603F84] HTTP GET /auth/verify.json
[2023-10-05 7:23:31 pm] [F3835508-42B6-4540-B7D8-EB7DE1F0C9D7] HTTP GET /auth/jwt/rsa.json
[2023-10-05 7:23:31 pm] [F3835508-42B6-4540-B7D8-EB7DE1F0C9D7] HTTP 200 /auth/jwt/rsa.json
[2023-10-05 7:23:31 pm] [9F84091F-BB55-41D6-BC81-A6A61A603F84] HTTP 200 /auth/verify.json
[2023-10-05 7:23:31 pm] Local timestamp: 1696533811
[2023-10-05 7:23:31 pm] Server timestamp: 1696533811
[2023-10-05 7:23:31 pm] Using time diff for session: 0
[2023-10-05 7:23:31 pm] …verifying server public PGP key…
[2023-10-05 7:23:31 pm] …preparing authorization challenge…
[2023-10-05 7:23:31 pm] [8707C175-46AC-4871-9218-5763330C2C83] HTTP POST /auth/jwt/login.json
[2023-10-05 7:23:31 pm] [8707C175-46AC-4871-9218-5763330C2C83] HTTP 200 /auth/jwt/login.json
[2023-10-05 7:23:32 pm] …authorization succeeded!
[2023-10-05 7:23:32 pm] Verifying data integrity…
[2023-10-05 7:23:32 pm] …data integrity verification finished
[2023-10-05 7:23:32 pm] Fetching server configuration…
[2023-10-05 7:23:32 pm] [6E174D6D-FC8A-45F3-96B9-61EA8B30CB9A] HTTP GET /settings.json
[2023-10-05 7:23:32 pm] [6E174D6D-FC8A-45F3-96B9-61EA8B30CB9A] HTTP 200 /settings.json
[2023-10-05 7:23:32 pm] …server configuration fetched!
[2023-10-05 7:23:32 pm] [11F77BA2-B6F9-4ACD-A9D4-1FE878766217] HTTP GET /lookup
[2023-10-05 7:23:32 pm] [11F77BA2-B6F9-4ACD-A9D4-1FE878766217] HTTP 200 /lookup
[2023-10-05 7:23:32 pm] Refreshing users data…
[2023-10-05 7:23:32 pm] [0A548B99-21F8-4D78-A94E-24942DD00289] HTTP GET /users.json
[2023-10-05 7:23:32 pm] Updating account profile data…
[2023-10-05 7:23:32 pm] [E462427A-A953-4B4A-A5EF-9859435B11D7] HTTP GET /users/1a6e05fd-51ef-45e9-810d-b9f78f01c409.json
[2023-10-05 7:23:32 pm] [0A548B99-21F8-4D78-A94E-24942DD00289] HTTPUnauthorized
DiagnosticsContext:
•HTTPUnauthorized OSFeatures/NetworkRequestExecutor.swift:466
[2023-10-05 7:23:32 pm] [E462427A-A953-4B4A-A5EF-9859435B11D7] HTTPUnauthorized
DiagnosticsContext:
•HTTPUnauthorized OSFeatures/NetworkRequestExecutor.swift:466
[2023-10-05 7:23:32 pm] [269EA1D7-4365-4F41-9DCC-7A34FF2B5520] HTTP GET /avatars/view/afb6cd9a-fe9e-499f-a451-a6941978bc0e/medium.jpg
[2023-10-05 7:23:32 pm] [269EA1D7-4365-4F41-9DCC-7A34FF2B5520] HTTP 200 /avatars/view/afb6cd9a-fe9e-499f-a451-a6941978bc0e/medium.jpg

Additionally, the error log on the server shows:

2023-10-05 19:29:25 error: [Authentication\Authenticator\UnauthenticatedException] Authentication is required to continue in /usr/share/php/passbolt/vendor/cakephp/authentication/src/Controller/Component/AuthenticationComponent.php on line 177
Request URL: /users/1a6e05fd-51ef-45e9-810d-b9f78f01c409.json
Client IP: <IP_ADDRESS>
2023-10-05 19:29:25 error: [Authentication\Authenticator\UnauthenticatedException] Authentication is required to continue in /usr/share/php/passbolt/vendor/cakephp/authentication/src/Controller/Component/AuthenticationComponent.php on line 177
Request URL: /users.json?api-version=v2
Client IP: <IP_ADDRESS>
2023-10-05 19:29:25 error: [Authentication\Authenticator\UnauthenticatedException] Authentication is required to continue in /usr/share/php/passbolt/vendor/cakephp/authentication/src/Controller/Component/AuthenticationComponent.php on line 177
Request URL: /users/1a6e05fd-51ef-45e9-810d-b9f78f01c409.json
Client IP: <IP_ADDRESS>

Hello @reed5,

I’d like to know if you are using SSL on your server? if so

• Is it a self signed certificate? → You need to add your CA cert to your device
• LetsEncrypt?
• Other authority?

Navigate to your passbolt server using your browser in order to check if the connection is secure from your phone to your instance.

Thanks in advance

I am indeed using SSL, through a Let’s Encrypt certificate.

I have a very simular error:

Passbolt:
Device: iPhone
OS: 18.4.1
App: 1.22.1
----------
[2025-05-12 18:00:14] Initializing the app...
[2025-05-12 18:00:14] ...app initialization completed!
[2025-05-12 18:00:14] Verifying data integrity...
[2025-05-12 18:00:14] ...data integrity verification finished
[2025-05-12 18:00:15] [96338F63-F614-4508-908B-8BE4EE2BB385] HTTP GET /lookup
[2025-05-12 18:00:16] [96338F63-F614-4508-908B-8BE4EE2BB385] HTTP 200 /lookup
[2025-05-12 18:00:16] [9F9945FE-2EC4-42C2-98DB-229F417CAFF9] HTTP GET /img/avatar/user_medium.png
[2025-05-12 18:00:16] [9F9945FE-2EC4-42C2-98DB-229F417CAFF9] HTTP 200 /img/avatar/user_medium.png
[2025-05-12 18:00:29] Beginning authorization...
[2025-05-12 18:00:29] ...creating new access token...
[2025-05-12 18:00:29] ...fetching server public PGP key...
[2025-05-12 18:00:29] ...fetching server public RSA key...
[2025-05-12 18:00:29] [1BFE05A6-2ABB-4093-99EB-28D0A9F19D55] HTTP GET /auth/jwt/rsa.json
[2025-05-12 18:00:29] [5788912A-6F9B-40DE-B270-812A6BCE03A8] HTTP GET /auth/verify.json
[2025-05-12 18:00:29] [1BFE05A6-2ABB-4093-99EB-28D0A9F19D55] HTTPStatusCodeUnexpected
DiagnosticsContext:
•HTTP status code is not matching expected OSFeatures/NetworkRequestExecutor.swift:497
⮑ "path": 497
⮑ "file": OSFeatures/NetworkRequestExecutor.swift
[2025-05-12 18:00:29] [5788912A-6F9B-40DE-B270-812A6BCE03A8] HTTP 200 /auth/verify.json
[2025-05-12 18:00:29] Local timestamp: 1747072829
[2025-05-12 18:00:29] Server timestamp: 1747072829
[2025-05-12 18:00:29] Using time diff for session: 0
[2025-05-12 18:00:29] ...verifying server public PGP key...
[2025-05-12 18:00:29] ...preparing authorization challenge...
[2025-05-12 18:00:29] [EFCC6310-1BB0-41F8-8E6C-A4E4097B9C15] HTTP POST /auth/jwt/login.json
[2025-05-12 18:00:29] [EFCC6310-1BB0-41F8-8E6C-A4E4097B9C15] HTTPForbidden
DiagnosticsContext:
•HTTPForbidden OSFeatures/NetworkRequestExecutor.swift:473
⮑ "path": 473
⮑ "file": OSFeatures/NetworkRequestExecutor.swift
[2025-05-12 18:00:29] ...authorization failed!
[2025-05-12 18:00:29] ⚠ HTTPForbidden
DiagnosticsContext:
•HTTPForbidden OSFeatures/NetworkRequestExecutor.swift:473
⮑ "path": 473
⮑ "file": OSFeatures/NetworkRequestExecutor.swift
[2025-05-12 18:00:31] Beginning importing account kit...

Everything else is working 100%. The only thing I cannot do is actually sign in to the mobile app after I have added it with a QR Code.

Any help would be greatly appreciated.

Hi @Hein,

It seems that the iOS app received an unexpected response, different from the one provided by reed5.
Are you able to retrieve the error log from the server? It may contain more details of the error.
Could you also share some server details, such as the version, installation type (no private details, please), and whether any 2FA is enabled?

Hi. I managed to fix this. It was incorrect perrmissions to the JWT Token files. I just recreated them

Perfect,
thank you for this information!