Cannot sign in using passkey

liblit · May 25, 2026, 9:18pm

I am able to sign into this forum using my password with two-factor authentication. However, I cannot sign in using a passkey:

An error occurred: A security key with the provided credential ID could not be found.

The same error occurs using

Safari + macOS
Chrome + macOS
Safari + iOS

In all cases, the passkey is managed using 1Password. I’m surprised by this failure: 1Password passkeys have been extremely reliable everywhere else I’ve used them.

I’ve already tried removing and re-adding the passkey. No luck.

SmartHomeSellout · May 26, 2026, 5:59pm

**Thanks for your post Ben - I used claude to look through the logs on the forums and this is what it says:

liblit’s server-side passkey count is zero:**

"user_passkeys": []
"second_factor_enabled": true
"second_factor_backup_enabled": true  (10 backup codes remaining)

So whatever 1Password is offering for forum.apolloautomation.com, the Discourse server simply has no record of it. The error message (“credential ID could not be found”) is literally accurate — there’s nothing to match against. The Logster error log only shows topic-creation deprecation warnings from his post, no WebAuthn exceptions, which means it’s not crashing on lookup; it’s just failing the auth assertion cleanly.

What this implies:

His original passkey registration never actually persisted to the server. 1Password saved its half, the Discourse side didn’t.
The “remove and re-add” attempts kept producing the same outcome — 1Password gets a new credential each time, the server still saves nothing.
His TOTP 2FA + backup codes are healthy, so he’s not locked out, just stuck on the passkey flow.

Why registration might have silently failed: Safari/iOS WebKit + 1Password sometimes finalize the credential client-side before the server’s complete_passkey_creation POST returns, especially if the secure session timed out mid-flow. The user sees a “passkey added” toast from 1Password while Discourse never received the success.

Suggested reply for him:

In 1Password, search forum.apolloautomation.com and delete every passkey entry (there may be multiple).
Log in with password + TOTP (you’ve confirmed those still work).
Go to Preferences → Security → Passkeys → Add passkey, complete the flow.
Refresh that page and confirm a passkey is now listed. If the list is still empty after a successful-looking 1Password prompt, registration is silently failing — switch to iCloud Keychain or a Chrome-managed passkey instead, since the issue is between 1Password’s Safari extension and the Discourse registration callback.

liblit · May 28, 2026, 6:51pm

Done. The Preferences → Security page shows one passkey, with the name I gave it when re-adding it in step 3. Furthermore, I have successfully logged out, then logged back in using this passkey.

Weird! I am confident that I tried removing and re-adding the passkey multiple times before. Ah well, the problem is no longer present. Good enough for me. Thanks!

Justin_Apollo · June 2, 2026, 3:47pm

Thanks for troubleshooting this with us!

SmartHomeSellout · June 2, 2026, 4:08pm

Thanks for following up and sharing what you had to do to get it working properly we appreciate it.