bitwarden
Cannot create Passkey on PayPal Mobile Android App (or use existing passkey) through Bitwarden ("asset links" error)
Production Build
- [X] I'm using the legacy Bitwarden app pubicly available in App Store / Play Store and I'm aware that Bitwarden Beta bugs should be reported in bitwarden/android or bitwarden/ios
Steps To Reproduce
Create key in browser and then use in mobile app use case:
- Set up PayPal passkey on bitwarden through Chrome Android (web site)
- Try logging into the PayPal web site using the passkey - confirm that it works
- Try logging into PayPal Android app - verify that it fails with the "asset link" error
Create key in mobile app use case:
- Login to Bitwarden (from Play Store, not beta), enable Bitwarden as Passkey provider in the system
- Login to PayPal app (from Play Store)
- Go into PayPal profile settings and "Create Passkey"
- Choose to create the passkey in Bitwarden
Expected Result
The passkey is created or able to be used successfully
Actual Result
"asset link" error
Screenshots or Videos
No response
Additional Context
In the use case where we create key in browser in bitwarden that same key created on an Android phone is able to be used to sign into the iOS version of PayPal app
Operating System
Android
Operating System Version
14
Device
Galaxy S24 Ultra
Build Version
2024.7.1
Could be related to this issue:
- https://github.com/keepassxreboot/keepassxc/issues/10374#issuecomment-1988608406
- https://github.com/keepassxreboot/keepassxc/issues/10374#issuecomment-1987357153
Set up PayPal passkey on bitwarden through Chrome Android (web site)
Hey @raywdude, did you need to do anything special for that? If I try to setup the passkey in Chrome, it fails with an unspecified error 🤔
Other than that I face the exact same issue using the PayPal app.
Thank you for taking the time to report this issue. I appreciate you bringing it to our attention.
I've investigated the problem and found that the assetlinks.json file hosted by PayPal doesn't include all the necessary relation entries required for proper functionality within our app.
Specifically, according to the official Android implementation documentation, both delegate/common.handle_all_urls and delegate/common.get_login_creds relations are needed. The assetlinks.json file from PayPal currently only includes delegate/common.handle_all_urls and is missing delegate/common.get_login_creds. This requirement is also confirmed in this issue on Google's Issue Tracker https://issuetracker.google.com/issues/301944900#comment3.
This means that our Android app is behaving as expected, given the current configuration of PayPal's assetlinks.json file. Unfortunately, this isn't something we can directly resolve on our end.
While I understand this might not be the solution you were hoping for, you can contact PayPal's support team and let them know that their assetlinks.json is missing the delegate/common.get_login_creds relation. This is necessary to enable full functionality with apps utilizing Android's Credential Manager.
I'll be closing this issue for now, but please feel free to comment if you have any further questions or if there are updates on the PayPal side.
As of now, I could sadly not convince any PayPal support employee to actually send this issue to a developer. They always just refer to their help page and state that I should just follow the steps listed there.
Nevertheless, thanks for the update!
I stumbled across the same and opened a new PayPal Supportrequest. The issue is not in the App directly, but in the asset links is hosted on the internet site: assetlinks.json
Let's see whether the PayPal support can actually solve it 🤔
Duplicate of https://github.com/bitwarden/android/issues/4733. Resolved with https://github.com/bitwarden/android/pull/4804 and will be in our next release.
Friendly reminder that this repository has been archived. You can open tickets for the Android client in the new Android repository. https://github.com/bitwarden/android