Kategorien

#186 Passkey issues set up and working with ES

Veröffentlicht in ‘EasySocial’

Dies ist ein öffentliches Ticket

Jeder wird den Inhalt sehen können. Gib keine Benutzernamen, Passwörter oder andere sensible Informationen an.

Letzter Eintrag von ssnobben am Samstag, 14. März 2026 11:30 UTC

Freitag, 06. März 2026 10:43 UTC

ssnobben

The use of Passkey with ES doesnt work and its important for users of any site to log in easy and quick.

You can set up Passkey but then you cant login to the site you get error trying after reset cache using other browser Chrome as example "Invalid passwordless login request. Something is broken or this is an attempt to hack the site." Joomla 6.0.3 php 8.4.18

System - Passkey (Passwordless) Login - enabled

Multi-factor Authentication - Passkeys - enabled ( maybe this doesnt work with ES with Passkey enabled? )

After you have enabled this passkey you try to login with your user id and password you come to this page /index.php?option=com_easysocial&view=profile&layout=mfa where you can validate your passkey and after that you are logged in. :

"Multi-factor Authentication – Passkey

Use the “Validate with your passkey” button on this page to start the Web Authentication process. Then please follow the instructions given to you by your browser to complete Web Authentication with your preferred passkey.

Select a different method" But then again if you try to login front end as normal user with your user name and then the passkey it doesnt work. So seems some issue with ES settings with Passkey and Joomla authentication there. ** Would be great if tested by others and Pascal investigate when time check this work as expected.. Cheers!

Freitag, 06. März 2026 15:57 UTC

CreativeGraphics Support

Dear Stephan

I have tested it on your site and cannot see any inconsistencies or errors with the passkey login procedure.

Are you sure you try to login with a user who has a valid passkey?

Freitag, 06. März 2026 18:31 UTC

ssnobben

Hi Pascal,

you have to do this in the frontend with EasySocial not in backend with Joomla as I said "The use of Passkey with ES doesnt work". It works as it should if you use Joomla and add it in the backend yes but not for a EasySocial user setting up this on frontend. I can also as admin super user login there with Passkey working...

But it doesnt work for a front end EasySocial user and the links I gave you above. Give error for user that updated his credentials Passkey from ES before there and get this message when trying to login "Invalid passwordless login request. Something is broken or this is an attempt to hack the site." Dont know if this relate to Admin Tools pro or some other settings though.. hmmm

Freitag, 06. März 2026 18:36 UTC

CreativeGraphics Support

OK, I will retest.

Freitag, 06. März 2026 19:06 UTC

CreativeGraphics Support

I retested with the changed setting on our testhost → everything works without errors (frontend-creation and -login with passkey)

I retested on your host → I get an "error" without real error-message or easily discoverable issue in the console... and login is not working.

I need some time to find the issue, something seems to block, but I don't know yet, what 😒

Sonntag, 08. März 2026 20:43 UTC

ssnobben

Ok thks for testing some issues there with the ES passkey working hmmm if you do the changes in backend it works but not in frontend from ES Multifactor settings there..

Montag, 09. März 2026 08:01 UTC

CreativeGraphics Support

Dear Stephan

Most probably, this is a misunderstanding of the Joomla MFA system.

The MFA Passkey and the Passkey Login are different systems with different credential stores and challenges.

	MFA Passkey	Passkey Login
If active	After password	instead of password
Where registered	MFA tab	Passkey login-tab
Credential table	#__user_mfa	#__webauthn_credentials
If used "wrong"	"Invalid passwordless login request."	—

Users should not take the MFA Passkey for a "passwordless" login, as it is meant to be the second method (challenge) after having entered the first credentials (username/password).

If you want your users to be able to login without password, this is achievable throught the Passkey Login in Joomla, which works perfectly on your site.

This is not an EasySocial related "issue" whatsoever, as ES does not change this methodology nor does it avoid login with Passkey Login.

The error message "Invalid passwordless login request. ..." comes from the Joomla plugin itself, the key is PLG_SYSTEM_WEBAUTHN_ERR_CREATE_INVALID_LOGIN_REQUEST (admin).

I don't see any issue on ES side. I hope to have helped you with this info.

Have a nice day. Best regards,
Pascal

Bearbeitet durch CreativeGraphics Support am 09.03.2026 08:02 UTC

Samstag, 14. März 2026 11:30 UTC

ssnobben

Everything fixed and working

closing