rbw sync: failed to sync database from server: failed to parse JSON: .: missing field `access_token`

[tyilo]

When I run rbw sync I get the following error:

rbw sync: failed to sync database from server: failed to parse JSON: .: missing field `access_token` at line 1 column 25: missing field `access_token` at line 1 column 25

[jedahan]

I get the same issue

[Kiwi]

I got a different error message on 0.5.0 (I think it was the same error but worded differently) and noticed I had an older version and upgraded to 0.5.2 and now I get this error. Not sure how to help other than to say I'm on NixOS (nixos-unstable) which may or may not be relevant. (sometimes it is...)

$ nixos-version
21.03.git.453c116254a (Okapi)

[doy]

i can't reproduce this either on bitwarden.com or on my personal bitwarden-rs instance. can you give more information about the server you're using?

[Kiwi]

bitwarden.com

[Kiwi]

I tried it on a computer I didn't have rbw/bw/bitwarden on already and it worked.

I got it to work on the other one. I'm not sure which of these steps were necessary...

# logged out of bitwarden desktop. 
rbw stop-agent
rbw purge
rm .config/rbw/config.json
# made sure no bw/rbw/bitwarden processes were running. 
rbw config set <email>
rbw login

and now it works works I think

[tyilo]

I can confirm that just running rbw purge fixed it.

[hoshsadiq]

Same issue, purge worked for me as well.

[jedahan]

I wonder if this particular error can be caught in the code, and maybe mv file-to-be-purged file-to-be-purged.backup as a low-invasive solution.

[rjc]

It just happened to me. The last thing I did was to add a new entry with TOTP code (with spaces in it) via the official web browser add-on. Not sure whether this is at all related but can't recall what was the one before that. I can confirm that running rbw purge on its own, with rbw sync afterwards, fixed it for me.

[mpgarate]

I get this issue every few months and need to run rbw purge to resolve.

[mpgarate]

The workaround stopped working for me on macos 11.6.2.

$ uname; rbw --version
Darwin
rbw 1.4.1

$ rbw purge

$ rbw login
rbw login: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1

$ rbw purge

$ rbw sync
rbw sync: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1

$ rbw purge

$ rbw register
rbw register: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1

[mpgarate]

I resolved this by rotating my encryption key.

[Witcher01]

I've had this issue before, too, but a simple upgrade of the rbw package fixed it for me (twice, iirc). Although I can't say which version of rbw this was.

I'm running Arch Linux and I'm using the AUR package rbw-git.

[Witcher01]

Small update on my end: I'm getting this now, too, both when using the community package rbw and the aur package rbw-git. @doy Since you flagged this as "can't reproduce" I'll gladly supply you with anything I can to resolve this issue should it be needed.

Alternatively, although unlikely, with some guidance I might be able to fix this myself if time allows it.

[Witcher01]

Looking into it, the issue stems from these lines in src/api.rs: https://github.com/doy/rbw/blob/1e56f733275cdd1406a4d796d17dbcbf48432a66/src/api.rs#L1076-L1081

Enabling debug output with RUST_LOG=debug yields the following:

[2022-03-30T18:45:48Z DEBUG rbw_agent::sock] listening on socket /run/user/1000/rbw/socket
[2022-03-30T18:45:54Z DEBUG reqwest::connect] starting new connection: https://api.bitwarden.com/
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] No cached session for DnsName(DnsName(DnsName("api.bitwarden.com")))
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Not resuming any session
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Using ciphersuite Tls13(Tls13CipherSuite { suite: TLS13_AES_256_GCM_SHA384, bulk: Aes256Gcm })
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Not resuming
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Protocols([PayloadU8([104, 50])])]
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG reqwest::async_impl::client] response '401 Unauthorized' for https://api.bitwarden.com/sync
[2022-03-30T18:45:54Z DEBUG rustls::conn] Sending warning alert CloseNotify
[2022-03-30T18:45:54Z DEBUG reqwest::connect] starting new connection: https://identity.bitwarden.com/
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] No cached session for DnsName(DnsName(DnsName("identity.bitwarden.com")))
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Not resuming any session
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Using ciphersuite Tls13(Tls13CipherSuite { suite: TLS13_AES_256_GCM_SHA384, bulk: Aes256Gcm })
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Not resuming
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Protocols([PayloadU8([104, 50])])]
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:55Z DEBUG reqwest::async_impl::client] response '400 Bad Request' for https://identity.bitwarden.com/connect/token
[2022-03-30T18:45:55Z DEBUG rustls::conn] Sending warning alert CloseNotify

I'm afraid I can't look further into this myself as I'm not familiar with the Bitwarden API and AFAIK there's no documentation for it.

Looking at the response headers, I see two that might be problematic:

"x-cf-is-bot": "1",
"x-cf-maybe-bot": "1",

These reminded me of the "Usage" section in the README.md: https://github.com/doy/rbw/blob/1e56f733275cdd1406a4d796d17dbcbf48432a66/README.md?plain=1#L87-L93

Running rbw register again didn't change anything. Is this an issue with the official Bitwarden server and the Cloudflare gateway?
@doy Maybe you're not able to reproduce this issue because you're running your own Bitwarden instance?

I hope this information helps so this issue can be fixed soon as I'm unable to sync my database at all for the time being.
Feel free to keep me updated on any progress with this, I'd love to lend a helping hand wherever I can!

[Witcher01]

As there wasn't a response in quite some time, I decided to try rotating the encryption key like @mpgarate said and that worked fine.

[nilesh-akhade]

I faced this issue today. Added steps I followed to reproduce.

• Added TOTP from bitwarden web vault on my free account and then ran rbw sync.
• I thought its because of the unsupported field access_token
• I deleted TOTP from web vault and re-ran rbw sync, but still the same issue
• Then I exported vault data as JSON to look for the access_token word. But there was no any

To resolve:

rbw purge
rbw sync

[ggustafsson]

I got the same issue today. I use bitwarden.com with TOTP. rbw purge + rbw sync resolved it for me too.

[ruuda]

I was logged in, but rwb sync returned this error. I tried the rbw purge, but now login no longer works. I tried rbw register as pointed out here but it did not change the output. When I run rbw login or rbw sync now, it prints

$ rbw login
rbw login: TODO

$ rbw sync
rbw sync: TODO

Setting RUST_LOG=debug does not change the output.

I think this is this TODO: https://github.com/doy/rbw/blob/1e56f733275cdd1406a4d796d17dbcbf48432a66/src/bin/rbw-agent/actions.rs#L175 it’s the only reference I could find, and it makes sense as I have 2FA enabled with Yubikey but no authenticator app. After adding an authenticator app as 2FA method, I am able to log in.

[ruuda]

After doing the steps above last week, if I now try to rbw sync, I again get the error

rbw sync: failed to sync database from server: failed to parse JSON: .: missing field `access_token` at line 1 column 25: missing field `access_token` at line 1 column 25

[Witcher01]

@ruuda If I remember correctly, this is because Bitwarden suspects you're a bot, so it doesn't give you access to the API. Rotating the encryption keys and registering with the servers again should solve your issue, like explained in a previous comment in this thread.

I can't help any more than that as I've first migrated to the desktop app again, and then password managers completely. The maintainer seems completely unresponsive to any attempt at making contact, too, so I wouldn't bet on getting help for other issues.

Good luck :)

[VPanteleev-S7]

I got the same error after increasing KDF iterations on vault.bitwarden.com.

rbw login does nothing and prints nothing. rbw sync prints:

rbw sync: failed to sync database from server: failed to parse JSON: missing field `access_token` at line 1 column 25

It only started working after I manually deleted ~/.cache/rbw/default:*.json and running rbw login.

[doy]

i'm still unable to reproduce this - i've never seen this error on either the official bitwarden site or on vaultwarden, even if i do things like change my kdf iterations setting. it's a bit hard to track down because i'm pretty hesitant to add more logging here - it would be pretty easy to accidentally end up with sensitive data in log files or things like that (based on the error message i do get, it is expecting the response to have a server access token in it, for example). if anyone who actually does run into this problem is able to dig into what is happening when it happens, that would be very helpful, because i don't really know how i can make progress otherwise.

[VPanteleev-S7]

I can't reproduce this with git master (was on 1.7.1). I did run into an "incorrect password" loop, which I also solved by deleting ~/.cache/rbw/default:*.json, however that also only happened once and I could not reproduce it later.

[PabloGarcia00]

I'm having the same issue right now. I have set up my .json config file with email but when I login it just doesn't recognize my password, even though I can login with same password in browser.

[vinylen]

I ran into this issue as well now after running rbw purge + rbw login and i am now unable to access my Bitwarden vault.

[ggustafsson]

I’ve encountered this many times before and I have up until now always been able to recover. As of last week login through rbw never works. Deleting local config + cache and rotating API keys does nothing, registration works fine but password is always refused.

Anyone else seeing this? Feels like something security related has changed upstream recently.