Cross-device passkeys broken

p666
p666
Community Member
in iOS

I'm unable to sign into my AWS account as cross-device passkey (via QR) doesn't work.
Here's breakdown of what happens:

  • use console.aws.amazon.com (in Safari, Chrome or Firefox) to sign into root account
  • supply email address manually or via extension (doesn't make a difference)
  • get QR prompt to use iOS (iPhone 15 Pro Max, iPad Pro 13 - doesn't make a difference)
  • choose 1Password as passkey provider when prompted
  • 1Password window pops up but displays a spinner and "Loading...". Never completes.

Happens on different networks, different device combinations. After 1password reinstall.

Comments

  • Dave_1P
    Dave_1P
    edited October 31

    Hello @p666! 👋

    I'm sorry that you're unable to sign into AWS using a passkey. So that I can better understand the situation can you tell me the following:

    1. Are you trying to sign into AWS on a Mac? Or on a different type of device?
    2. Are you able to sign into a different website on your Mac by scanning a QR code using your iPhone? For example, can you sign in to this test website: WebAuthn.io
    3. If you install 1Password in the browser on your Mac, can you sign in to AWS using a passkey with the browser extension: Save and sign in with passkeys in your browser

    I look forward to hearing from you.

    -Dave

  • p666
    p666
    Community Member

    Hello,

    1. Are you trying to sign into AWS on a Mac? Or on a different type of device?

    Yes, on a Mac. Safari 17.6 on Sonoma 14.6.1 with 1password extension @ 8.10.48.25

    1. Are you able to sign into a different website on your Mac by scanning a QR code using your iPhone? For example, can you sign in to this test website: WebAuthn.io

    Yes, I am able to. I log into PayPal quite frequently using cross-device flow.

    1. If you install 1Password in the browser on your Mac, can you sign in to AWS using a passkey with the browser extension: Save and sign in with passkeys in your browser

    No, extension is available and doesn't prompt with passkey as some other sites do. Seems like AWS enforces cross-device. As mentioned in another thread here.

  • Dave_1P
    Dave_1P
    edited November 6

    @p666

    Thanks for the reply. It looks like you're running into a known issue that we've recently opened an internal work item for with our development team. Can you answer two more questions so that I can verify that you're running into this issue:

    1. Did you save the passkey for multi-factor authentication (MFA) for AWS?
    2. Do you have the 1Password extension installed in Firefox on your Mac? If you do then do you see the 1Password prompt appear when AWS asks for your passkey in Firefox (not Safari):

    image

    -Dave

    ref: dev/core/core#24307
    ref: dev/core/core#33848