So angry - Vivokey, Spark1 Spark2

I do note that we don’t offer the Vivokey API as a uptime-guaranteed service. it’s best effort.

Can you send me the ID of your service?

The only change we’ve made was to close vulnerabilities on redirect URLs, as yeka has said.

I will investigate in our backend and confirm what’s going on.

1 Like

That’s kind of the curse of implants: if they were ordinary products, people would understand and have measured reactions. But when the product gets under your skin and stuff don’t perform, it… gets under your skin :slight_smile: Things can becomes very personal and emotional.


I just assume nothing will work, and anything that does is a pleasant surprise… and I’m not surprised if it doesn’t

Might be a tad dark/bleak :sweat_smile:


I do that too. In fact, I always assume the worst so I’m never disappointed. Still, implants going tits up kind of get to me in a depressing sort of way for a little while, strangely enough.

1 Like

This is usually due to mismatch, particularly the protocol… so like is your application URI set up with http or https, and are you actually redirecting to http or https?

1 Like

This is the forum, not his own app. I’ve just tested it, and this html encoding is indeed the issue.

I can also reproduce the “permenent” bug now. But there are 2 workarounds now.


Just popping in to mention that I can also reproduce this bug. Even when logging in here, I have to scan the chip, wait for the failed request message, go back, scan the chip a second time, wait for that to fail, then navigate back to the original site and hit login for a third time. It’s obviously not the end of the world, but it’s caused me to not bother logging into this site with my spark 2 since It’ll take longer than just using my email/password

1 Like


I think we are pretty close to just scrapping the whole platform as-is and launching v2 instead.


Please tell me that dosnt include the chpiscan api :sweat_smile: only just got it working.

chipscanlib IS v2 ig

1 Like

Yeah chipscan is part of the v2 platform were working on.

1 Like

This is exactly what happens to me.

1 Like

Now I create a new domain, first install vivokey plugin wordpress, connect with the user and i have the same problem when I identifh to wordpress say
The client identifier (client_id) is missing or invalid

But the problem is when I try to identify myself in the vivokey forum, put login see qr, take my phone scan spark, read the qr and:

Redirect URI Error

The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).

And you might think it is a thing of the pc, of the browsers, because not when I try it from the same smartphone, with the smartphone browser this image comes out, instead within the application if I scan my spark I can enter see everything

99% sure just from the looks it’s the same bug as above.
If you need to login use my workaround above to remove the html entities from the url that gives the error.
Except for that we can just wait… the page is broken.

The phone thing can be explained, I guess it’s the app which just shows a different error for the same thing.


@amal I found the possible error… is in url of vivokey api

see this url

when i update & to & its worked for me

and it was like this


Something is wrong with the code. Could it be a mistyped credentials or something? Maybe if you reset the vivokey, it might work

As @yeka has noted, this 100% seems to be an issue with the URL being constructed improperly causing the & symbol to be encoded as a “URL safe” html entity.

I’m not really familiar yet with the Spark ecosystem, where/how is the url being produced?


Does this help?

Yes it’s a VK bug, look above for a workaround.

Heck, I’ll try to make a tampermonkey script for it today. At least it feels fixed then.

1 Like

Automated Workaround

Tested once with the forum login so, yeah no 100% guarantee.
You can google how to install a tampermonkey script in your browser.

// ==UserScript==
// @name         VK Workaround
// @namespace
// @version      0.1
// @description  fix the vivokey login
// @author       you
// @match*
// @icon
// @grant        none
// ==/UserScript==

(function() {
    'use strict';
    if (/&/.test(location)) {
        location = location.toString().replaceAll("&","&")

This runs on the error page and then fixes it, kinda whack.
You have to live with seeing this error for a second before it logs you in.