Apple Watch will not prompt for auth

[TougeAI]

I had to full reset (erase content and settings) my Apple Watch about a week ago, and ever since then secretive will not prompt it for authorisation.

• I can auto-unlock my Mac with the watch
• I can recieve a prompt for authorisation from other apps (1Password & Safari Passwords)

I have to use either Touch ID or type the password (which work absolutely fine but I use clamshell often and this is what the watch is great for).

Things I've tried:

• Toggled "Use Apple Watch" under Touch ID & Password
• Killed the agent
• Help -> Setup secretive steps again
• Deleted all the hidden keychain AutoUnlock items
• Restarted the Mac (with use watch toggled on/off, between all combos of the above...)

Nothing is allowing secretive to prompt when prior to this, on the exact same systems/builds, it was working fine.

M1 Air (Sonoma 14.4.1 23E224)
Series 7 (WatchOS 10.4 21T216)

[TougeAI]

Just to confirm this issue has persisted through the upgrades to Sonoma 14.5 and WatchOS 10.5 that were pushed out earlier this week. I was hoping OS upgrades might fix something in the background but sadly not. Not even sure where to begin debugging this one.

[maxgoedjen]

Unfortunately you've done most of the debugging things I'd recommend already.

Does the Apple Watch stuff work on any other apps that have permission prompts like this?

[TougeAI]

In the limited apps I have exposure to they do prompt again after the reset. 1Password will when unlocking, and although I don't use it, Safari will prompt when I enter the passwords settings menu. I'm willing to try other apps too but I don't know any more that use this feature of the Apple Watch.

[maxgoedjen]

Okay two more ideas:

• Authorize access to a secret, then, in the notification, select the "leave unlocked for 5 minutes" item – you should be re-prompted for auth, does that prompt work with Touch ID (this will tell us if it's keychain-related or just any auth prompts from Secretive are affected, since that prompt does not interact with the keychain directly).
• Create a new secret that requires auth and attempt to authorize with that (this will tell us if it's only existing keychain entries that are affected, or any entries created by Secretive).

[TougeAI]

• Authorize access to a secret, then, in the notification, select the "leave unlocked for 5 minutes" item – you should be re-prompted for auth, does that prompt work with Touch ID (this will tell us if it's keychain-related or just any auth prompts from Secretive are affected, since that prompt does not interact with the keychain directly).

Can confirm this 2nd prompt works with Touch ID.

• Create a new secret that requires auth and attempt to authorize with that (this will tell us if it's only existing keychain entries that are affected, or any entries created by Secretive).

Same as the existing key behaviour, works via Touch ID but no watch prompt.

EDIT: When cleaning up this test key I created and switching the ssh config back to use my existing key, I was prompted for auth on the watch!! It's working fine again now 🥳

[maxgoedjen]

Very weird. Glad it's working again fro you now though!