what does the op cli session token grant access to?

G'day. I'm evaluating if I can safely use the op cli to access secrets on a system that is not fully under my control. The main sticking point is that command line arguments and environment variables are visible to more or less anyone who asks nicely. So, passing the session token on the command line, or as an environment variable, means I need to assume it can be leaked.

Which brings me to my question: what does that token grant access to? I get the impression that it would allow anyone holding the token to download the encrypted vault file, but nothing more. I'd like, of course, to confirm that. Please correct anything I have wrong here about holding the op(1) session token, but no other information:

  1. does allow access to the encrypted vault file, presumably in OPVault format
  2. does not allow decryption of that vault data
  3. does not allow listing account names or other details from the vault
  4. is not equivalent to the account secret key
  5. is not equivalent to the master password
  6. is not equivalent to a TOTP 2-fac token
  7. is equivalent to capturing memory of the op(1) caching daemon, if used

Is that all correct? Is there anything I missed to be aware of?

The specific "threat model" here is that the company capture some information about all processes executed, as part of defending against internal and external attackers, especially APT attackers and "zero day" malware. That can include environment variables and command line arguments – so would potentially leak my session token.

What I'm not trying to prevent is the "insider risk" of someone being able to read keyboard input, process output, or process memory holding the decrypted passwords. I simply want to understand what the risk of a leaked session token is, so I can factor that into the overall picture of risk here. :)

note: I gave the platform below, but this is also applicable to the CLI on windows and linux, if I want to run them there, I'd assume. :)

1Password Version: op 1.8.0
Extension Version: Not Provided
OS Version: macOS 10.15.7
Sync Type: 1password account


  • laugherlaugher
    edited November 24

    I'm also interested in this and other risks/concerns I have about the CLI. The whole concept of a CLI having access to our master password database is all very atypical for AgileBits.

    When I first heard about CLI, here were my first impressions;

    1. One can now potentially more easily script their way to access our master password database
    2. One has a new vector to steal or bruteforce their way into our master password database
    3. Its been awhile but I was vaguely aware that some CLI shells saves ALL user input. i.e. even what you might type in a child process. This leaves our master password database vulnerable.

    I for one hope this is not standard issue with the 1Password for Mac/Windows package. If it is, I would like AgileBits to immediately decouple the 1Password CLI from any of my current GUI installations.

    With thanks and lots of concern...

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file