Internal Server Error on Docker Image version 1.2.0

When calling DELETE on the latest version of the connect-api, I get the error: Unable to delete item aqs7f6ago7qf3ujsmdix546rgm: Permission: (101) You do not have permission to perform this action

Even though my access token has full read and write access.

Full logs:

op-connect-api_1   | {"log_message":"(I) DELETE /v1/vaults/5ve5wfpdu2kxxhj2jdozmes5re/items/aqs7f6ago7qf3ujsmdix546rgm","timestamp":"2021-05-24T16:20:01.668397745Z","level":3,"scope":{"request_id":"4dab5757-a7f9-4483-a71c-741c97cad0b6"}}
op-connect-api_1   | {"log_message":"(E) Unable to delete item aqs7f6ago7qf3ujsmdix546rgm: Permission: (101) You do not have permission to perform this action","timestamp":"2021-05-24T16:20:01.972315271Z","level":1,"scope":{"request_id":"4dab5757-a7f9-4483-a71c-741c97cad0b6","jti":"olcl7m5ujgh57cokvwzw2icjvy"}}
op-connect-api_1   | {"log_message":"(I) DELETE /v1/vaults/5ve5wfpdu2kxxhj2jdozmes5re/items/aqs7f6ago7qf3ujsmdix546rgm completed (500: Internal Server Error)","timestamp":"2021-05-24T16:20:01.972505127Z","level":3,"scope":{"request_id":"4dab5757-a7f9-4483-a71c-741c97cad0b6","jti":"olcl7m5ujgh57cokvwzw2icjvy"}}

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided


  • David_agDavid_ag

    Team Member
    edited May 25


    We recently rolled out some changes to how 1Password handles deleting items, which you can read about here:

    These changes also impacted how Connect deletes items from vaults. Fortunately, fixing the issue doesn't require any destructive actions:

    Via CLI
    You can use the 1Password CLI to grant Read/Write/Delete permissions to the server. Use the op add connect server <service_account_id> <vault_id> command (docs).

    There is no fine-grained access control via the CLI at this time, so if you did not intend for the server to have "Read" access, you will need to remove it through the web interface.

    You can do this by logging in the 1Password Web UI and navigating to Integrations, selecting your Connect server, then editing vault access on the details page.

    Via Web UI
    We have a fix queued up that ensures new Connect servers will have the correct "Delete" permissions, if granted. You will also be able to add the Delete permission using the instructions I provided above for adjusting your server's access.

    I appreciate your report and your patience while we get a fix out the door!

  • Thanks for the explanation @David_ag. I will wait for the web UI update to add the new Delete permission. Appreciate the help!

  • David_agDavid_ag

    Team Member

    Following up to let you know the UI changes are now live and you should be able to add the Archive Items & Delete Items permissions. Let us know if there are any further issues :smile:

  • Thanks for the update! I was able to add the permission and delete is now working again :chuffed:

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file