API Endpoint - Encryption

Hi,

By default the the API endpoint is not encrypting traffic and thus anyone that follows the guides and examples you publish, will have their passwords send over plain text when accessing the API. Suggestion: document that fact. Like, in bold.

Secondly: I assume all API clients provided by 1Password (Kube, Golang, Python, Terraform, ...) support accessing the API over https?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • James_1PJames_1P

    Team Member

    Hi,

    Thanks for highlighting that we weren't calling out that customers should be using a TLS gateway in front of the API if making it public. In addition the 1.2.0 release includes support for enabling TLS at the container level and we will be publishing documentation on that soon.

    Secondly: I assume all API clients provided by 1Password (Kube, Golang, Python, Terraform, ...) support accessing the API over https?

    Yes! All of our clients will interact properly over an https connection (Assuming that the client environment as the proper CA configuration to trust the API cert.)

  • Hi James,

    Thanks, I tested it with a straightforward Ingress + LE cert and it worked all as expected.

  • James_1PJames_1P

    Team Member

    Thanks for the update!

  • Hi,

    Is there an update to when you will be publishing documentation for enabling TLS at the container level? Would this be instead of a TLS-secured API gateway?

    Thanks,

  • James_1PJames_1P

    Team Member

    HI 1PBusinessUser,

    The documentation is being worked on presently, but the feature technically went live with the 1.2.0 release. Depending on your infrastructure and deployment preferences this can be an alternative to a TLS terminating Gateway.

    I gave a preview tl;dr of using TLS at the container level in this thread

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file