Add users/vault management to API?

Apologies if this isn't the right forum to ask this in.

Are there any plans to document the API for user and vault management? We'd like to manage our 1Password users and their vault access with Terraform. This functionality is not currently exposed in the Connect API. Terraform providers are packaged as compiled Golang executables, and so it'd be good to be able to call the right API endpoints in native Golang code, because the alternative (recommended) approach of managing users and vaults with the 1Password CLI would involve embedding the CLI executable as a string in the Terraform provider, then writing it to disk and executing at runtime. That seems like a generally filthy idea!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided


  • Hi @DanielJonesEB,

    You're definitely in the right place to ask these kinds of questions :smile:

    This is great feedback, thanks! I have logged so we can investigate the idea further.

  • postnl
    Community Member

    +1 for me on this one. Also, from a security perspective I would like to suggest a public API. That way we don't have to think about things as setting up a TLS gateway and ither security stuff.

    Especially when using the API for on- and offboarding teammembers and guests/clients. It would be awesome to interact with Zapier or Integromat/Make with building a system I have to maintain myself.

  • Hey!

    Thanks for chipping in here. We are always looking into ways to making our products more easy to use. Creating a truly public API will be a challenge because of all encryption involved in managing users on 1Password. However, we are looking for ways to make our CLI more usable for these purposes.

  • cgduzan
    Community Member

    +1 for being able to create/manage guest accounts. Even if it's from the CLI. So far, I haven't been able to find a tool that can do that.

  • That's another good suggestion, @cgduzan! I can make a guess, but would you mind explaining your use-case for creating guest accounts?

  • cgduzan
    Community Member

    Yeah, @Joris_1P

    We have users that we invite to 1Password that are not actually a part of our organization, so we want to limit their vault usage to just 1 specific vault we assign to them. We can do this manually, but it's getting to the point where we would like to automate this process.

    Using the CLI tool, we have already figured out the process of confirming users, creating a vault, and assigning existing users. Creating a guest user is the last step in the process where we are still performing it manually.

  • Thank you for those extra details! I have added them to the feature request.

  • cgduzan
    Community Member

    Thank you!

  • DaveBryg
    Community Member

    Hi guys,

    Any progress on the guest management using 1pass CLI?

  • Hi @DaveBryg, we have a number of initiatives on the go right now but unfortunately this is not something we have worked towards yet.

This discussion has been closed.