1Password on Mastodon

Am I correct in the understanding that Secrets Automation sends information in the clear?

Community Member

I was setting up and messing around with my Connect Server, and I noticed this in the documentation

By default, 1Password Connect Server is configured for use within a trusted network. It's possible to enable TLS for the connection between your application and Connect.

So, is it correct to say, unless you configure TLS or LetsEncrypt, it is sending data in the clear by default?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided


  • SpiceyRiceySpiceyRicey
    Community Member

    I wanted to specify, I'm curious specifically about the communication of the rest API from the connect server to the application. Am I correct in understanding that without TLS configured, its sending the data in the clear from the connect server to the application?

  • Jack.P_1PJack.P_1P

    Team Member

    Hi @SpiceyRicey:

    Great question. Yes, that's correct. Communication between your 1Password Connect server and the 1Password service itself is protected by our regular protections, but communication between API clients and the Connect server itself would only be encrypted by TLS if configured and if TLS is not in use, data would be transmitted in the clear.


  • SpiceyRiceySpiceyRicey
    Community Member


    Awesome, I appreciate it. I'm trying to have a zero trust environment and wanted to make sure I had all my bases covered 😊

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file