Assistance/Clarification re: 1Password CLI Authentication
We are attempting to configure 1Password CLI with a Service Account integration for the purposes of automating the rotation of passwords via our PAM solution. The documentation is a little unclear re: how we initially authenticate via CLI using the token that was issued with the Service Account we created (ex: SERVICEACCOUNTNAME).
Following the documentation, whenever we attempt to authenticate (Invoke-Expression $(.\op signin --account ourtenant.1password.com) it responds by requesting the password for my PERSONAL account.
1) Does the Service Account integration require an accompanying licensed User Account to authenticate first before it can be used, and if so, what is the purpose of the Service Account if I have to authenticate with a User first?
2) If a licensed User Account is NOT required, what is the syntax to tell the "op signin" command to use the Service Account Integration account instead of asking for my PERSONAL one?
3) Just to verify, we do not need the 1Password GUI app installed on the same machine for the 1Password CLI to function as well. Correct?
Any/all assistance would be greatly appreciated on this one. Thank you!
1Password Version: 8.x
Extension Version: 2.16.1
OS Version: Windows Server 2019
Browser: Not Provided
Comments
-
@1P_Amanda / @1P_Gem - I don't suppose either of you have any input on this one? Submitted a support ticket but haven't received any response. This has been holding up a large project of ours. I just need clarity re: using Service Account integrations. Documentation reads as though a licensed user account is required to make it work however if that's the case then I'm not sure what the point of the Service Account is to begin with. (And if that user account is NOT required, how does one authenticate with it?)
Any assistance / input you could provide would be graciously appreciated.
0