Service Account Token: Error resolving secret, reference has invalid format

sape

Dear community and 1Password support.
I'm trying to use "op" for storing complete .env files for my project so that this can be used in my apps and environments.

So far this is properly working from the command line (powershell)

here the context:

$Env:OP_SERVICE_ACCOUNT_TOKEN=***
op item get the-item-name  --vault "the - vault - name ( includes parenthesis )"  --format json
{
  "id": "sw2*****dba",
  "title": "the-item-name",
  "version": 1,
  "vault": {
    "id": "gzh*****qni",
    "name": "the - vault - name ( includes parenthesis )"
  },
  "category": "DOCUMENT",
  "last_edited_by": "ZWK*****P2Y",
  "created_at": "2024-06-07T11:04:51Z",
  "updated_at": "2024-06-07T11:04:52Z",
  "additional_information": "345 bytes",
  "fields": [
    {
      "id": "notesPlain",
      "type": "STRING",
      "purpose": "NOTES",
      "label": "notesPlain",
      "reference": "op://gzh*****qni/the-item-name/notesPlain"
    }
  ],
  "files": [
    {
      "id": "ofx*****fbe",
      "name": ".env",
      "size": 345,
      "content_path": "/v1/vaults/gzh*****qni/items/sw2*****dba/files/ofx*****fbe/content"
    }
  ]
}

Here the check that it works

And here the command which demonstrates I can get the content of the file:
Important to note, is that I can not use the "vault" name, just it's id (this might be due to the characters used in the name)

op read "op://gzh*****qni/sw2*****dba/.env"
VAR1="value1"
VAR2="value1"

op read "op://gzh*****qni/the-item-name/.env"
VAR1="value1"
VAR2="value1"

here the "challenge"

The problem is that when trying to perform the same kind of operation from typescript (by following the documentation shown here: https://github.com/1Password/onepassword-sdk-js I always get the same error (see code snippet and error below)

  const OP_VAULT_NAME= 'the - vault - name ( includes parenthesis )',
  const OP_VAULT_ID= 'gzh*****qni',
  const OP_ITEM_TITLE= 'the-item-name',
  const OP_ITEM_ID= 'sw2*****dba',
  const OP_ITEM_FILE= '.env'

  let client; // declare client 
  try {
    client = await createClient({
      auth: process.env.OP_SERVICE_ACCOUNT_TOKEN ?? '',
      integrationName: "My 1Password Integration",
      integrationVersion: "v1.0.0",
    });
    console.log(client);
  } catch (error) {
    console.error('Error creating 1password client:', error);
  }
  const envFileOPURL="op://"+OP_VAULT_ID+"/"+OP_ITEM_TITLE+"/"+OP_ITEM_FILE
  try {
    const secret = await client?.secrets.resolve(envFileOPURL); 
    console.log(secret);
  } catch (error) {
    console.error('Error resolving secret:', error);
  }
}

Current execution

calling createClient works fine
calling await client?.secrets.resolve always returns 'Error resolving secret: error resolving secret reference: secret reference has invalid format - must be "op:////[section/]field"'

Also tried with

const envFileOPURL="op://"+OP_VAULT_NAME+"/"+OP_ITEM_TITLE+"/"+OP_ITEM_FILE
const envFileOPURL="op://"+OP_VAULT_ID+"/"+OP_ITEM_ID+"/"+OP_ITEM_FILE

but I get always the same error.

Any hint from anyone ?
Thx

---

1Password Version: 2.21.0
Extension Version: Not Provided
OS Version: win 10
Browser: CLI

ag_tommy

@Sape

It might be best to have you email our support team. I'm open to leaving this post, here in the community, for further discussion.

If you'd like to the discuss this with the team please email us usingsupport+forum@1password.com. Be sure to use the email address tied to the account in question.

sape

Dear @ag_tommy ,
many thanks for the suggestion.
Has been done, so an e-mail has been sent
Kind regards

ag_tommy

Thank you.